my dog learned polymorphism*
The moose likes Tomcat and the fly likes Is it possible to host one webapp on a different port Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Products » Tomcat
Bookmark "Is it possible to host one webapp on a different port" Watch "Is it possible to host one webapp on a different port" New topic
Author

Is it possible to host one webapp on a different port

cle tan
Ranch Hand

Joined: Jun 11, 2012
Posts: 68
Let's say I have a admin module and I do not want public to access.
I want to host that particular webapp on another port, say 3087

Is it possible to configure that, while the other webapps still run on ports 8080 and 8443
Jeanne Boyarsky
internet detective
Marshal

Joined: May 26, 2003
Posts: 30123
    
150

How does that help you? You still need to provide a login and protect that web app. And once you've done all that, the port it is on doesn't provide security.


[Blog] [JavaRanch FAQ] [How To Ask Questions The Smart Way] [Book Promos]
Blogging on Certs: SCEA Part 1, Part 2 & 3, Core Spring 3, OCAJP, OCPJP beta, TOGAF part 1 and part 2
cle tan
Ranch Hand

Joined: Jun 11, 2012
Posts: 68
Jeanne Boyarsky wrote:How does that help you? You still need to provide a login and protect that web app. And once you've done all that, the port it is on doesn't provide security.


will use firewall to allow public to access 8080 and 8443
but for internal usage(intranet) allow access to 3087 for admin module
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 41116
    
  45
It is reasonable to trust the general internet population less than you would trust the folks coming from inside your network, but still: would you trust your internal users not to do anything untoward with your admin app? So you still need to protect it as Jeanne said. But security should happen in depth, so the further away you can can keep people from your admin app, the better.

But regardless, you can configure different hosts (or engines, the lingo depends on which server you use) to listen on different ports. At the very least, Tomcat allows it, so I assume all commercial servers do as well, and probably the other open source servers, too.


Ping & DNS - my free Android networking tools app
cle tan
Ranch Hand

Joined: Jun 11, 2012
Posts: 68
Ulf Dittmer wrote:It is reasonable to trust the general internet population less than you would trust the folks coming from inside your network, but still: would you trust your internal users not to do anything untoward with your admin app? So you still need to protect it as Jeanne said. But security should happen in depth, so the further away you can can keep people from your admin app, the better.

But regardless, you can configure different hosts (or engines, the lingo depends on which server you use) to listen on different ports. At the very least, Tomcat allows it, so I assume all commercial servers do as well, and probably the other open source servers, too.


Ok, may I know as a guide on how to configure server.xml, I saw the documentation , tried to implement it , and was unsuccessful
Let's say I have admin folder in my webapps directory.

In server.xml

CATALINA_HOME and CATALINA_BASE have already set to apache tomcat directory.



I would like to know what should I put for the value of appBase if I only want admin folder to be deployed in port 3087?

everything seems to be deployed successfully, but when i entered https://localhost:3087/admin/file.html
I see a blank screen

I saw the logs but it doesn't tell me much


Also, may I know what is the mainstream method of forms authentication in jsp
j_security_check method of authentication(what tomcat manager uses) might not be safe as the password are stored in the file
using realm also might not be safe, as jdbc database password, is also stored in file.

What might be the safest method for authenticating? store username and password in a session and compare with the database whether the user should be allowed to access the page?
cle tan
Ranch Hand

Joined: Jun 11, 2012
Posts: 68
would like to know whether it is possible to host apps on diff ports which is similar to IIS
cle tan
Ranch Hand

Joined: Jun 11, 2012
Posts: 68
would like to know is it possible to host a webapp on a particular port

eg. webapp 1 host on 8080
webapp 2 host on 8081
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 15958
    
  19

If you are trying to "bump" your question, please don't. If/when someone knows an answer, they'll tell you.

Tomcat is actually a fairly generic container for network-based applications. While it is almost always used to host J2EE webapps, anyone who really wanted to could put just about anything into it. But that's not what we're interested in.

The point is, Tomcat has a modular architecture which allows various types of software components to be assembled to create a webapp server (among other things). This wiring-together is facilitated by the Tomcat server.xml file. You can find a lot of useful documentation in the prototype server.xml file and a lot more at http://tomcat.apache.org .

A Tomcat Server instance contains one or more Service instances bound to a set of service-related Connector elements. Each Connector element designates a port for the Service to listen on and designates what kind of traffic that port can handle. There are about 5 types of ports that Tomcat uses, but the two types of primary interest are the HTTP and HTTPS ports.

Each Service contains an Engine to manage request/response processing. J2EE processing is done by the StandardEngine.

Each Engine maintains 1 or more Hosts. The Host defines the VirtualHost, which is bound to a domain name on an incoming URL. Hosts contains Contexts, which are the individual webapps.

So, in short, the only way to get a webapp to respond on a different port than other webapps is either to A) run a completely separate Tomcat instance or B) Define a second Service/Connector/Engine component (which is NOT something done lightly).

j_security_check, incidentally, is a function of the security Realm and cannot function without a Realm. What Realm you use is up to you. The Tomcat Realms are quite secure, and that security is independent of whether you are using a distinct port or not.


Customer surveys are for companies who didn't pay proper attention to begin with.
cle tan
Ranch Hand

Joined: Jun 11, 2012
Posts: 68
I would like to know in connector what does the appBase mean?

So I would have to run 2 Tomcat instances to run 2 apps on different ports?
Is that the only solution?

I have one webapp for public access
and another webapp for local access.

Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 15958
    
  19

The standard Connector module does not have an appBase attribute.

Within a Tomcat Service component, you can listen on multiple ports, simply by defining multiple Connectors. But all ports dispatch to all applications. You cannot pick and choose what app listens to what port. Apps don't listen. Tomcat (the Service) does the listening. It receives the URL request and uses that to determine which application will service the request and doesn't care which port it came in on, only what app it's supposed to send it to.

So yes, if you want to reserve a specific port for a specific app, you either need to extensively customize Tomcat or run a separate instance of Tomcat.

As I said before, however Tomcat's security mechanisms are quite sufficient to reliably limit who can get at a sensitive app, regardless of what port it came in on. And they are a lot easier to configure.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Is it possible to host one webapp on a different port
 
Similar Threads
Simon, Kyle - help PLEASE!!!
2 different IPs, same port
Query regarding hosts file.
RMI Registry
InetAddress class