I want to to deploy a tomcat server such that it listens on two ports simultaneously (both for http protocol).
Just to make sure that you understand this requirement correclty , We have only one server instance but want to listen on two ports for HTTP protocol. For example anybody can access applications deployed in my server using port numbers 7080 and 8080
Is it possible to do that? If possible how can we achive this?
It's very simple. You only need to take a look at the conf/server.xml configuration file to add a new connector for the port you want. For example, if you have a connector like this:
<Connector port="8080"
protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443"
URIEncoding="UTF-8" />
Just add a new connector same as above in the configuration file, but altering the port parameter. That's all. Restart and you're done.
Yes, it is possible. Just edit server.xml (located in the folder named conf) like this:
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
<Connector port="8081" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8444" />
This will setup Tomcat to listen to both ports 8080 and 8081.
The documenation states:
port: The TCP port number on which this Connector will create a server socket and await incoming connections. Your operating system will allow only one server application to listen to a particular port number on a particular IP address. If the special value of 0 (zero) is used, then Tomcat will select a free port at random to use for this connector. This is typically only useful in embedded and testing applications.
redirectPort: If this Connector is supporting non-SSL requests, and a request is received for which a matching <security-constraint> requires SSL transport, Catalina will automatically redirect the request to the port number specified here.
So, altering the redirectPort is optional, depending on how you want such a redirection to work.
You can define 2 different services in /conf/server.xml .
The example is as below,
<Service name="Catalina_2">
<Connector port="8081" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8444" />
<Connector port="8010" protocol="AJP/1.3" redirectPort="8444" />
<Engine name="Catalina_2" defaultHost="localhost">
<Realm className="org.apache.catalina.realm.LockOutRealm">
<Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase"/>
</Realm>
<Host name="localhost" appBase="webapps_2" unpackWARs="true" autoDeploy="true">
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="localhost_access_log." suffix=".txt"
pattern="%h %l %u %t "%r" %s %b" />
</Host>
</Engine>
</Service>
<Service name="Catalina">
<Connector port="8080" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" />
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
<Engine name="Catalina" defaultHost="localhost">
<Realm className="org.apache.catalina.realm.LockOutRealm">
<Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase"/>
</Realm>
<Host name="localhost" appBase="webapps" unpackWARs="true" autoDeploy="true">
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="localhost_access_log." suffix=".txt"
pattern="%h %l %u %t "%r" %s %b" />
</Host>
</Engine>
</Service>
Note : You may have required to increase the tomcat heap size.
you can specify the following code in your server.xml
<Service name="sample">
<Connector port="81" protocol="HTTP/1.1" maxThreads="100" connectionTimeout="2000"/>
<Engine name="sample" defaultHost="sample">
<Host name="myhostname" appBase="webapp2">
<Context docBase="C:\websites\sample\" />
</Host>
</Engine>
</Service>
Please, be sure on which user you are running Tomcat, since if you want to use it on any privileged port, you must use it under the root user.
Another thing you can do is to redirect port 80 to 8080 with iptables.
Something like this:
iptables -t nat -A PREROUTING -d 192.168.10.16 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080
Hope it helps
running tomcat in different port. We have to change four things inside service tag of server.xml file
we have to change port no. like 8080 to 80
we have to change redirectPort no like 8443 to 8444
we have to change Engine name like Catalina to Catalina_2
we have to change appBase name like webapps to webapps_1
Related
I would like to run two tomcat services on two ports (8080,8181) with different codeBases, but sharing the same database resource. When I do this, I get "javax.naming.NameNotFoundException: Name [comp/env/jdbc/mydb] is not bound in this Context. Unable to find [comp]." when it tries to initialize the second Service.
My Services look like this in the server.xml:
...
<GlobalNamingResources>
<Resource auth="Container" name="jdbc/mydb" url="jdbc:db2://myserver:50000/mydb" username="xxx" password="xxx" .... />
</GlobalNamingResources>
...
<Service name="Catalina8080">
<Connector port="8080" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" />
<Engine name="Catalina" defaultHost="localhost">
....
<Host name="localhost" appBase="webapps8080" unpackWARs="true" autoDeploy="true">
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" .... />
</Host>
</Engine>
</Service>
<Service name="Catalina8181">
<Connector port="8181" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8444" />
<Engine name="Catalina" defaultHost="localhost">
....
<Host name="localhost" appBase="webapps8181" unpackWARs="true" autoDeploy="true">
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" .... />
</Host>
</Engine>
</Service>
My server level context file looks like :
<Context>
...
