Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

On Unix based systems, port 80 is protected and can usually only be opened by
the superuser root. As it is not desirable to run the server as root (for
security reasons), the solution options are as follows:

  • Start Jetty as the root user, and use Jetty's setuid mechanism to switch to a non-root user after startup.
    or
  • Configure the server to run as a normal user on port 8080 (or some other non protected port).Then, configure the operating system to redirect port 80 to 8080 using ipchains, iptables, ipfw or a similar mechanism.

The latter has traditionally been the solution, however Jetty 6.1 has added the new setuid feature.

If you are using Solaris 10, you may not need to use this feature, as Solaris provides a User Rights Management framework that can permit users and processes superuser-like abilities. Please refer to the Solaris documentation for more information.

Using Jetty's setuid (and setumask) feature

...

Contact the core Jetty developers at www.webtide.com
private support for your internal/customer projects ... custom extensions and distributions ... versioned snapshots for indefinite support ... scalability guidance for your apps and Ajax/Comet projects ... development services from 1 day to full product delivery