08-11-2009
Quote:
Originally Posted by
Dyna
You can't but you can use e.g. sudo so that the user can start tomcat with a privileged port..
Umm, with respect, I'd recommend finding another solution. If you start your tomcat app as root, you grant it a
great deal more than just the port it wants. If there's a problem with the app, it's no longer a potential issue just for that app, but now for everything else on the server too.
If you
really have to have it on the ssl port, run it on a high port and put in an ssh port forward (or if you have solaris 10, a native port redirect).
Another option might be to use apache as your ssl webserver with the tomcat plugin to connect back via localhost to your tomcat application.
Another point to consider: What will you do if you want to host some other ssl app on this server?
10 More Discussions You Might Find Interesting
1. Cybersecurity
I need to set up an application to run in a script which will be running as a web server but is a database. I need to allow users to use the web server but the app must be run as root in order for the ports to be accessible. This is not a very secure environment would like to know how this could... (2 Replies)
Discussion started by: rpollard
2 Replies
2. UNIX for Advanced & Expert Users
Hi friends,
I am having ibm pseries615c3 server. previously i set privileged access password for the firmware. Now i forgot that password. Help me to reset or remove the firmware password from the server. Otherwise anyone plz help me how to change the default boot device in pseries servers. I... (8 Replies)
Discussion started by: muthulingaraja
8 Replies
3. HP-UX
Hi
I have been asked to find out how to
1) create users
2) reset passwords
3) kill processes that may require root privileges
without having root password, sudo rights or rights to passwd command
Any ideas?
Thanks in advance (1 Reply)
Discussion started by: emealogistics
1 Replies
4. Solaris
Dear
i have installed Solaris 10 on SUN V240
after installation i can not access system through root user
if i access system through any other user it conects but root is not connecting through LAN
if i connect through SC and then access root though cosole -f command it also works
kindly... (6 Replies)
Discussion started by: rizwan225
6 Replies
5. Shell Programming and Scripting
Hi,
I need to access a user's command history. However, the dilemma is that he is logged in and so his current history is not yet flushed to .bash_history file which gets flushed when he logs out. Is there a way I can still access his most recent history?
thank you,
S (4 Replies)
Discussion started by: sardare
4 Replies
6. UNIX for Dummies Questions & Answers
hi
i am new to unix and i have abig task. i have to \run particular commands having root privileges from a non root user. i know sudo is one of the way but i need sum other approach kindly help
Thanks (5 Replies)
Discussion started by: suryashikha
5 Replies
7. Linux
How to create a user account on a Linux desktop machine with restrictions on connecting to the LAN, WAN, PCMCIA ports, Firewire, CDROM and generally any user controllable output options?
I have the task to set up a machine for users working with sensitive data that should not be leaving the... (1 Reply)
Discussion started by: netfreighter
1 Replies
8. Shell Programming and Scripting
Currently in my system Red Hat is installed. And Many user connect to my machine via SSH Techia Terminal.
I want to give some users a root level access.
Can anyone please help me how to make it possible. I too searched on the Google but didn't find the correct way
Regards
ADI (4 Replies)
Discussion started by: adisky123
4 Replies
9. AIX
Hi,
I am trying to implement a service on AIX based on ONCRPC protocal and I want to use a RPC library called oncrpc4j because it is a non-blocked i/o library. I found it works fine on my work machine (WIndows 7) but failed on my AIX work station. The author of oncrpc4j told me that check that... (1 Reply)
Discussion started by: derekhsu
1 Replies
10. Solaris
Hello,
It is Solaris-10. There is a file as /opt/vpp/dom1.2/pdd/today_23. It is always generated by root, so owned by root only.
This file has to be deleted as part of application restart always and that is done by app_user and SA is always involved to do rm on that file.
Is it possible to give... (9 Replies)
Discussion started by: solaris_1977
9 Replies
LEARN ABOUT MOJAVE
net-server
NET-SERVER(1) User Contributed Perl Documentation NET-SERVER(1)
NAME
net-server - Base Net::Server starting module
SYNOPSIS
net-server [base type] [net server arguments]
net-server PreFork ipv '*'
net-server HTTP
net-server HTTP app foo.cgi
net-server HTTP app foo.cgi app /=bar.cgi
net-server HTTP port 8080 port 8443/ssl ipv '*' server_type PreFork --SSL_key_file=my.key --SSL_cert_file=my.crt access_log_file STDERR
DESCRIPTION
The net-server program gives a simple way to test out code and try port connection parameters. Though the running server can be robust
enough for full tim use, it is anticipated that this binary will just be used for basic testing of net-server ports, acting as a simple
echo server, or for running development scripts as CGI.
OPTIONS
"base type"
The very first argument may be a Net::Server flavor. This is given as shorthand for writing out server_type "ServerFlavor".
Additionally, this allows types such as HTTP and PSGI, which are not true Net::Server base types, to subclass other server types via an
additional server_type argument.
net-server PreFork
net-server HTTP # becomes a HTTP server in the Fork flavor
net-server HTTP server_type PreFork # preforking HTTP server
"port"
Port to bind upon. Default is 80 if running a HTTP server as root, 8080 if running a HTTP server as non-root, or 20203 otherwise.
Multiple value can be given for binding to multiple ports. All of the methods for specifying port attributes enumerated in Net::Server
and Net::Server::Proto are available here.
net-server port 20201
net-server port 20202
net-server port 20203/IPv6
"host"
Host to bind to. Default is *. Will bind to an IPv4 socket if an IPv4 address is given. Will bind to an IPv6 socket if an IPv6
address is given (requires installation of IO::Socket::INET6).
If a hostname is given and "ipv" is still set to 4, an IPv4 socket will be created. If a hostname is given and "ipv" is set to 6, an
IPv6 socket will be created. If a hostname is given and "ipv" is set to * (default), a lookup will be performed and any available IPv4
or IPv6 addresses will be bound. The "ipv" parameter can be set directly, or passed along in the port, or additionally can be passed
as part of the hostname.
net-server host localhost
net-server host localhost/IPv4
There are many more options available. Please see the Net::Server documentation.
AUTHOR
Paul Seamons <paul at seamons.com>
LICENSE
This package may be distributed under the terms of either the
GNU General Public License
or the
Perl Artistic License
perl v5.18.2 2012-06-12 NET-SERVER(1)