On Unix based system (Linux, Solaris ..), only super user (root) can start any process on port <= 1024 . From security reasons its is not desirable to run WebLogic server as root user. Solution is to start WebLogic process as root (bind on port 80, 443) and then switch process to non privileged user like oraweblogic or nobody.
This is done by setting four properties in WebLogic –
weblogic.system.enableSetUID (Set User ID)
weblogic.system.enableSetGID (Set Group ID)
weblogic.system.nonPrivUser(Non privledged user)
weblogic.system.nonPrivGroup(Non privledged Group)
1. By setting value of enableSetUID to true; you are instructing weblogic server to switch from ROOT(after starting weblogic server on port 80, 443 or <=1024) to lower privileged user.
2. Value assigned to nonPrivUser will be used to own weblogic server process, once its been started by superuser in port <= 1024
3. Ensure that lower privileged user should have proper access (read, write or both depending on type of type) on files (log, classes..) required by weblogic server.
4. If you wish to start and access weblogic server on both SSL (443) and non SSL (80); you need to define two Listen Port.
How to start WebLogic Server on port 80 or 443 on Linux/Unix
1. Login to Administration Server Console using
2. Define new Linux machine from Administration console
Under Domain Structure >> Environment >> Machines >> New
3. Enter Name of Machine (Machine1) & Machine OS (Unix) and click on OK
4. Click on machine (Machine1) which you created above
5. Select “Enable Post-Bind UID” and enter Post-Bind UID
Select “Enable Post-Bind GID” and enter Post-Bind GID
In my case oraweblogic is operating system user on machine1 and dba is group of oraweblogic owning WebLogic installation/software.
6. Set Listen Port
Domain Structure >> Environment >> Servers >> (Select your Managed Server)
Set Listen port to 80 or 443 for respective Managed Server (Linux/Unix, for which you need to start Server on 443 or 80) and attach Machine (Machine1) you created above
7. Depending on setting on Admin Console you may have to activate changes from Change Center (In my case changes take into effect immediately)