<ResourceLink name="jdbc/mydb" global="jdbc/mydb" type="javax.sql.DataSource" />
</Context>
I've tried adding and removing the Resource links at the application level context file, but nothing seems to change the outcome. Any thoughts are greatly appreciated.
You should change the name of your <Engine> in the second service: there can be only one naming context for each combination of engine name, host name and context name.
In your case the combination (Catalina, localhost, your application name) probably appears twice, hence you should be able to find an entry like this:
SEVERE [main] naming.namingContextCreationFailed
in the logs and JNDI doesn't work in the second context.
When ever I try to run my web application which was running fine before I keep getting the error
java.lang.IllegalArgumentException: C:\Users\user\.IntelliJIdea2019.2\system\tomcat\projectName\conf\localhost-rsa.jks (The system cannot find the file specified)
So I diged into the problem and found my server.xml
<Server port="8090" shutdown="SHUTDOWN">
<Listener className="org.apache.catalina.startup.VersionLoggerListener" />
<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
<Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
<Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
<GlobalNamingResources>
<Resource name="UserDatabase" auth="Container" type="org.apache.catalina.UserDatabase" description="User database that can be updated and saved" factory="org.apache.catalina.users.MemoryUserDatabaseFactory" pathname="conf/tomcat-users.xml" />
</GlobalNamingResources>
<Service name="Catalina">
<Connector port="8080" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" />
<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" maxThreads="150" SSLEnabled="true">
<SSLHostConfig>
<Certificate certificateKeystoreFile="conf/localhost-rsa.jks" type="RSA" />
</SSLHostConfig>
</Connector>
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
<Engine name="Catalina" defaultHost="localhost">
<Realm className="org.apache.catalina.realm.LockOutRealm">
<Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase" />
</Realm>
<Host name="localhost" appBase="C:\Program Files\Apache Software Foundation\Tomcat 9.0\webapps" unpackWARs="true" autoDeploy="true" deployOnStartup="false" deployIgnore="^(?!(manager)|(tomee)$).*">
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" prefix="localhost_access_log" suffix=".txt" pattern="%h %l %u %t "%r" %s %b" />
</Host>
</Engine>
</Service>
</Server>
Here I think the problem is there is a connector element with port 8443 which refers to the certificate , As I do not need https I remove the connector and restart the server from IntelliJ but the connector re appears and I have'nt specified any https port in run configuration too.
What Am I doing wrong ? How could I fix this ?
Remove redirectPort="8443", redirectPort used for handling https
<Connector port="8009" protocol="AJP/1.3" />
redirect port will come into picture when SSL request will come to the server and since http connector port cannot handle SSL requests it will redirect to the port defined.
Check your project application server settings.
Create new application server use that for running app.
https://www.jetbrains.com/help/idea/configuring-and-managing-application-server-integration.html
I think you got code from somewhere which has settings for httpd and you cant figure out how to remove it.
Check your project application server settings.
Create new application server use that for running app.
https://www.jetbrains.com/help/idea/configuring-and-managing-application-server-integration.html
I think you got code from somewhere which has settings for httpd and you cant figure out how to remove it.
Check for JKS file or create new.
JKS stands for Java KeyStore. It is a repository of certificates (signed public keys) and [private] keys. You can export a certificate stored in a JKS file into a separate file. You can use the "keytool" utility found in Java distributions to maintain your JKS trust and key repositories. Like other types of key repositories (e.g., PKCS12, CMS), a JKS repository is protected by a password because it may contain private keys, which must be protected because they are used to decrypt information encrypted by public keys. [Private] keys in repositories are also protected by a "key password," which may be the same as the key repository's password (not a good practice).
The following command would export the certificate associated with the alias/label "mycert" in the JKS file "mykeys.jks". The output file "mycert.cer" would contain the certificate (i.e., the signed public key) only.
keytool -exportcert -rfc -alias mycert -file mycert.cer -keystore mykeys.jks -storepass passw0rd
I have a trouble with configure of Apache and Tomcat. My purpose is to get ability to adress to tui.org/servlet, when tui.org is my virtual host configured on local machine and /servlet/ is url-pattern which is defined at web.xml. But instead the servelet I get 404 Not Found by Tomcat but I can to adress to my server by tui.org/tui.org/servlet - it works. Structure of files on my server is the following:
Root: /var/www/tui.org
-------->/WEB-INF/classes/a
-------->/WEB-INF/classes/a/MainServlet.class
-------->/WEB-INF/web.xml
-------->/index.html
How can I achieve this behaviour?
