Tomcat 7 listen on port 80 – Linux Debian

The default installation of Tomcat 7 for Linux Debian is listening on port 8080.

When you want to change the port to 80 then you have several options.

You can use iptables and redirect communication from port 8080 to port 80.

iptables -t nat -P PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-port 8080

The more straight forward approach is to bind Tomcat directly to port 80. First of all change port 8080 to 80 in file /etc/tomcat7/server.xml.

You’ll see error messages in /var/log/tomcat7/catalina.out when you try to restart Tomcat:

SEVERE: Failed to initialize connector [Connector[HTTP/1.1-80]]
org.apache.catalina.LifecycleException: Failed to initialize component [Connector[HTTP/1.1-80]]
Caused by: java.net.BindException: Permission denied

The problem is that default installation of Tomcat 7 for Linux Debian allows to bind only ports higher than 1023. You need to allow binding to privileged ports.

Open file /etc/defaults/tomcat7 and change option from:

#AUTHBIND=no

to:

AUTHBIND=yes

Restart Tomcat and it will listen on port 80.

10. March 2012 at 15:02 - Software engineering (Tags: , , , , ). Both comments and pings are currently closed.

0 0 votes
Article Rating
6 Comments
Inline Feedbacks
View all comments
11 years ago

My God! It worked.

But, before I did this (I don’t know where I got it):

Install authbind
Make port 80 available to authbind (you need to be root):
touch /etc/authbind/byport/80
chmod 500 /etc/authbind/byport/80
Make IPv4 the default (authbind does not currently support IPv6). To do so, create the file
TOMCAT_HOME/bin/setenv.sh
with the following content:
CATALINA_OPTS=”-Djava.net.preferIPv4Stack=true”
Change startup.sh:
exec authbind –deep “$PRGDIR”/”$EXECUTABLE” start “$@”
# OLD: exec “$PRGDIR”/”$EXECUTABLE” start “$@”

The Web site: http://www.guardalar.com

10 years ago

Thank you very much for that hint! :)

10 years ago

It worked! Thanks!

kdot
10 years ago

Worked like a charm! Thanks

asdf
10 years ago

On Debian, I also needed to add:

sudo chown tomcat7 /etc/authbind/byport/80

10 years ago

Good job. Thanks