Home Ask Login Register

Developers Planet

Your answer is one click away!

devd February 2016

How to start jetty on port 80 as root from embedded jetty?

I am trying to start the https port 443 as root then downgrade to non-root user using embedded jetty. I gone through the https://www.eclipse.org/jetty/documentation/current/setting-port80-access.html#configuring-jetty-setuid-feature but didn't get any solution how to do it from java program.

This is the embedded jetty code :

package com.jetty.startup;

import java.io.File;

import java.util.ArrayList;
import java.util.List;

import org.eclipse.jetty.server.Connector;
import org.eclipse.jetty.server.Handler;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.handler.ContextHandlerCollection;
import org.eclipse.jetty.util.ssl.SslContextFactory;
import org.eclipse.jetty.webapp.WebAppContext;

import org.eclipse.jetty.annotations.ServletContainerInitializersStarter;
import org.eclipse.jetty.apache.jsp.JettyJasperInitializer;
import org.eclipse.jetty.plus.annotation.ContainerInitializer;

import org.eclipse.jetty.server.ServerConnector;
import org.eclipse.jetty.server.HttpConfiguration;
import org.eclipse.jetty.server.HttpConnectionFactory;
import org.eclipse.jetty.server.SslConnectionFactory;
import org.eclipse.jetty.server.SecureRequestCustomizer;

import org.apache.log4j.Logger;

import org.eclipse.jetty.setuid.*;

 * Handles Webapp server's serviice
class MyServer {
   private static Logger logger = Logger.getLogger(MyServer.class);

   private static Server server;
   private String jettyHome;

    * Creates an instance of {@link MyServer}
    * @param jettyHome
    *            jetty home path
    public MyServer(String jettyHome) {
       this.jettyHome = jettyHome;

     * Initializes Webapp server:
    public Server init() throws Exception {
      server = new Server();

      int httpsPort = 443;



Joakim Erdfelt February 2016

This is ultimately a OS permissions issue, and you'll need a way to work around that.

This means any solution you come up with will also be OS specific

One example is to use the jetty-setuid-java artifact, and appropriate jetty-setuid-native library to accomplish this.

Make sure you fully understand how setuid functions on your desired OS before starting this effort

As for enabling the jetty setuid specific pieces, you can either use the XmlConfiguration to inject the appropriate lifecycle listener into your Server, or you can do it entirely in code.

See the Jetty Distribution's etc/jetty-setuid.xml for help.

<?xml version="1.0"?>
<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN"

<!-- ================================================================ -->
<!-- Configure the Jetty SetUIDListener                                -->
<!-- ================================================================ -->
<Configure id="Server" class="org.eclipse.jetty.server.Server">

  <Call name="addLifeCycleListener">
      <New class="org.eclipse.jetty.setuid.SetUIDL 

Post Status

Asked in February 2016
Viewed 2,824 times
Voted 14
Answered 1 times


Leave an answer

Quote of the day: live life

Devs Planet ®

2014-2016 www.devsplanet.com

Devs Planet © all rights reserved