Last updated: February 24, 2023
By default, Apache Tomcat runs on port 8080. In some cases, this port may already be taken by another process, or requirements may state that we have to use a different port.
In this quick article, we’re going to show how to change the Apache Tomcat server’s HTTP port. We’ll use port 80 in our examples, although the process is the same for any port.
The first step in this process is to modify the Apache Tomcat configuration.
First, we locate our server’s <TOMCAT_HOME>/conf/server.xml file. Then we find the line that configures the HTTP connector port:
<Connector connectionTimeout="20000" port="8080" protocol="HTTP/1.1" redirectPort="8443"/>And we change the port to 80:
<Connector connectionTimeout="20000" port="80" protocol="HTTP/1.1" redirectPort="8443"/>On Linux and Unix systems, port numbers below 1024 are privileged ports and are reserved for programs running as root. If we’re running on port 1024 or higher, then we can skip the remainder of this section and move directly to starting/restarting our server as explained in section 4.
If we have root or sudo access, we can simply start the Tomcat process as root using the command:
$ sudo startup.shBut if we do not have root or sudo access, we’ll get the following error:
java.net.BindException: Permission denied (Bind failed) <null>:80In order to resolve this error, we’ll have to install and configure authbind, as described below.
Note: when using a non-privileged port (1024 or higher), we can skip the remainder of this section and move directly to starting/restarting our server.
For Linux-based systems (Debian): we can download and install the authbind package:
$ sudo apt-get install authbindFor MacOS systems: first, we need to download authbind for MacOS from here and expand the package. Then, we can go into the expanded directory to build and install:
$ cd MacOSX-authbind
$ make
$ sudo make installNow we’ll need to execute a few commands to enable read and execute permissions for the port.
Here’s an example using Tomcat version 9.x:
$ sudo touch /etc/authbind/byport/80
$ sudo chmod 500 /etc/authbind/byport/80
$ sudo chown <user> /etc/authbind/byport/80We’ll replace <user> with the user that we’re running Tomcat as.
We need to configure the Tomcat server to use authbind when we start it up. To do that, we open the <TOMCAT_HOME>/bin/startup.sh file and replace the following line:
exec "$PRGDIR"/"$EXECUTABLE" start "$@"with this line:
exec authbind --deep "$PRGDIR"/"$EXECUTABLE" start "$@"If using an older authbind (version lower than 2.0.0) that does not support IPv6, we’ll need to make IPv4 the default. Therefore, we create the <TOMCAT_HOME>/bin/setenv.sh file and add the following option to it:
export CATALINA_OPTS="$CATALINA_OPTS -Djava.net.preferIPv4Stack=true"Now as we have made all necessary changes to our configuration, we can start or restart the Tomcat server and access it on port 80.
In this article, we showed how to change Apache Tomcat’s port from the default 8080 to port 80. It’s worth noting that the process is the same for Tomcat versions 6.x, 7.x, and 8.x.
