Thanks for a hint
Regards, Maciej Eoghan Glynn-4 wrote: > > Are you running on Linux perchance? > > AFAIK most *nix variants disallow non-root users from listening on ports > less than 1024. > > To avoid running your server with root privileges, you can use xinetd to > re-direct any traffic from the standard SSL port 443 to some other port > > 1024. > > Cheers, > Eoghan > > > 2009/3/25 XyLus <[email protected]> > >> >> Hello All, >> >> I am working on web service that should support SSL (the requirement is >> to >> publish webservice using port 443). >> >> I have following server-config.xml >> >> >> <beans xmlns="http://www.springframework.org/schema/beans";...> >> >> <http:conduit >> >> name="{http://vn.my.site.com/uploader}UploadServicePort.http-conduit<http://vn.my.site.com/uploader%7DUploadServicePort.http-conduit> >> "> >> >> <http:client AutoRedirect="true" ConnectionTimeout="10000" >> ReceiveTimeout="10000" AllowChunking="false" >> /> >> </http:conduit> >> >> >> <httpj:engine-factory> >> <httpj:engine port="9001"> >> <httpj:tlsServerParameters> >> <sec:keyManagers keyPassword="password"> >> <sec:keyStore type="JKS" >> password="password" >> >> resource="server_ssl_keystore.jks" /> >> </sec:keyManagers> >> >> <sec:cipherSuitesFilter> >> <!-- these filters ensure that a >> ciphersuite with >> export-suitable or null >> encryption is used, >> but exclude anonymous >> Diffie-Hellman key change as >> this is vulnerable to >> man-in-the-middle attacks --> >> >> <sec:include>.*_EXPORT_.*</sec:include> >> >> <sec:include>.*_EXPORT1024_.*</sec:include> >> >> <sec:include>.*_WITH_DES_.*</sec:include> >> >> <sec:include>.*_WITH_NULL_.*</sec:include> >> >> <sec:exclude>.*_DH_anon_.*</sec:exclude> >> </sec:cipherSuitesFilter> >> </httpj:tlsServerParameters> >> </httpj:engine> >> </httpj:engine-factory> >> >> >> In addtion to this configuration I use following address to publish web >> service http://localhost:443/UploadService >> >> >> >> This configuration works fine on my local box but when I start it on >> server >> box I get exception: >> java.net.SocketException: Permission denied (entire stack trace you can >> find >> at the end of this post) >> >> I have two questions: >> 1. Have I got correct configuration to publish web service on 443 port >> (and >> to use SSL) >> 2. Given that my configuration is correct - what should I change in JVM >> security configuration to solve java.net.SocketException: Permission >> denied >> error >> >> >> Useful hint would be appreciated. >> >> Regards, >> Maciej >> >> >> >> >> >> >> java.net.SocketException: Permission denied >> at sun.nio.ch.Net.bind(Native Method) >> at >> sun.nio.ch.ServerSocketChannelImpl.bind(ServerSocketChannelImpl.java:119) >> at >> sun.nio.ch.ServerSocketAdaptor.bind(ServerSocketAdaptor.java:59) >> at >> >> org.mortbay.jetty.nio.SelectChannelConnector.open(SelectChannelConnector.java:205) >> at >> >> org.mortbay.jetty.nio.SelectChannelConnector.doStart(SelectChannelConnector.java:304) >> at >> org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:39) >> at org.mortbay.jetty.Server.doStart(Server.java:233) >> at >> org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:39) >> at >> >> org.apache.cxf.transport.http_jetty.JettyHTTPServerEngine.addServant(JettyHTTPServerEngine.java:305) >> at >> >> org.apache.cxf.transport.http_jetty.JettyHTTPDestination.activate(JettyHTTPDestination.java:155) >> at >> >> org.apache.cxf.transport.AbstractObservable.setMessageObserver(AbstractObservable.java:48) >> at >> >> org.apache.cxf.binding.AbstractBindingFactory.addListener(AbstractBindingFactory.java:166) >> at >> >> org.apache.cxf.binding.soap.SoapBindingFactory.addListener(SoapBindingFactory.java:734) >> at org.apache.cxf.endpoint.ServerImpl.start(ServerImpl.java:122) >> at >> org.apache.cxf.jaxws.EndpointImpl.doPublish(EndpointImpl.java:264) >> at >> org.apache.cxf.jaxws.EndpointImpl.publish(EndpointImpl.java:202) >> at >> >> org.apache.cxf.jaxws.spi.ProviderImpl.createAndPublishEndpoint(ProviderImpl.java:84) >> at javax.xml.ws.Endpoint.publish(Endpoint.java:156) >> at >> >> com.sabre.ssg.vn.uploader.UploadServiceServer.<init>(UploadServiceServer.java:47) >> at >> >> com.sabre.ssg.vn.uploader.UploadServiceServer.main(UploadServiceServer.java:58) >> Mar 25, 2009 4:36:28 AM sun.reflect.NativeMethodAccessorImpl invoke0 >> WARNING: failed ser...