Apache Tomcat
From KevinWiki
Line 100: | Line 100: | ||
- | ===References=== | + | ==== References ==== |
http://linux-sxs.org/internet_serving/c140.html | http://linux-sxs.org/internet_serving/c140.html | ||
Line 108: | Line 108: | ||
http://www.jguru.com/faq/view.jsp?EID=425628 | http://www.jguru.com/faq/view.jsp?EID=425628 | ||
+ | |||
+ | |||
+ | |||
+ | === Configuration === | ||
+ | |||
+ | ==== Tomcat User Configuration ==== | ||
+ | * To create an encrypted password, | ||
+ | <pre> | ||
+ | $ cd /tomcat/bin | ||
+ | $ ./digest.sh -a SHA your_password | ||
+ | </pre> | ||
+ | |||
+ | your_password:'''564e340cd48437d2dfe876ee154cc99dc4d0d137''' | ||
+ | |||
+ | |||
+ | * Add a tomcat manager login info to the <code>/opt/tomcat/conf/tomcat-users.xml</code> file. | ||
+ | <pre> | ||
+ | $ vim /opt/tomcat/conf/tomcat-users.xml | ||
+ | </pre> | ||
+ | <source lang="xml"> | ||
+ | <?xml version='1.0' encoding='utf-8'?> | ||
+ | <tomcat-users> | ||
+ | <role rolename="manager"/> | ||
+ | <user username="managerid" password="564e340cd48437d2dfe876ee154cc99dc4d0d137" roles="manager"/> | ||
+ | </tomcat-users> | ||
+ | </source> | ||
+ | |||
+ | * Add the following Realm element in the <code>localhost</code> Host element | ||
+ | <pre> | ||
+ | <Realm className="org.apache.catalina.realm.MemoryRealm" digest="SHA" /> | ||
+ | </pre> | ||
+ | |||
+ | * So it should be like this. | ||
+ | <source lang="xml"> | ||
+ | <Host name="localhost" appBase="webapps" | ||
+ | unpackWARs="true" autoDeploy="true" | ||
+ | xmlValidation="false" xmlNamespaceAware="false"> | ||
+ | |||
+ | <Realm className="org.apache.catalina.realm.MemoryRealm" digest="SHA" /> | ||
+ | |||
+ | |||
+ | ... | ||
+ | |||
+ | </Host> | ||
+ | </source> | ||
+ | |||
+ | * Restart the tomcat server. | ||
Revision as of 16:08, 6 May 2009
Contents |
Apache Tomcat
Installation
-Download and extract the file
$ sudo tar -zxvf apache-tomcat-6.0.18.tar.gz
-create user tomcat
$ mkdir /opt/tomcat_user_home $ sudo useradd -d /opt/tomcat_user_home tomcat -s /bin/bash
$ sudo passwd tomcat Enter new UNIX password: Retype new UNIX password: passwd: password updated successfully
$ chown -R tomcat:tomcat /opt/tomcat_user_home
$ sudo chown -R tomcat:tomcat apache-tomcat-6.0.18
$ sudo ln -s apache-tomcat-6.0.18/ tomcat
-To run
$ su - tomcat Password: type tomcat password $ cd /opt/tomcat/bin /opt/tomcat/bin$ ./catalina.sh start
-To automatically start when the computer is boot.
$ sudo ln -s /opt/tomcat/bin/catalina.sh /etc/init.d/tomcat
-or it might be better to have a tomcat start and stop script with a proper $JAVA_HOME set.
To do this create tomcat.sh
file in the bin
directory. (Make sure that there is no tomcat.sh
in the bin
directory).
$ cd /opt/tomcat/bin $ vim tomcat.sh
#!/bin/sh export JAVA_HOME=/usr/lib/jvm/java-6-sun PRG="$0" while [ -h "$PRG" ]; do ls=`ls -ld "$PRG"` link=`expr "$ls" : '.*-> \(.*\)$'` if expr "$link" : '/.*' > /dev/null; then PRG="$link" else PRG=`dirname "$PRG"`/"$link" fi done # Get standard environment variables PRGDIR=`dirname "$PRG"` # Only set CATALINA_HOME if not already set [ -z "$CATALINA_HOME" ] && CATALINA_HOME=`cd "$PRGDIR/.." ; pwd` /bin/su tomcat $CATALINA_HOME/bin/catalina.sh $1
-Make it executable (This script does not require tomcat user login to run the tomcat server. Instead, It will ask the tomcat user password when running the script).
$ chmod a+x tomcat.sh
-put the symbolic link for the automatic start.
$ sudo ln -s /opt/tomcat/bin/tomcat.sh /etc/init.d/tomcat
$ sudo chmod 755 /etc/init.d/tomcat sudo ln -s /etc/init.d/tomcat /etc/rc0.d/K10tomcat sudo ln -s /etc/init.d/tomcat /etc/rc1.d/K10tomcat sudo ln -s /etc/init.d/tomcat /etc/rc2.d/S90tomcat sudo ln -s /etc/init.d/tomcat /etc/rc3.d/S90tomcat sudo ln -s /etc/init.d/tomcat /etc/rc4.d/S90tomcat sudo ln -s /etc/init.d/tomcat /etc/rc5.d/S90tomcat sudo ln -s /etc/init.d/tomcat /etc/rc6.d/K10tomcat
References
http://linux-sxs.org/internet_serving/c140.html
http://www.linux.org/docs/ldp/howto/MMBase-Inst-HOWTO/x321.html
http://www.howtogeek.com/howto/linux/installing-tomcat-6-on-ubuntu/
http://www.jguru.com/faq/view.jsp?EID=425628
Configuration
Tomcat User Configuration
- To create an encrypted password,
$ cd /tomcat/bin $ ./digest.sh -a SHA your_password
your_password:564e340cd48437d2dfe876ee154cc99dc4d0d137
- Add a tomcat manager login info to the
/opt/tomcat/conf/tomcat-users.xml
file.
