Hyland Community
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Nuxeo and authbind?

Go to answer
mmurayama_Muray
Confirmed Champ
Confirmed Champ

‎09-26-2013 06:00 PM

Nuxeo-Platform version: 5.7.3 Fasttrack

Server OS: Ubuntu 13.04

I am trying to bind Nuxeo to port 80 instead of 8080. In Ubuntu, a "user", in this case the nuxeo user, is not able to bind to ports lower than 1024. Enter the program authbind. I have authbind configured to allow nuxeo on port 80, however, even when I change the /etc/nuxeo/nuxeo.conf file from 8080 to 80 and it still fails to start.

I did find a few references about tomcat and having the parameter "authbind=yes" set in the config file. I added authbind=yes to the nuxeo.conf and it still fails to start.

Question, can I bind nuxeo to port 80 using authbind or some other method? Thank you.

0 Kudos
1 ACCEPTED ANSWER

Go to answer
OlivierM_
Star Contributor
Star Contributor

‎09-26-2013 06:35 PM

Usually, in such cases, people use two different solutions :

  • they either use some kind of reverse-proxy (Apache or Nginx) in front of Nuxeo, listening on 80 and connecting to 8080. It's especially useful if you need to interoperate with other kind of services (like SSO-systems, cache, etc.). Since this reverse-proxy runs (or at least starts) as root, it has no problem running on 80.
  • or they use a simple iptables-based redirection, so that every request to 80 goes instead to 8080. This is a much more simple setup, where you won't be able to do clever stuff on your incoming flow. But it's much lighter on resources.

View answer in original post

3 REPLIES 3

Go to answer
OlivierM_
Star Contributor
Star Contributor

‎09-26-2013 06:35 PM

Usually, in such cases, people use two different solutions :

  • they either use some kind of reverse-proxy (Apache or Nginx) in front of Nuxeo, listening on 80 and connecting to 8080. It's especially useful if you need to interoperate with other kind of services (like SSO-systems, cache, etc.). Since this reverse-proxy runs (or at least starts) as root, it has no problem running on 80.
  • or they use a simple iptables-based redirection, so that every request to 80 goes instead to 8080. This is a much more simple setup, where you won't be able to do clever stuff on your incoming flow. But it's much lighter on resources.

Go to answer
mmurayama_Muray
Confirmed Champ
Confirmed Champ
In response to OlivierM_

‎09-26-2013 07:23 PM

I kinda came to that same conclusion, so it was off to iptables. For future reference for anyone else, you need to install iptables-persistent for this to work. Here are the commands for Ubuntu 13.04. Remember to run these are root.

0 Kudos

Go to answer
Julien_Carsique
Elite Collaborator
Elite Collaborator

‎09-27-2013 07:08 AM

authbind is not a valid parameter for nuxeo.conf. If you need to change the Tomcat configuration more than what is provided by the Nuxeo parameters, then you must create a configuration template providing your own server.xml template file for instance.

0 Kudos
Getting started

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2025 Khoros, LLC
li.common.scroll-to.top