I am have a working spring boot + tomcat8 embedded application that bind to ports 8080 (http) and 8888 (https). Now I am looking for a way to configure the application to run
a) on a privileged port i.e. port that is lower then 1024 i.e. port 80 and 443
b) the application should run under a non root user account.
c) the OS environment could be any Linux distro for example: debian/ubuntu or OpenBSD distro.
d) it is preferable for the solution to be configurable later on over the web interface i.e. some script.
All I found so far on the INTERNET was a manual to configure non embedded tomcat instance together with “authbind”. However I have an embedded tomcat. The man page of “authbind” says:
“ You must invoke the program using authbind. authbind will set up
some environment variables, including an LD_PRELOAD, which will allow
the program (including any subprocesses it may run) to bind to
low-numbered (<512) ports if the system is configured to allow this. “
I issued “ps – aux” and I got the user name under which the application is running.
I have configured the embedded tomcat to run on ports 80 and 443 the ports i.e. and issued the commands in the cli:
sudo touch /etc/authbind/byport/80
sudo chmod 500 /etc/authbind/byport/80
chown tito /etc/authbind/byport/80
sudo touch /etc/authbind/byport/443
sudo chmod 500 /etc/authbind/byport/443
chown tito /etc/authbind/byport/443
Now how do I invoke the embedded tomcat under the “authbind”. If “authbind” is not the right solution for this problem then how to solve this problem with spring boot.
The error message I am getting is:
2014-05-09 09:46:48.403 INFO 7880 --- [ main] .t.TomcatEmbeddedServletContainerFactory : Server initialized with port: 80
2014-05-09 09:46:48.604 ERROR 7880 --- [ main] o.a.coyote.http11.Http11NioProtocol : Failed to initialize end point associated with ProtocolHandler ["http-nio-80"]
java.net.SocketException: Permission denied
at sun.nio.ch.Net.bind0(Native Method)
at sun.nio.ch.Net.bind(Net.java:414)
at sun.nio.ch.Net.bind(Net.java:406)
at sun.nio.ch.ServerSocketChannelImpl.bind(ServerSocketChannelImpl.java:214)
at sun.nio.ch.ServerSocketAdaptor.bind(ServerSocketAdaptor.java:74)
at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:351)
at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:683)
at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:456)
at org.apache.coyote.http11.AbstractHttp11JsseProtocol.init(AbstractHttp11JsseProtocol.java:120)
at org.apache.catalina.connector.Connector.initInternal(Connector.java:960)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
at org.apache.catalina.core.StandardService.initInternal(StandardService.java:567)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
at org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:826)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:139)
at org.apache.catalina.startup.Tomcat.start(Tomcat.java:340)
at org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainer.initialize(TomcatEmbeddedServletContainer.java:79)
at org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainer.<init>(TomcatEmbeddedServletContainer.java:69)
at org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainerFactory.getTomcatEmbeddedServletContainer(TomcatEmbeddedServletContainerFactory.java:270)
at org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainerFactory.getEmbeddedServletContainer(TomcatEmbeddedServletContainerFactory.java:145)
at org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.createEmbeddedServletContainer(EmbeddedWebApplicationContext.java:159)
at org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.onRefresh(EmbeddedWebApplicationContext.java:132)
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:476)
at org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.refresh(EmbeddedWebApplicationContext.java:120)
at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:648)
at org.springframework.boot.SpringApplication.run(SpringApplication.java:311)
at org.springframework.boot.SpringApplication.run(SpringApplication.java:909)
at org.springframework.boot.SpringApplication.run(SpringApplication.java:898)
at org.syncServer.core.Application.main(Application.java:123)
2014-05-09 09:46:48.606 ERROR 7880 --- [ main] o.apache.catalina.core.StandardService : Failed to initialize connector [Connector[HTTP/1.1-80]]
org.apache.catalina.LifecycleException: Failed to initialize component [Connector[HTTP/1.1-80]]
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:106)
at org.apache.catalina.core.StandardService.initInternal(StandardService.java:567)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
at org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:826)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:139)
at org.apache.catalina.startup.Tomcat.start(Tomcat.java:340)
at org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainer.initialize(TomcatEmbeddedServletContainer.java:79)
at org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainer.<init>(TomcatEmbeddedServletContainer.java:69)
at org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainerFactory.getTomcatEmbeddedServletContainer(TomcatEmbeddedServletContainerFactory.java:270)
at org.springframework.boot.context.embedded.tomcat.TomcatEmbeddedServletContainerFactory.getEmbeddedServletContainer(TomcatEmbeddedServletContainerFactory.java:145)
at org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.createEmbeddedServletContainer(EmbeddedWebApplicationContext.java:159)
at org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.onRefresh(EmbeddedWebApplicationContext.java:132)
at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:476)
at org.springframework.boot.context.embedded.EmbeddedWebApplicationContext.refresh(EmbeddedWebApplicationContext.java:120)
at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:648)
at org.springframework.boot.SpringApplication.run(SpringApplication.java:311)
at org.springframework.boot.SpringApplication.run(SpringApplication.java:909)
at org.springframework.boot.SpringApplication.run(SpringApplication.java:898)
at org.syncServer.core.Application.main(Application.java:123)
Caused by: org.apache.catalina.LifecycleException: Protocol handler initialization failed
at org.apache.catalina.connector.Connector.initInternal(Connector.java:962)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
... 19 common frames omitted
Caused by: java.net.SocketException: Permission denied
at sun.nio.ch.Net.bind0(Native Method)
at sun.nio.ch.Net.bind(Net.java:414)
at sun.nio.ch.Net.bind(Net.java:406)
at sun.nio.ch.ServerSocketChannelImpl.bind(ServerSocketChannelImpl.java:214)
at sun.nio.ch.ServerSocketAdaptor.bind(ServerSocketAdaptor.java:74)
at org.apache.tomcat.util.net.NioEndpoint.bind(NioEndpoint.java:351)
at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:683)
at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:456)
at org.apache.coyote.http11.AbstractHttp11JsseProtocol.init(AbstractHttp11JsseProtocol.java:120)
at org.apache.catalina.connector.Connector.initInternal(Connector.java:960)
... 20 common frames omitted
2014-05-09 09:46:48.840 INFO 7880 --- [ main] o.apache.catalina.core.StandardService : Starting service Tomcat
2014-05-09 09:46:48.841 INFO 7880 --- [ main] org.apache.catalina.core.StandardEngine : Starting Servlet Engine: Apache Tomcat/8.0.3
2014-05-09 09:46:48.913 INFO 7880 --- [ost-startStop-1] o.a.c.c.C.[Tomcat].[localhost].[/] : Initializing Spring embedded WebApplicationContext
2014-05-09 09:46:48.913 INFO 7880 --- [ost-startStop-1] o.s.web.context.ContextLoader : Root WebApplicationContext: initialization completed in 1898 ms
SERVLET REGISTRATION
DISPATCHER INIT
ADDTION 1
i found a way how to do it from the command line i.e. from spring i do maven build with the goal set to "package" then i go to the target folder where my jar/war file is and then i do
exec authbind --deep java -jar application.jar
The application is bound to the ports 80 and 443 but somehow my mvc thymeleaf templates got messed up. I need to automate this process trough spring sts