Apache Tomcat

From KevinWiki

(Difference between revisions)
Jump to: navigation, search
Line 100: Line 100:
-
===References===
+
==== References ====
http://linux-sxs.org/internet_serving/c140.html
http://linux-sxs.org/internet_serving/c140.html
Line 108: Line 108:
http://www.jguru.com/faq/view.jsp?EID=425628
http://www.jguru.com/faq/view.jsp?EID=425628
 +
 +
 +
 +
=== Configuration ===
 +
 +
==== Tomcat User Configuration ====
 +
* To create an encrypted password,
 +
<pre>
 +
$ cd /tomcat/bin
 +
$ ./digest.sh -a SHA your_password
 +
</pre>
 +
 +
your_password:'''564e340cd48437d2dfe876ee154cc99dc4d0d137'''
 +
 +
 +
* Add a tomcat manager login info to the <code>/opt/tomcat/conf/tomcat-users.xml</code> file.
 +
<pre>
 +
$ vim /opt/tomcat/conf/tomcat-users.xml
 +
</pre>
 +
<source lang="xml">
 +
<?xml version='1.0' encoding='utf-8'?>
 +
<tomcat-users>
 +
  <role rolename="manager"/>
 +
  <user username="managerid" password="564e340cd48437d2dfe876ee154cc99dc4d0d137" roles="manager"/>
 +
</tomcat-users>
 +
</source>
 +
 +
* Add the following Realm element in the <code>localhost</code> Host element
 +
<pre>
 +
<Realm className="org.apache.catalina.realm.MemoryRealm" digest="SHA" />
 +
</pre>
 +
 +
* So it should be like this.
 +
<source lang="xml">
 +
      <Host name="localhost"  appBase="webapps"
 +
            unpackWARs="true" autoDeploy="true"
 +
            xmlValidation="false" xmlNamespaceAware="false">
 +
 +
      <Realm className="org.apache.catalina.realm.MemoryRealm" digest="SHA" />
 +
 +
     
 +
      ...
 +
     
 +
      </Host>
 +
</source>
 +
 +
* Restart the tomcat server.

Revision as of 16:08, 6 May 2009

Contents

Apache Tomcat

Installation

-Download and extract the file

$ sudo tar -zxvf apache-tomcat-6.0.18.tar.gz 

-create user tomcat

$ mkdir /opt/tomcat_user_home 
$ sudo useradd -d /opt/tomcat_user_home tomcat -s /bin/bash 
$ sudo passwd tomcat 

Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
$ chown -R tomcat:tomcat /opt/tomcat_user_home 
$ sudo chown -R tomcat:tomcat apache-tomcat-6.0.18 
$ sudo ln -s apache-tomcat-6.0.18/ tomcat 

-To run

$ su - tomcat 
Password: type tomcat password
$ cd /opt/tomcat/bin 
/opt/tomcat/bin$ ./catalina.sh start


-To automatically start when the computer is boot.

$ sudo ln -s /opt/tomcat/bin/catalina.sh /etc/init.d/tomcat 

-or it might be better to have a tomcat start and stop script with a proper $JAVA_HOME set. To do this create tomcat.sh file in the bin directory. (Make sure that there is no tomcat.sh in the bin directory).

$ cd /opt/tomcat/bin 
$ vim tomcat.sh 
#!/bin/sh

export JAVA_HOME=/usr/lib/jvm/java-6-sun

PRG="$0"

while [ -h "$PRG" ]; do
  ls=`ls -ld "$PRG"`
  link=`expr "$ls" : '.*-> \(.*\)$'`
  if expr "$link" : '/.*' > /dev/null; then
    PRG="$link"
  else
    PRG=`dirname "$PRG"`/"$link"
  fi
done

# Get standard environment variables
PRGDIR=`dirname "$PRG"`

# Only set CATALINA_HOME if not already set
[ -z "$CATALINA_HOME" ] && CATALINA_HOME=`cd "$PRGDIR/.." ; pwd`

/bin/su tomcat $CATALINA_HOME/bin/catalina.sh $1

-Make it executable (This script does not require tomcat user login to run the tomcat server. Instead, It will ask the tomcat user password when running the script).

$ chmod a+x tomcat.sh 

-put the symbolic link for the automatic start.

$ sudo ln -s /opt/tomcat/bin/tomcat.sh /etc/init.d/tomcat 
$ sudo chmod 755 /etc/init.d/tomcat 

sudo ln -s /etc/init.d/tomcat /etc/rc0.d/K10tomcat 
sudo ln -s /etc/init.d/tomcat /etc/rc1.d/K10tomcat 
sudo ln -s /etc/init.d/tomcat /etc/rc2.d/S90tomcat 
sudo ln -s /etc/init.d/tomcat /etc/rc3.d/S90tomcat 
sudo ln -s /etc/init.d/tomcat /etc/rc4.d/S90tomcat 
sudo ln -s /etc/init.d/tomcat /etc/rc5.d/S90tomcat 
sudo ln -s /etc/init.d/tomcat /etc/rc6.d/K10tomcat 


References

http://linux-sxs.org/internet_serving/c140.html

http://www.linux.org/docs/ldp/howto/MMBase-Inst-HOWTO/x321.html

http://www.howtogeek.com/howto/linux/installing-tomcat-6-on-ubuntu/

http://www.jguru.com/faq/view.jsp?EID=425628


Configuration

Tomcat User Configuration

  • To create an encrypted password,
$ cd /tomcat/bin 
$ ./digest.sh -a SHA your_password 
your_password:564e340cd48437d2dfe876ee154cc99dc4d0d137


  • Add a tomcat manager login info to the /opt/tomcat/conf/tomcat-users.xml file.
$ vim /opt/tomcat/conf/tomcat-users.xml 
<?xml version='1.0' encoding='utf-8'?>
<tomcat-users>
  <role rolename="manager"/>
  <user username="managerid" password="564e340cd48437d2dfe876ee154cc99dc4d0d137" roles="manager"/>
</tomcat-users>
  • Add the following Realm element in the localhost Host element
<Realm className="org.apache.catalina.realm.MemoryRealm" digest="SHA" />
  • So it should be like this.
      <Host name="localhost"  appBase="webapps"
            unpackWARs="true" autoDeploy="true"
            xmlValidation="false" xmlNamespaceAware="false">
 
      <Realm className="org.apache.catalina.realm.MemoryRealm" digest="SHA" />
 
 
      ...
 
