S
SecondPhase
Guest
Manual Tomcat Config
Here are some tips to manually configure tomcat. There is a tomcat admin tool you can start up that may provide more options for you in addition to the Plesk war upload. I haven't used those methods however.
This assumes Tomcat 4.1 which is what is the std distribution now.. i use 5.x elsewhere but have not upgraded my psa system yet, right now 4.1 is adequate for my needs and already installed and working.
To manually set up tomcat you will need to edit config files located in /etc/tomcat4 These files are in XML format so be familiar with that or carefully match the way the examples look. <!-- --> are comments like HTML.
web.xml -- contains options
server.xml -- defines your virtual hosts and directories..
catalina.policy -- optionally open security permissions
There isn't that much you probably need to change in web.xml I add home.jsp to the default welcome-file-list. You can review the other options available.
In server.xml you need to define a Host in the correct place in the file which defines the virtual domain and the physical web hosting directory.
For my purposes i like to share my JSP directory with Apache dir for the domain but they do not have to be in the place.. A WEB-INF folder under the home for JSP will be where you put classes and jars for the site (domain specific).
Here's an example server.xml.
<Server port="8005" shutdown="SHUTDOWN" debug="0">
<!-- Define an Apache-Connector Service -->
<Service name="Tomcat-Apache">
<!-- Define a Coyote/JK2 AJP 1.3 Connector on port 8009 -->
<Connector className="org.apache.coyote.tomcat4.CoyoteConnector"
port="8009" minProcessors="5" maxProcessors="75"
enableLookups="true" redirectPort="8443"
acceptCount="10" debug="0" connectionTimeout="20000"
useURIValidationHack="false"
protocolHandlerClassName="org.apache.jk.server.JkCoyoteHandler"/>
<Engine name="Apache" defaultHost="www.default.net" debug="0">
<Logger className="org.apache.catalina.logger.FileLogger"
prefix="apache_log." suffix=".txt" debug="0"
timestamp="true"/>
<!-- Access log processes all requests for this virtual host. -->
<Valve className="org.apache.catalina.valves.AccessLogValve"
directory="logs" prefix="tomcat_log." suffix=".txt"
pattern="common" resolveHosts="false"/>
<Host name="default.net" debug="0"
appBase="/var/www/vhosts/default.net/httpdocs"
unpackWARs="false" autoDeploy="true">
<Alias>www.default.net</Alias>
<Context path="" docBase="" debug="0"/>
<Valve className="org.apache.catalina.valves.AccessLogValve"
directory="logs" prefix="default_access." suffix=".log"
pattern="common" resolveHosts="false" debug="0"/>
</Host>
<Host name="domain2.com" debug="0"
appBase="/var/www/vhosts/domain2.com/httpdocs"
unpackWARs="false" autoDeploy="true">
<Alias>www.domain2.com</Alias>
<Context path="" docBase="" debug="0"/>
<Valve className="org.apache.catalina.valves.AccessLogValve"
directory="logs" prefix="domain2_access." suffix=".log"
pattern="common" resolveHosts="false"/>
</Host>
<Host name="sub1.domain2.com" debug="0"
appBase="/var/www/vhosts/domain2.com/subdomains/sub1/httpdocs"
unpackWARs="false" autoDeploy="true">
<Context path="" docBase="" debug="0"/>
<Valve className="org.apache.catalina.valves.AccessLogValve"
directory="logs" prefix="sub1_access." suffix=".log"
pattern="common" resolveHosts="false"/>
</Host>
</Engine>
</Service>
</Server>
Each Host tag defines another Virtual Domain (or sub-domain). The posting window lost all the indenting so sorry it's harder to read the file this way.
the other optional thing to do is to carefully open up security permissions by editing catalina.policy file.
Look for the section titled WEB APPLICATION PERMISSIONS
this section contains a:
grant {
permission java.xxxxx
permission java.xxxxx
etc..
}
These are fairly restrictive, they don't let one write files or connect to the mail server process, etc. for good reason. you can either open up permissions on a site by site basis or Jar file basis as documented in this file or see Tomcat docs online. If you have a secure development environment with trusted users.. you can add the line:
permission java.security.AllPermission;
here. only as much damage as the tomcat4 process user can be done to the system i suppose in this case
restart tomcat after making config changes with (fedora 2 core):
/etc/init.d/tomcat4 restart
check the log files at:
/var/log/tomcat4 to see how well it is working and to monitor System.out.println() in JSP files..
