Are you running on Linux perchance? AFAIK most *nix variants disallow non-root users from listening on ports less than 1024.
To avoid running your server with root privileges, you can use xinetd to re-direct any traffic from the standard SSL port 443 to some other port > 1024. Cheers, Eoghan 2009/3/25 XyLus <[email protected]> > > Hello All, > > I am working on web service that should support SSL (the requirement is to > publish webservice using port 443). > > I have following server-config.xml > > > <beans xmlns="http://www.springframework.org/schema/beans";...> > > <http:conduit > > name="{http://vn.my.site.com/uploader}UploadServicePort.http-conduit<http://vn.my.site.com/uploader%7DUploadServicePort.http-conduit> > "> > > <http:client AutoRedirect="true" ConnectionTimeout="10000" > ReceiveTimeout="10000" AllowChunking="false" > /> > </http:conduit> > > > <httpj:engine-factory> > <httpj:engine port="9001"> > <httpj:tlsServerParameters> > <sec:keyManagers keyPassword="password"> > <sec:keyStore type="JKS" > password="password" > > resource="server_ssl_keystore.jks" /> > </sec:keyManagers> > > <sec:cipherSuitesFilter> > <!-- these filters ensure that a > ciphersuite with > export-suitable or null > encryption is used, > but exclude anonymous > Diffie-Hellman key change as > this is vulnerable to > man-in-the-middle attacks --> > > <sec:include>.*_EXPORT_.*</sec:include> > > <sec:include>.*_EXPORT1024_.*</sec:include> > > <sec:include>.*_WITH_DES_.*</sec:include> > > <sec:include>.*_WITH_NULL_.*</sec:include> > > <sec:exclude>.*_DH_anon_.*</sec:exclude> > </sec:cipherSuitesFilter> > </httpj:tlsServerParameters> > </httpj:engine> > </httpj:engine-factory> > > > In addtion to this configuration I use following address to publish web > service http://localhost:443/UploadService > > > > This configuration works fine on my local box but when I start it on server > box I get exception: > java.net.SocketException: Permission denied (entire stack trace you can > find > at the end of this post) > > I have two questions: > 1. Have I got correct configuration to publish web service on 443 port > (and > to use SSL) > 2. Given that my configuration is correct - what should I change in JVM > security configuration to solve java.net.SocketException: Permission denied > error > > > Useful hint would be appreciated. > > Regards, > Maciej > > > > > > > java.net.SocketException: Permission denied > at sun.nio.ch.Net.bind(Native Method) > at > sun.nio.ch.ServerSocketChannelImpl.bind(ServerSocketChannelImpl.java:119) > at sun.nio.ch.ServerSocketAdaptor.bind(ServerSocketAdaptor.java:59) > at > > org.mortbay.jetty.nio.SelectChannelConnector.open(SelectChannelConnector.java:205) > at > > org.mortbay.jetty.nio.SelectChannelConnector.doStart(SelectChannelConnector.java:304) > at > org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:39) > at org.mortbay.jetty.Server.doStart(Server.java:233) > at > org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:39) > at > > org.apache.cxf.transport.http_jetty.JettyHTTPServerEngine.addServant(JettyHTTPServerEngine.java:305) > at > > org.apache.cxf.transport.http_jetty.JettyHTTPDestination.activate(JettyHTTPDestination.java:155) > at > > org.apache.cxf.transport.AbstractObservable.setMessageObserver(AbstractObservable.java:48) > at > > org.apache.cxf.binding.AbstractBindingFactory.addListener(AbstractBindingFactory.java:166) > at > > org.apache.cxf.binding.soap.SoapBindingFactory.addListener(SoapBindingFactory.java:734) > at org.apache.cxf.endpoint.ServerImpl.start(ServerImpl.java:122) > at > org.apache.cxf.jaxws.EndpointImpl.doPublish(EndpointImpl.java:264) > at org.apache.cxf.jaxws.EndpointImpl.publish(EndpointImpl.java:202) > at > > org.apache.cxf.jaxws.spi.ProviderImpl.createAndPublishEndpoint(ProviderImpl.java:84) > at javax.xml.ws.Endpoint.publish(Endpoint.java:156) > at > > com.sabre.ssg.vn.uploader.UploadServiceServer.<init>(UploadServiceServer.java:47) > at > > com.sabre.ssg.vn.uploader.UploadServiceServer.main(UploadServiceServer.java:58) > Mar 25, 2009 4:36:28 AM sun.reflect.NativeMethodAccessorImpl invoke0 > WARNING: failed ser...