$ vim /opt/tomcat/conf/tomcat-users.xml
<?xml version='1.0' encoding='utf-8'?> <tomcat-users> <role rolename="manager"/> <user username="managerid" password="564e340cd48437d2dfe876ee154cc99dc4d0d137" roles="manager"/> </tomcat-users>
- Add the following Realm element in the
localhost
Host element
<Realm className="org.apache.catalina.realm.MemoryRealm" digest="SHA" />
- So it should be like this.
<Host name="localhost" appBase="webapps" unpackWARs="true" autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false"> <Realm className="org.apache.catalina.realm.MemoryRealm" digest="SHA" /> ... </Host>
- Restart the tomcat server.
Forward Request from Apache Web Server to Tomcat
Using mod_jk
Installation
$ sudo apt-get install libapache2-mod-jk
- Assumption: Apache web server is already installed.
-Reload config
$ sudo /etc/init.d/apache2 force-reload
Configuration
-Check if mod_jk is enabled then edit /etc/apache2/mods-enabled/jk.load
LoadModule jk_module /usr/lib/apache2/modules/mod_jk.so JkWorkersFile /etc/apache2/workers.properties JkLogFile /var/log/apache2/mod_jk.log JkLogLevel debug JkLogStampFormat "[%a %b %d %H:%M:%S %Y] " JkMount /your_app worker1 JkMount /your_app/* worker1
-Create workers.properties
file in the /etc/apache2/
directory.
workers.tomcat_home=/opt/tomcat workers.java_home=/usr/lib/jvm/java-6-sun ps=/ worker.list=worker1 worker.worker1.port=8009 worker.worker1.host=localhost worker.worker1.type=ajp13 worker.worker1.lbfactor=1
-Restart Apache
$ sudo /etc/init.d/apache2 restart
-Now run Tomcat and test it
go to http://localhost/your_app
- If a virtual host should handle the request, set
JkMount
,JkUnMount
andJkMountfile
in the virtual host.
<VirtualHost *:80> ... JkMount /myapp worker1 JkMount /myapp/* worker1 </VirtualHost>
References
http://ubuntuforums.org/showthread.php?t=219985
http://tomcat.apache.org/connectors-doc/index.html
http://tomcat.apache.org/connectors-doc/reference/uriworkermap.html
http://tomcat.apache.org/connectors-doc/webserver_howto/apache.html
http://tomcat.apache.org/connectors-doc/reference/apache.html
http://tomcat.apache.org/connectors-doc/reference/workers.html
http://swik.net/Tomcat+Apache?popular
Link Sub-domain Directly to Application
Using mod_jk
- Open the
workers.properties
file in the/etc/apache2
directory. - Add another
worker
information.
workers.tomcat_home=/opt/tomcat workers.java_home=/usr/lib/jvm/java-6-sun ps=/ worker.list=worker1,worker2 worker.worker1.port=8009 worker.worker1.host=localhost worker.worker1.type=ajp13 worker.worker1.lbfactor=1 worker.worker2.port=8009 worker.worker2.host=subdomain.yourdomain.com worker.worker2.type=ajp13 worker.worker2.lbfactor=1
- Set up
JkMount
in the apache virtual host configuration.
<VirtualHost *:80> ServerAdmin master@yourdomain.com ServerName subdomain.yourdomain.com JkMount / worker2 JkMount /* worker2 </VirtualHost>
- Open the
$CATALINA_HOME/conf/server.xml
file to set up a tomcat virtual host. - Add a new virtual host info inside the
Engine
element.
<Engine name="Catalina" defaultHost="localhost"> ... Default Host Info ... <Host name="subdomain.yourdomain.com" appBase="webapps" unpackWARs="true" autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false"> <Context path="" docBase="application_path" debug="0" reloadable="true" /> </Host> </Engine>
- The
application_path
must exist in the$CATALINA_HOME/webapps
directory.
$CATALINA_HOME/webapps/application_path
- Restart tomcat and apache.
$ /etc/init.d/tomcat stop $ /etc/init.d/tomcat start $ /etc/init.d/apache restart
- access http://subdomain.yourdomain.com.
Realm Configuration
<Resource name="jdbc/eVideoDataSource" auth="Container" type="javax.sql.DataSource" maxActive="2" maxIdle="1" maxWait="180" username="userId" password="password" driverClassName="com.mysql.jdbc.Driver" url="jdbc:mysql://localhost:3306/db_name?autoReconnect=true"/> <Realm className="org.apache.catalina.realm.DataSourceRealm" debug="99" dataSourceName="jdbc/eVideoDataSource" localDataSource="true" userTable="login" userNameCol="username" userCredCol="password" digest="SHA-1" userRoleTable="user_roles" roleNameCol="role_name" allRolesMode="strict" />
allRolesMode attribute can be one of "strict" or "authOnly" or "strictAuthOnly". If there is no allRolesMode specified, it will be "strict" by default.
-The following is the part of RealmBase class source code from the Apache Tomcat server 5.5.25.
/** * Use the strict servlet spec interpretation which requires that the user * have one of the web-app/security-role/role-name */ public static final AllRolesMode STRICT_MODE = new AllRolesMode("strict"); /** * Allow any authenticated user */ public static final AllRolesMode AUTH_ONLY_MODE = new AllRolesMode("authOnly"); /** * Allow any authenticated user only if there are no web-app/security-roles */ public static final AllRolesMode STRICT_AUTH_ONLY_MODE = new AllRolesMode("strictAuthOnly");