Ubuntu为Tomcat启用80端口 @H_301_2@ 一、tomcat部署调试
Update the package repository
sudo apt-get update sudo apt-get upgrade --show-upgrades
Install the authbind package
sudo apt-get install authbind
This package allows non-root users to bind to ports below 1024. Install the tomcat7 package
sudo apt-get install tomcat7
The tomcat7-docs,tomcat7-examples,and tomcat7-admin packages aren’t required to deploy and maintain a web application. These packages can be skipped unless they are truly needed.
A new user “tomcat7” with primary group “tomcat7” will be created.
Enable authbind @H_301_2@ Open a text editor like vim and load the default tomcat configuration file
vi /etc/default/tomcat7
Remove the comment hash “#” in front of the authbind property and set the value to “yes”
AUTHBIND=yes
Create authbind bind permission files for ports 80 and 443. Authbind will loop through the directory structure and try to find a byPort file referencing the port number attempting to be bound. Authorization will be granted if the user attempting to bind has execute permission.
touch /etc/authbind/byport/80
touch /etc/authbind/byport/443
chmod 0755 /etc/authbind/byport/80
chmod 0755 /etc/authbind/byport/443
chown tomcat7:tomcat7 /etc/authbind/byport/80
chown tomcat7:tomcat7 /etc/authbind/byport/443
Change the Tomcat Port from 8080/8443 to 80/443 @H_301_2@ Open a text editor like vim and load the server configuration file
vi /etc/tomcat7/server.xml
Find the connector for port 8080 to port 80 and the redirect port from 8443 to 443:
<Connector port="80" protocol="HTTP/1.1" connectiontimeout="20000" uriencoding="UTF-8" redirectport="443">
</Connector>
Restart the Tomcat service
sudo service tomcat7 restart
View the catalina.out log after restart and look for any errors. If you see permission denied errors,then you may have missed a step like: @H_301_2@ Forgetting to uncomment the AuthBind setting and putting it to “yes” @H_301_2@ Forgetting to restart the tomcat7 service as sudo
便捷方法: @H_301_2@ 什么配置文件不改,运行如下命令
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080
因为linux限制了1-1024端口的使用权限,只有root用户才可以访问1024以下的端口号,所以不能用上面的方法实现,可以使用防火墙映射tomcat监听的端口到80端口。