Re: Why 8080 and 8443 ..?
David Whitehurst wrote: Chuck: Could you elaborate on what those parameters would be? A port is just a number. I'm trying to understand the history, but I would appreciate your comments on the other things required to make Tomcat production ready on top of just changing the Coyote connector from 8080 to 80 and 8443 to 443? The history is relatively clear. Normal Internet ports for HTTP/S are 80 and 443. Since Tomcat is usually running first as a test project on some machine that already has a web server, in order to avoid conflicts or (which may even be worse in test situations) having ot connect Apache and TC, it is most reasonable to shift those ports. Since TCP:0-1024 is already overbooked with registered services and TCP:1024-x has a lot other registered services, it seamed reasonable to place it at 8000 + 80,443. As for production, you have several things to consider. Do you want to run TC standalone or behind Apache? Most likely you will not want TC to run as root, so you will have a dedicated account for TC, like "tomcat" or "tomcat4" or "tomcat5". You need to setup file permissions so that TC can access the files it needs. If it is running standalone, you need to allow TC to bind to ports 80 and 443, something best accomplished via Apache Jakarta-Commons Daemon and JSVC. If it is running behind Apache, you need to setup a connector, like WARP (mod_webapp - prehestoric, but the ISP I'm working for at this moment uses it), JK2 (good, but abandoned and merged into JK) or JK. And all of this needs setting up. Nix. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Why 8080 and 8443 ..?
> From: Michael Mehrle [mailto:[EMAIL PROTECTED] > Subject: Re: Why 8080 and 8443 ..? > > Which are ??? Please feel free to elaborate ;-) As Jason mentioned, running Tomcat in production requires configuring the desired connectors and the various internal and external resources, and also stripping out the excess apps and other demo parameters. Configuring appropriate security (not plain-text passwords) for the manager and admin web apps, and using a non-default shutdown key are also highly recommended. Beyond that, at least these attributes (in various .xml files) may need to be changed to reduce overhead or better fit a production environment: autoDeploy input listings output classdebuginfo development keepgenerated mappedfile trimSpaces suppressSmap Several of the above apply to JSP compilation, so if you're doing precompilation (desirable for production), your ANT scripts should set/clear the corresponding parameters. Be certain that the enableLookups attribute under any elements you're using hasn't been removed or set to true. Also check that the reloadable attribute hasn't been left at true in any of your declarations. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Why 8080 and 8443 ..?
Changing the connector to 80 and 443 is difficult, as then you have to run Tomcat as root (assuming you are running on Linux). 8080 and 8443 are simply non-privileged ports with numbers not a million miles from 80 and 443 as I understand it. If you want to remap them and keep the non-root nature of Tomcat, use iptables to remap the ports. David On Tuesday 26 April 2005 10:31, David Whitehurst wrote: > Chuck: > > Could you elaborate on what those parameters would be? A port is just a > number. I'm trying to understand the history, but I would appreciate > your comments on the other things required to make Tomcat production > ready on top of just changing the Coyote connector from 8080 to 80 and > 8443 to 443? > > Thanks, > > David L. Whitehurst > > Caldarale, Charles R wrote: > >>-Original Message- > >>From: Parsons Technical Services > > > >[mailto:[EMAIL PROTECTED] > > > >>Subject: Re: Why 8080 and 8443 ..? > >> > >>So there are two of the possible reasons that an upper port > >>was chosen. > > > >Also, Tomcat is distributed in a more-or-less development configuration, > >rather than a production one. There are several parameters in addition > >to the ports that should be changed before putting it into a production > >environment. > > > > - Chuck > > > > > >THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY > >MATERIAL and is thus for use only by the intended recipient. If you > >received this in error, please contact the sender and delete the e-mail > >and its attachments from all computers. > > > >- > >To unsubscribe, e-mail: [EMAIL PROTECTED] > >For additional commands, e-mail: [EMAIL PROTECTED] > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Why 8080 and 8443 ..?
