Instructions on running jetty so that externally it serves ports 80 and 443
yet it runs internally under non-root on ports 8080 and 8443.

These instructions work on Suse Linux 7.3.

They will only work if you don't use the old 'ipchains' at the same time
(e.g. no older firewalls - upgrade them to iptables-compatible versions)

You need to decide on the user who is to run jetty. 

I have used 'admin'. 

Substitute your own choice in the instructions below.

As root:

1) remove the .sh suffixes and Put the two associated shellscript files 'jetty' and 'iptables' into /etc/rc.d


2) Make  /etc/rc.d/jetty owned and executable by 'admin' using:

chown admin /etc/rc.d/jetty
chmod ?+x /etc/rc.d/jetty

Where '?' is one of the three characters below, which will
set the policy on who can stop and start Jetty (see (7) below):
Replace ? by 'u' if only root and your selected JAVA_USER are allowed control,
By 'g' if members of the JAVA_USER's group mat start and stop jetty
or by 'a' if all users may start and stop jetty.


3) Comment out the obvious two lines in 'iptables' 
	if you do not want port 443 activated

4) Edit the 'jetty' file to change the line 'set JETTY_USER=admin'
to replace 'admin' by the name of the user who is to run jetty

Also edit the three
CLASSPATH
JETTY_HOME
and
JAVA_HOME
values to match your installation.

These are needed here because this script is called during the boot process
before normal user environment variable settings have been made.

5) Create a directory /etc/init.d/boot.d if it does not exist,

6) Make 5 links by executing the following:

ln -s /etc/init.d/iptables /etc/init.d/boot.d/S30iptables
ln -s /etc/init.d/jetty /etc/init.d/rc3.d/K01jetty
ln -s /etc/init.d/jetty /etc/init.d/rc3.d/S22jetty
ln -s /etc/init.d/jetty /etc/init.d/rc5.d/K01jetty
ln -s /etc/init.d/jetty /etc/init.d/rc5.d/S22jetty



7) First time: execute

/etc/init.d/boot

to start iptables.

It will automatically execute on subsequent reboots.


You can now come out of root.

8) To manually start / stop jetty at any time execute one of:

/etc/init.d/jetty start
/etc/init.d/jetty stop
/etc/init.d/jetty restart

If you are logged in as your selected JETTY_USER or a root these should just execute.
If you are logged in as anyone else (within the authorities set in step (2) above it will prompt 
for the password for JETTY_USER (twice if restarting).

Jetty will automatically start and stop as the machine boots and powers down. 
(strictly speaking: as it enters or exits either of run states 3 or 5).


In 'iptables' the echo lines and the line reading
ipchains -t NAT -L
are purely to give comforting log traces while booting.
They can be removed or commented out.



Comments, errors, improvements to
chris@harvington.org.uk

Chris Haynes
V1.1 
19 May 2002 


v1.1 Changes: 
a) Described how to determine stop/start/restart policy in points (2) and (8)
b) Corrected typos in (8) and paragraph on log traces.



