The prefered way to configure Wildfly 10.0.0 Final to listen on port 80 on Ubuntu 14.04.4 LTS

jbossubuntu-14.04

I'd installed Wildfly 10.0.0 Final on Ubuntu 14.04.4 LTS using this script.

Everything looks working fine.

My problem is that wildfly is listenning on port 28080 (script installation default) and I can change to 8080 updating standalone.xml.
But I'd like wildfly listenning on port 80, but changing the standalone.xml to use port 80 not works.

Looks like only root can listen on ports lower than 1024, so, the question is, what is the preferred way to configure Wildfly on Ubuntu servers to listening on port 80?

I have tried to use nginx and works, but the strange is that some files, like the css of the jboss default home page, cannot be found.

Best Answer

The JBoss wiki on developer.jboss.org lists a fairly comprehensive list of options which are likely also valid for Wildfly; essentially variations of:

  • Keep the application server on an unpriviliged port and use something that does listen on the privileged port to forward requests to that port:
    • i.e. a Reverse Proxy or load balancer
    • i.e. configure Port forwarding

Those two seem the most common options and quite preferred.

Alternatives are:

  • Start the application server as root to bind to the privileged port (not really secure and a Bad IdeaTM)
  • Start the application server as root to bind to the privileged port and then drop privileges and run as unprivileged regular user, for which I haven't readily found documented support.

And last but not least my personal favourite:

  • Use setcap to allow the java binary itself the capability to bind to privileged ports, without the requirement to be running as root:

    sudo setcap 'cap_net_bind_service=+ep' /path/to/jre/bin/java

The only disadvantage is that doing that is slightly obscure, but you don't have any external dependancies to your application either.

Related Topic