How do I start JBoss on a privileged port?

Question

How do I start JBoss on a privileged port? I want to use port 80 instead of port 8080 (or alternatively, port 443 instead of port 8443). I can change the appropriate configuration files (jboss-web.deployer/server.xml) to change the port that is used, but then I cannot start the server because these are privileged ports. I could run JBoss as root, but I do not feel that that is a secure action to take. I understand that Apache has some mechanism to start as root, bind the privileged ports that will be used, and then switch to a different user. Can JBoss do this? Are there other ways to achieve this?

Will I face the same issue on Windows?

Answer 1

This is actually an open ticket in JBoss' JIRA. You can see it here.

Straight from the ticket:

"Many customers want to run JBoss Web on port 80 without running JBoss as root for security reasons. This is usually achieved by fronting JBoss with Apache & using mod_jk to proxy to JBoss or doing NAT on the machine. It would be nice if JBoss could be started as root but have configuration that would change to a non-root user after it has opened the ports such as port 80 for jboss-web, such as Apache and other app servers do. Some customers run on several different operating systems and would like to do this at the JBoss level so they don't have to configure each machine differently."