@26796e1c >> java.net.SocketException: Permission denied >> at sun.nio.ch.Net.bind(Native Method) >> at >> sun.nio.ch.ServerSocketChannelImpl.bind(ServerSocketChannelImpl.java:119) >> at >> sun.nio.ch.ServerSocketAdaptor.bind(ServerSocketAdaptor.java:59) >> at >> >> org.mortbay.jetty.nio.SelectChannelConnector.open(SelectChannelConnector.java:205) >> at >> >> org.mortbay.jetty.nio.SelectChannelConnector.doStart(SelectChannelConnector.java:304) >> at >> org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:39) >> at org.mortbay.jetty.Server.doStart(Server.java:233) >> at >> org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:39) >> at >> >> org.apache.cxf.transport.http_jetty.JettyHTTPServerEngine.addServant(JettyHTTPServerEngine.java:305) >> at >> >> org.apache.cxf.transport.http_jetty.JettyHTTPDestination.activate(JettyHTTPDestination.java:155) >> at >> >> org.apache.cxf.transport.AbstractObservable.setMessageObserver(AbstractObservable.java:48) >> at >> >> org.apache.cxf.binding.AbstractBindingFactory.addListener(AbstractBindingFactory.java:166) >> at >> >> org.apache.cxf.binding.soap.SoapBindingFactory.addListener(SoapBindingFactory.java:734) >> at org.apache.cxf.endpoint.ServerImpl.start(ServerImpl.java:122) >> at >> org.apache.cxf.jaxws.EndpointImpl.doPublish(EndpointImpl.java:264) >> at >> org.apache.cxf.jaxws.EndpointImpl.publish(EndpointImpl.java:202) >> at >> >> org.apache.cxf.jaxws.spi.ProviderImpl.createAndPublishEndpoint(ProviderImpl.java:84) >> at javax.xml.ws.Endpoint.publish(Endpoint.java:156) >> at >> >> com.sabre.ssg.vn.uploader.UploadServiceServer.<init>(UploadServiceServer.java:47) >> at >> >> com.sabre.ssg.vn.uploader.UploadServiceServer.main(UploadServiceServer.java:58) >> javax.xml.ws.WebServiceException: org.apache.cxf.interceptor.Fault: Could >> not start Jetty server: Permission denied >> at >> org.apache.cxf.jaxws.EndpointImpl.doPublish(EndpointImpl.java:268) >> at >> org.apache.cxf.jaxws.EndpointImpl.publish(EndpointImpl.java:202) >> at >> >> org.apache.cxf.jaxws.spi.ProviderImpl.createAndPublishEndpoint(ProviderImpl.java:84) >> at javax.xml.ws.Endpoint.publish(Endpoint.java:156) >> at >> >> com.sabre.ssg.vn.uploader.UploadServiceServer.<init>(UploadServiceServer.java:47) >> at >> >> com.sabre.ssg.vn.uploader.UploadServiceServer.main(UploadServiceServer.java:58) >> Caused by: org.apache.cxf.interceptor.Fault: Could not start Jetty >> server: >> Permission denied >> at >> >> org.apache.cxf.transport.http_jetty.JettyHTTPServerEngine.addServant(JettyHTTPServerEngine.java:328) >> at >> >> org.apache.cxf.transport.http_jetty.JettyHTTPDestination.activate(JettyHTTPDestination.java:155) >> at >> >> org.apache.cxf.transport.AbstractObservable.setMessageObserver(AbstractObservable.java:48) >> at >> >> org.apache.cxf.binding.AbstractBindingFactory.addListener(AbstractBindingFactory.java:166) >> at >> >> org.apache.cxf.binding.soap.SoapBindingFactory.addListener(SoapBindingFactory.java:734) >> at org.apache.cxf.endpoint.ServerImpl.start(ServerImpl.java:122) >> at >> org.apache.cxf.jaxws.EndpointImpl.doPublish(EndpointImpl.java:264) >> ... 5 more >> Caused by: java.net.SocketException: Permission denied >> at sun.nio.ch.Net.bind(Native Method) >> at >> sun.nio.ch.ServerSocketChannelImpl.bind(ServerSocketChannelImpl.java:119) >> at >> sun.nio.ch.ServerSocketAdaptor.bind(ServerSocketAdaptor.java:59) >> at >> >> org.mortbay.jetty.nio.SelectChannelConnector.open(SelectChannelConnector.java:205) >> at >> >> org.mortbay.jetty.nio.SelectChannelConnector.doStart(SelectChannelConnector.java:304) >> at >> org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:39) >> at org.mortbay.jetty.Server.doStart(Server.java:233) >> at >> org.mortbay.component.AbstractLifeCycle.start(AbstractLifeCycle.java:39) >> at >> >> org.apache.cxf.transport.http_jetty.JettyHTTPServerEngine.addServant(JettyHTTPServerEngine.java:305) >> ... 11 more >> >> >> >> >> >> -- >> View this message in context: >> http://www.nabble.com/Jow-to-publish-web-service-using-port-443-%28SSL%29----java.net.SocketException%3A-Permission-denied-issue-tp22698473p22698473.html >> Sent from the cxf-user mailing list archive at Nabble.com. >> >> > > -- View this message in context: http://www.nabble.com/Jow-to-publish-web-service-using-port-443-%28SSL%29----java.net.SocketException%3A-Permission-denied-issue-tp22698473p22751192.html Sent from the cxf-user mailing list archive at Nabble.com.