Good luck.
Here are some tips to manually configure tomcat. There is a tomcat admin tool you can start up that may provide more options for you in addition to the Plesk war upload. I haven't used those methods however.
This assumes Tomcat 4.1 which is what is the std distribution now.. i use 5.x elsewhere but have not upgraded my psa system yet, right now 4.1 is adequate for my needs and already installed and working.
To manually set up tomcat you will need to edit config files located in /etc/tomcat4 These files are in XML format so be familiar with that or carefully match the way the examples look. <!-- --> are comments like HTML.
web.xml -- contains options
server.xml -- defines your virtual hosts and directories..
catalina.policy -- optionally open security permissions
There isn't that much you probably need to change in web.xml I add home.jsp to the default welcome-file-list. You can review the other options available.
In server.xml you need to define a Host in the correct place in the file which defines the virtual domain and the physical web hosting directory.
For my purposes i like to share my JSP directory with Apache dir for the domain but they do not have to be in the place.. A WEB-INF folder under the home for JSP will be where you put classes and jars for the site (domain specific).
Here's an example server.xml.
<Server port="8005" shutdown="SHUTDOWN" debug="0">
<!-- Define an Apache-Connector Service -->
<Service name="Tomcat-Apache">
<!-- Define a Coyote/JK2 AJP 1.3 Connector on port 8009 -->
<Connector className="org.apache.coyote.tomcat4.CoyoteConnector"
port="8009" minProcessors="5" maxProcessors="75"
enableLookups="true" redirectPort="8443"
acceptCount="10" debug="0" connectionTimeout="20000"
useURIValidationHack="false"
protocolHandlerClassName="org.apache.jk.server.JkCoyoteHandler"/>
<Engine name="Apache" defaultHost="www.default.net" debug="0">
<Logger className="org.apache.catalina.logger.FileLogger"
prefix="apache_log." suffix=".txt" debug="0"
timestamp="true"/>
<!-- Access log processes all requests for this virtual host. -->
<Valve className="org.apache.catalina.valves.AccessLogValve"
directory="logs" prefix="tomcat_log." suffix=".txt"
pattern="common" resolveHosts="false"/>
<Host name="default.net" debug="0"
appBase="/var/www/vhosts/default.net/httpdocs"
unpackWARs="false" autoDeploy="true">
<Alias>www.default.net</Alias>
<Context path="" docBase="" debug="0"/>
<Valve className="org.apache.catalina.valves.AccessLogValve"
directory="logs" prefix="default_access." suffix=".log"
pattern="common" resolveHosts="false" debug="0"/>
</Host>
<Host name="domain2.com" debug="0"
appBase="/var/www/vhosts/domain2.com/httpdocs"
unpackWARs="false" autoDeploy="true">
<Alias>www.domain2.com</Alias>
<Context path="" docBase="" debug="0"/>
<Valve className="org.apache.catalina.valves.AccessLogValve"
directory="logs" prefix="domain2_access." suffix=".log"
pattern="common" resolveHosts="false"/>
</Host>
<Host name="sub1.domain2.com" debug="0"
appBase="/var/www/vhosts/domain2.com/subdomains/sub1/httpdocs"
unpackWARs="false" autoDeploy="true">
<Context path="" docBase="" debug="0"/>
<Valve className="org.apache.catalina.valves.AccessLogValve"
directory="logs" prefix="sub1_access." suffix=".log"
pattern="common" resolveHosts="false"/>
</Host>
</Engine>
</Service>
</Server>
Each Host tag defines another Virtual Domain (or sub-domain). The posting window lost all the indenting so sorry it's harder to read the file this way.
the other optional thing to do is to carefully open up security permissions by editing catalina.policy file.
Look for the section titled WEB APPLICATION PERMISSIONS
this section contains a:
grant {
permission java.xxxxx
permission java.xxxxx
etc..
}
These are fairly restrictive, they don't let one write files or connect to the mail server process, etc. for good reason. you can either open up permissions on a site by site basis or Jar file basis as documented in this file or see Tomcat docs online. If you have a secure development environment with trusted users.. you can add the line:
permission java.security.AllPermission;
here. only as much damage as the tomcat4 process user can be done to the system i suppose in this case
restart tomcat after making config changes with (fedora 2 core):
/etc/init.d/tomcat4 restart
check the log files at:
/var/log/tomcat4 to see how well it is working and to monitor System.out.println() in JSP files..
Good luck.