Hey Chris, I've pretty much concluded that the problem is that the machine in question is SELinux-enabled and that is cause of Tomcat's inability to access the 8080 port (even though I can see tomcat on the process list, a "netstat -a" indicates shows no entry for 8080).
My ultimate goal was to just run Tomcat 6 (with JDK 1.6) on this machine but I've given up on this particular machine for now. But I have some questions/comments: 1) Why not run Tomcat as root? We have Tomcat running as root on our current setup (Httpd 1.3.33, Tomcat 5.5, JDK 1.4), I presume Tomcat 6 (JDK 1.6) running by itself must be more secure than our current situation. Any comments? 2) My problem with jsvc is multiple: a) it involves a language so evil it can only be referred to in paraphrase: the letter between B and D. Have you actually read the instructions for it? "If you're using BSD, issue 'make foo' being sure to type only with your toes, if Linux, issue 'makeamess foo' with your nose as typing implement...." b) can't they even bother to link to the Jakarta-Whatever package that I must now download and lug around? I mean c'mon ;-[ c) really, if all this stuff is the "correct" way to run Tomcat on linux, why doesn't come as part of the distribution? 3) N/A 4) I really want to avoid the complexity of httpd (see 2.a) On Fri, Apr 10, 2009 at 1:27 PM, Christopher Schultz < ch...@christopherschultz.net> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Jonathan, > > On 4/9/2009 11:20 AM, Jonathan Mast wrote: > > ok, here is the plain vanilla, immaculate server.xml, straight from a > > fresh untarring of the tomcat 6 dist that i just re-installed, its still > > not working. > > I didn't realize you were using an unmodified configuration. My initial > reaction is that you'll have to modify the default configuration in > order to make it fit your needs. > > Here are the active connectors configured in the server.xml you posted: > > HTTP/1.1 connector on port 8080 > AJP/1.3 connector on port 8009 > > > I should say that apache httpd 2.0 is already running on this machine and > my > > www.mysite.com is reachable there, so I figured www.mysite.com:8080would > > take me to tomcat. Is that a correct assumption? IE. Should I be able to > by > > httpd by tacking :8080 onto the url? > > Yes, going to http://www.mysite.com:8080/ should contact Tomcat, as long > as your DNS resolution is working and there are no firewall issues. > > Tomcat may not start if something is already bound to port 8080, so you > should make sure that Tomcat is starting correctly. See catalina.out for > any messages to the contrary. catalina.out should be indicating which > connectors are started when Tomcat starts up. > > > If I kill apache httpd (I have no intention of using it going forward), > will > > updating server.xml with port 80 rather than port 8080 automagically get > > everything to work, or is there other stuff I need to do before Tomcat > will > > run as a standalone webserver? > > Running Tomcat on port 80 is problematic on *NIX systems unless you run > Tomcat as root, which is not advised. See > http://tomcat.apache.org/tomcat-6.0-doc/setup.html for some ideas for > how to bind Tomcat to port 80 on *NIX. (This page shows information on > jsvc). You can also use iptables to essentially do port-forwarding. > Basically, your options on Linux are: > > 1. Run Tomcat as root (bad idea) > 2. Use jsvc (you don't want to do this ... why?) > 3. Use iptables to forward ports > 4. Front Tomcat with something that can more easily bind to port 80 > (httpd, etc.) > > But to answer your question: yes, running on port 80 will preclude your > users from having to specify the port number in the URL. > > - -chris > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.9 (MingW32) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ > > iEYEARECAAYFAknfgW4ACgkQ9CaO5/Lv0PAE9QCdHBcwNoRMneWvLB8uYbA9r+Jd > X1sAni8Jkkzg6dXmxcdaa00QweaemJrS > =peWX > -----END PGP SIGNATURE----- > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
