Hi,

I'm looking for configuration and setup guidance when using port 443 for https on linux. As far as I know there are three
options (unless we include running tomcat as root which gives us four...):
Using a proxy in front of IDA
Port forwarding
A daemon such as apache jsvc: https://commons.apache.org/proper/co...emon/jsvc.html

Initially (we talk 4.02 and versions prior to that) we used port redirection which made it possible to initially access tomcat
on 443. With the introduction of OSP and federation (OSP using an external IDP) we changed to jsvc since that gives a "clean"
setup and port 443 is used both in the backend and in configuration (like the forward address in the federation).

This have worked like a charm but since IDM4.6 we have problems with jsvc:
* We cant add or modify links on the landing page (old and new landing page). We get and error like "Invlaid image....".
* We can't add logotype to the custom branding available in 4.6.

It is 100% re-producable and without jsvc it works. We tried to open a SR but it was closed immediately saying it is jsvc's fault...

That lead us to going back to port forwarding but since federation with OSP requires that both backend and configuration uses
port 443 redirection isn't and option. Now port forwarding with iptables is in conflict with SuseFirewall2 (ScorpionSting wrote
an excellent article on the matter: https://www.netiq.com/communities/co...-pat-firewall/ ).

So question is; How do you get IDA up and running on port 443, with federation, with firewall and without running as root?

Best regards,
Tobias