starting tomcat on port 80 on CentOS release 5.5 (Final)

The ports in the range 1-1023 are privileged. Only root is allowed to bind to them.

There is at least two ways to solve this:

• Run as root. You need to weight the extra security risks this infers, of course; both security holes in Tomcat itself (which I believe to be few) and those your web applications contains (which can for example lead to letting people read /etc/shadow as an example), against this being simple and straight-forward.

• Run as service with jsvc. See http://tomcat.apache.org/tomcat-5.5-doc/setup.html for details on jsvc. It is some extra hassle to setup, but root will only be involved in setting up the ports, Tomcat will then run as a user without special rights. I recommend this for any serious setup.

Regardless on what way you choose, the actual starting of Tomcat will need root privilegies.

///BR, JenEriC

Run Apache in front of Tomcat and connect all requests on Port 80 (Apache) to Tomcat on the AJP port (8009) using mod_rewrite.

yum install httpd
chkconfig httpd on
vi /etc/httpd/conf.d/proxy.conf

RewriteEngine On
RewriteRule ^/(.*)$ ajp://localhost:8009/$1 [P,QSA,L]

service httpd start

You're done.

You can change AUTHBIND property of "/etc/default/tomcat6" to "yes" as follows

AUTHBIND=yes

Restart your tomcat and that will enable you to use available privileged port (1-1023).