Tomcat7 bind to port 80 fails in Ubuntu 14.04LTS

Question

I\'ve got a problem with my tomcat7 installation on a newly updated Ubuntu system. Ever since the update to 14.04 LTS, tomcat refuses to start on port 80 with an error that I ca

Answer 1

Start tomcat services using authbind this will allow user to start ports less than 1024 we do not need to redirect or iptables.

apt-get install authbind -y

To install Authbind software

chmod -R 755 /etc/authbind

group should be user group.

chown -Rh root:group /etc/authbind

After that run the below commands

cd /etc/authbind/byuid

As an example lets imagne user id is 2000 you can use your user id number

echo '0.0.0.0/0:1,1023' > 2000

That file should be own by user and group.

chown : 2000

chmod 700 2000

Add the below line in tomcat startup file $CATALINA_BASE/startup.sh

export JAVA_OPTS="$JAVA_OPTS -Djava.net.preferIPv4Stack=true"

For Starting tomcat using Authbind service startup.sh

Comment the below line

#$CATALINA_HOME/bin/startup.sh

Add This End as the end of the file

AUTHBIND_COMMAND="/usr/bin/authbind --deep /bin/bash -c " 

$AUTHBIND_COMMAND $CATALINA_HOME/bin/startup.sh   

now you should be able to start tomcat services as user with less that 1024 ports.

Answer 2

Following works:

apt-get install authbind

First, set AUTHBIND=yes in /etc/default/tomcat7 file

sudo touch /etc/authbind/byport/80
sudo chmod 500 /etc/authbind/byport/80
sudo chown tomcat7 /etc/authbind/byport/80

There was a reference URL here, but the website has been hacked (marked as unsafe in Edge, and Chrome prompts me to install a browser extension).

Answer 3

I had the same problem. In the end, I used an iptables port redirect instead of the authpriv mechanism

i.e.

1) in /etc/default/tomcat7, set authpriv=no

2) in /etc/tomcat7/server.xml, use

<Connector port=8080...

rather than 80

3) ufw allow 8080/tcp

4) follow the instructions here: https://serverfault.com/questions/238563/can-i-use-ufw-to-setup-a-port-forward

The same can be done for port 443 (SSL) if necessary

Answer 4

Let the port 8080 by default in server.xml

Run : sudo /sbin/iptables -t nat -I PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080

EN This redirect traffic from port 80 to 8080 (default in tomcat) in Ubuntu 14.04 it is not possible to set the default port to 80 in server.xml.

FR (Ceci redirige le trafic du port 80 vers 8080 (Par défaut dans tomcat) dans Ubuntu 14.04 il n’est pas possible de mettre le port par défaut à 80 dans server.xml.)

To make this persistent: sudo apt-get install iptables-persistent

EN This package allows you to save iptables rules previously entered. Be sure to answer yes (save the current settings). FR Ce packet permet de sauvegarder les règles iptables entrées précédemment. Il faut répondre ou aux questions, (sauvegarder les paramètres actuels).