@26796e1c > java.net.SocketException: Permission denied > at sun.nio.ch.Net.bind(Native Method) > at > sun.nio.ch.ServerSocketChannelImpl.bind(ServerSocketChannelImpl.java:119) > at sun.nio.ch.ServerSocketAdaptor.bind(ServerSocketAdaptor.java:59) > at > > org.mortbay.jetty.nio.SelectChannelConnector.open(SelectChannelConnector.java:205) > at > > org.mortbay.jetty.nio.SelectChannelConnector.doStart(SelectChannelConnector.java:304) > at > org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:39) > at org.mortbay.jetty.Server.doStart(Server.java:233) > at > org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:39) > at > > org.apache.cxf.transport.http_jetty.JettyHTTPServerEngine.addServant(JettyHTTPServerEngine.java:305) > at > > org.apache.cxf.transport.http_jetty.JettyHTTPDestination.activate(JettyHTTPDestination.java:155) > at > > org.apache.cxf.transport.AbstractObservable.setMessageObserver(AbstractObservable.java:48) > at > > org.apache.cxf.binding.AbstractBindingFactory.addListener(AbstractBindingFactory.java:166) > at > > org.apache.cxf.binding.soap.SoapBindingFactory.addListener(SoapBindingFactory.java:734) > at org.apache.cxf.endpoint.ServerImpl.start(ServerImpl.java:122) > at > org.apache.cxf.jaxws.EndpointImpl.doPublish(EndpointImpl.java:264) > at org.apache.cxf.jaxws.EndpointImpl.publish(EndpointImpl.java:202) > at > > org.apache.cxf.jaxws.spi.ProviderImpl.createAndPublishEndpoint(ProviderImpl.java:84) > at javax.xml.ws.Endpoint.publish(Endpoint.java:156) > at > > com.sabre.ssg.vn.uploader.UploadServiceServer.<init>(UploadServiceServer.java:47) > at > > com.sabre.ssg.vn.uploader.UploadServiceServer.main(UploadServiceServer.java:58) > javax.xml.ws.WebServiceException: org.apache.cxf.interceptor.Fault: Could > not start Jetty server: Permission denied > at > org.apache.cxf.jaxws.EndpointImpl.doPublish(EndpointImpl.java:268) > at org.apache.cxf.jaxws.EndpointImpl.publish(EndpointImpl.java:202) > at > > org.apache.cxf.jaxws.spi.ProviderImpl.createAndPublishEndpoint(ProviderImpl.java:84) > at javax.xml.ws.Endpoint.publish(Endpoint.java:156) > at > > com.sabre.ssg.vn.uploader.UploadServiceServer.<init>(UploadServiceServer.java:47) > at > > com.sabre.ssg.vn.uploader.UploadServiceServer.main(UploadServiceServer.java:58) > Caused by: org.apache.cxf.interceptor.Fault: Could not start Jetty server: > Permission denied > at > > org.apache.cxf.transport.http_jetty.JettyHTTPServerEngine.addServant(JettyHTTPServerEngine.java:328) > at > > org.apache.cxf.transport.http_jetty.JettyHTTPDestination.activate(JettyHTTPDestination.java:155) > at > > org.apache.cxf.transport.AbstractObservable.setMessageObserver(AbstractObservable.java:48) > at > > org.apache.cxf.binding.AbstractBindingFactory.addListener(AbstractBindingFactory.java:166) > at > > org.apache.cxf.binding.soap.SoapBindingFactory.addListener(SoapBindingFactory.java:734) > at org.apache.cxf.endpoint.ServerImpl.start(ServerImpl.java:122) > at > org.apache.cxf.jaxws.EndpointImpl.doPublish(EndpointImpl.java:264) > ... 5 more > Caused by: java.net.SocketException: Permission denied > at sun.nio.ch.Net.bind(Native Method) > at > sun.nio.ch.ServerSocketChannelImpl.bind(ServerSocketChannelImpl.java:119) > at sun.nio.ch.ServerSocketAdaptor.bind(ServerSocketAdaptor.java:59) > at > > org.mortbay.jetty.nio.SelectChannelConnector.open(SelectChannelConnector.java:205) > at > > org.mortbay.jetty.nio.SelectChannelConnector.doStart(SelectChannelConnector.java:304) > at > org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:39) > at org.mortbay.jetty.Server.doStart(Server.java:233) > at > org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:39) > at > > org.apache.cxf.transport.http_jetty.JettyHTTPServerEngine.addServant(JettyHTTPServerEngine.java:305) > ... 11 more > > > > > > -- > View this message in context: > http://www.nabble.com/Jow-to-publish-web-service-using-port-443-%28SSL%29----java.net.SocketException%3A-Permission-denied-issue-tp22698473p22698473.html > Sent from the cxf-user mailing list archive at Nabble.com. > >
