Chuck, >> Without some really nasty code, Tomcat is unable to do the same >> thing, so we're forced to do silly things like internal port >> forwarding, etc. > > Didn't realize that jsvc was considerd "really nasty", since I suspect > it's doing the exact same thing httpd is at startup.
I've never used jsvc. It took me a while, but I finally found documentation that jsvc actually allows privileged port numbers (http://tomcat.apache.org/tomcat-5.5-doc/setup.html, search for 'jsvc'). The documentation for jsvc itself does not indicate that it can do anything like that. Apparently, Tomcat supports a specialized interface for jsvc that allows for this kind of thing. So, I suppose the answer to this guy's question is, "why are you trying to fiddle with iptables when you could use jsvc?" Oh, and I retract my statement about using Apache httpd to front Tomcat. I still have other reasons ;) -chris
signature.asc
Description: OpenPGP digital signature