      </Host>
  • Restart the tomcat server.


Forward Request from Apache Web Server to Tomcat

Using mod_jk

Installation

$ sudo apt-get install libapache2-mod-jk 
  • Assumption: Apache web server is already installed.

-Reload config

$ sudo /etc/init.d/apache2 force-reload 

Configuration

-Check if mod_jk is enabled then edit /etc/apache2/mods-enabled/jk.load

LoadModule jk_module /usr/lib/apache2/modules/mod_jk.so

JkWorkersFile /etc/apache2/workers.properties
JkLogFile /var/log/apache2/mod_jk.log
JkLogLevel debug
JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "

JkMount /your_app worker1
JkMount /your_app/* worker1

-Create workers.properties file in the /etc/apache2/ directory.

workers.tomcat_home=/opt/tomcat
workers.java_home=/usr/lib/jvm/java-6-sun
ps=/
worker.list=worker1
worker.worker1.port=8009
worker.worker1.host=localhost
worker.worker1.type=ajp13
worker.worker1.lbfactor=1

-Restart Apache

$ sudo /etc/init.d/apache2 restart 

-Now run Tomcat and test it

go to 
http://localhost/your_app


  • If a virtual host should handle the request, set JkMount, JkUnMount and JkMountfile in the virtual host.
<VirtualHost *:80>
    ...

    JkMount /myapp worker1
    JkMount /myapp/* worker1
</VirtualHost>


References

http://ubuntuforums.org/showthread.php?t=219985

http://tomcat.apache.org/connectors-doc/index.html

http://tomcat.apache.org/connectors-doc/reference/uriworkermap.html

http://tomcat.apache.org/connectors-doc/webserver_howto/apache.html

http://tomcat.apache.org/connectors-doc/reference/apache.html

http://tomcat.apache.org/connectors-doc/reference/workers.html

http://swik.net/Tomcat+Apache?popular


Link Sub-domain Directly to Application

Using mod_jk

  • Open the workers.properties file in the /etc/apache2 directory.
  • Add another worker information.
workers.tomcat_home=/opt/tomcat
workers.java_home=/usr/lib/jvm/java-6-sun
ps=/
worker.list=worker1,worker2
worker.worker1.port=8009
worker.worker1.host=localhost
worker.worker1.type=ajp13
worker.worker1.lbfactor=1
worker.worker2.port=8009
worker.worker2.host=subdomain.yourdomain.com
worker.worker2.type=ajp13
worker.worker2.lbfactor=1
  • Set up JkMount in the apache virtual host configuration.
<VirtualHost *:80>
    ServerAdmin master@yourdomain.com

    ServerName subdomain.yourdomain.com

    JkMount / worker2
    JkMount /* worker2

</VirtualHost>
  • Open the $CATALINA_HOME/conf/server.xml file to set up a tomcat virtual host.
  • Add a new virtual host info inside the Engine element.
    <Engine name="Catalina" defaultHost="localhost">
      ... Default Host Info ...
 
      <Host name="subdomain.yourdomain.com" appBase="webapps"
            unpackWARs="true" autoDeploy="true"
            xmlValidation="false" xmlNamespaceAware="false">
          <Context path="" docBase="application_path" debug="0" reloadable="true" />
      </Host>
    </Engine>
  • The application_path must exist in the $CATALINA_HOME/webapps directory.
$CATALINA_HOME/webapps/application_path
  • Restart tomcat and apache.
$ /etc/init.d/tomcat stop 
$ /etc/init.d/tomcat start 
$ /etc/init.d/apache restart 


Realm Configuration

    <Resource name="jdbc/eVideoDataSource" auth="Container" type="javax.sql.DataSource"
     maxActive="2" maxIdle="1" maxWait="180"
     username="userId" password="password" driverClassName="com.mysql.jdbc.Driver"
     url="jdbc:mysql://localhost:3306/db_name?autoReconnect=true"/>
 
 
    <Realm className="org.apache.catalina.realm.DataSourceRealm" debug="99" 
	dataSourceName="jdbc/eVideoDataSource" localDataSource="true"
	userTable="login" userNameCol="username" userCredCol="password" digest="SHA-1" 
	userRoleTable="user_roles" roleNameCol="role_name" allRolesMode="strict" />

allRolesMode attribute can be one of "strict" or "authOnly" or "strictAuthOnly". If there is no allRolesMode specified, it will be "strict" by default.


-The following is the part of RealmBase class source code from the Apache Tomcat server 5.5.25.

        /**
         * Use the strict servlet spec interpretation which requires that the user
         * have one of the web-app/security-role/role-name 
         */
        public static final AllRolesMode STRICT_MODE = new AllRolesMode("strict");
        /**
         * Allow any authenticated user
         */
        public static final AllRolesMode AUTH_ONLY_MODE = new AllRolesMode("authOnly");
        /**
         * Allow any authenticated user only if there are no web-app/security-roles
         */
        public static final AllRolesMode STRICT_AUTH_ONLY_MODE = new AllRolesMode("strictAuthOnly");
Personal tools