On 4/26/05, David Whitehurst <[EMAIL PROTECTED]> wrote: > Could you elaborate on what those parameters would be? A port is just a > number. I'm trying to understand the history, but I would appreciate > your comments on the other things required to make Tomcat production > ready on top of just changing the Coyote connector from 8080 to 80 and > 8443 to 443? There are lots of things you need to look at, just a few examples: - what connectors you are going to useand what ones should be disabled - Do you want to enable SSL and setup a redirect port? - What realms do you need? - Do you need the Manager and Admin applications enabled? (Personally I usually strip Tomcat down to the bare minimum for Production implementations) - Then there is performance tuning depending on the demands of your application by modifying parameters like maxThreads, minSpareThreads, maxSpareThreads, & acceptCount. They are just a few off the top of my head, it's no different to deploying the Apache webserver in Production you don't just take teh default settings. Regards, -- Jason Bainbridge http://kde.org - [EMAIL PROTECTED] Personal Site - http://jasonbainbridge.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Why 8080 and 8443 ..?
Chuck: Could you elaborate on what those parameters would be? A port is just a number. I'm trying to understand the history, but I would appreciate your comments on the other things required to make Tomcat production ready on top of just changing the Coyote connector from 8080 to 80 and 8443 to 443? Thanks, David L. Whitehurst Caldarale, Charles R wrote: -Original Message- From: Parsons Technical Services [mailto:[EMAIL PROTECTED] Subject: Re: Why 8080 and 8443 ..? So there are two of the possible reasons that an upper port was chosen. Also, Tomcat is distributed in a more-or-less development configuration, rather than a production one. There are several parameters in addition to the ports that should be changed before putting it into a production environment. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Why 8080 and 8443 ..?
Which are ??? Please feel free to elaborate ;-) - Original Message - From: "Caldarale, Charles R" <[EMAIL PROTECTED]> To: "Tomcat Users List" Sent: Monday, April 25, 2005 8:00 PM Subject: RE: Why 8080 and 8443 ..? -Original Message- From: Parsons Technical Services [mailto:[EMAIL PROTECTED] Subject: Re: Why 8080 and 8443 ..? So there are two of the possible reasons that an upper port was chosen. Also, Tomcat is distributed in a more-or-less development configuration, rather than a production one. There are several parameters in addition to the ports that should be changed before putting it into a production environment. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Why 8080 and 8443 ..?
> -Original Message- > From: Parsons Technical Services [mailto:[EMAIL PROTECTED] > Subject: Re: Why 8080 and 8443 ..? > > So there are two of the possible reasons that an upper port > was chosen. Also, Tomcat is distributed in a more-or-less development configuration, rather than a production one. There are several parameters in addition to the ports that should be changed before putting it into a production environment. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Why 8080 and 8443 ..?
Taking a wild stab at it, in the early days Tomcat was not as good of a http server as it is now and was thus put behind a "real" web server to do it's thing when needed and not mess with static stuff. Thus to avoid conflicts on install the ports were set to a different value from default. Then there is the issue that Tomcat cannot start on Linux on the default ports unless running as root. So there are two of the possible reasons that an upper port was chosen. Since I am relatively new to Tomcat it is totally possible that I am way off base. - Original Message - From: "David Whitehurst" <[EMAIL PROTECTED]> To: Sent: Monday, April 25, 2005 6:23 PM Subject: Why 8080 and 8443 ..? I'm curious about the historical reasons behind the choice of 8080 and 8443 as the "default" ports for Coyote connectors? Can someone answer this question? Knowing that the general ports are 80 and 443, would the need for translation of the ports, running Tomcat as a non-root user, be a "reason" for this? Thanks, David Whitehurst [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Why 8080 and 8443 ..?
I'm curious about the historical reasons behind the choice of 8080 and 8443 as the "default" ports for Coyote connectors? Can someone answer this question? Knowing that the general ports are 80 and 443, would the need for translation of the ports, running Tomcat as a non-root user, be a "reason" for this? Thanks, David Whitehurst [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]