web.xml:
<servlet-mapping>
<servlet-name>mainServlet</servlet-name>
<url-pattern>/servlet</url-pattern>
</servlet-mapping>
My server.xml:
<?xml version="1.0" encoding="UTF-8"?>
<Server port="8005" shutdown="SHUTDOWN">
<Listener className="org.apache.catalina.startup.VersionLoggerListener" />
<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
<Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
<Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
<GlobalNamingResources>
<Resource name="UserDatabase" auth="Container"
type="org.apache.catalina.UserDatabase"
description="User database that can be updated and saved"
factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
pathname="conf/tomcat-users.xml" />
</GlobalNamingResources>
<Service name="Catalina">
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
<Engine name="Catalina" defaultHost="localhost">
<Realm className="org.apache.catalina.realm.LockOutRealm">
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
resourceName="UserDatabase"/>
</Realm>
<Host name="localhost" appBase="/var/www/"
unpackWARs="true" autoDeploy="true">
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="localhost_access_log" suffix=".txt"
pattern="%h %l %u %t "%r" %s %b" />
</Host>
</Engine>
</Service>
</Server>
Configuration of tui.org (tui.org.conf at /etc/apache2/sites-available:
<VirtualHost *:80>
ServerName tui.org
DocumentRoot /var/www/tui.org
<Directory /var/www/tui.org>
AllowOverride All
Require all granted
</Directory>
JkMount /servlet* ajp13_worker
</VirtualHost>
I use Apache2, tomcat9 and Ubuntu 18.04.
Thank you in advance!
P.S. Sorry for my english.
There are several issues here:
You must not serve the web application directory with Apache - e.g. you're declaring DocumentRoot /var/www/tui.org for Apache and <Host appBase="/var/www/"> for Tomcat.
e.g but not limited to: The servlet spec specifically disallows to serve the directory WEB-INF to ever be served to a client, and you're explicitly bypassing this limitation.
An application deployed in a Host's appBase is always deployed under that name (unless specified differently in a context.xml file). The only other exception to that rule is if a directory is called ROOT - in that case, it's deployed without a name, thus omitting the tui.org that follows your server name.
but this is secondary to the issue of serving the whole webapp through Apache httpd. Fix that one first.
One way to fix your biggest problem is to omit the DocumentRoot directive in Apache and rather serve everything from Tomcat: JkMount * ajp13_worker.
For solving problem with adressing by tui.org/servlet I had to add <Context> directive to server.xml:
<Context path="" docBase="/var/www/tui.org/"/>
and change appBase from /var/www/ to /var/www/tui.org/.
And for fix problem with access to WEB-INF (thanks to #OlafKock) I had to add next to tui.org.conf:
<Directory /var/www/tui.org>
AllowOverride All
Deny from all
</Directory>
i need this kind of configuration:
Apache will respond to my blog if it is called on www.mydomain.com and i want to tomcat to respond to thirddomain.mydomain.com
I've configured a worker to respond to thirddomain.mydomain.com in this way:
<VirtualHost thirddomain.mydomain.com:80>
JkMount /* myworker
ServerName thirddomain.mydomain.com
</VirtualHost>
my worker is configured in this way:
worker.list=myworker
worker.myworker.port=8009
worker.myworker.host=thirddomain.mydomain.com
worker.myworker.type=ajp13
i've also a standard virtualhost that point to www
<VirtualHost www.mydomain.com:80>
DocumentRoot /var/www/html/blog/
ServerName www.mydomain.com
</VirtualHost>
the server.xml on tomcat is this one:
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
<Engine name="Catalina" defaultHost="thirddomain.mydomain.com">
<Host name="thirddomain.mydomain.com" appBase="webapps"
unpackWARs="true" autoDeploy="true">
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="localhost_access_log." suffix=".txt" resolveHost="false"
pattern="%h %l %u %t "%r" %s %b" />
</Host>
</Engine>
The problem is that apache is responding on both www and mythirddomain. How i can configure it to respond on different third domains?
Thank you
First map "thirddomain.mydomain.com" (subdomain) to a valid directory, to check if that config works without ajp and Tomcat (comment out JKMount).
DocumentRoot /var/www/html/anotherDir/index.html
If that works uncomment JKMount and change this to use an ip:
worker.myworker.host=thirddomain.mydomain.com
should be:
worker.myworker.host=127.0.0.1
(I guess Tomcat is on the same server as your web server). Add the worker name in the Engine element as well:
<Engine jvmRoute="myworker" name="Catalina" defaultHost="thirddomain.mydomain.com">
I think you should use mod_proxy for this type of configuration. You can follow this link to learn more about mod_proxy module of apache. Apache Mod_Proxy.
Add the below two lines in your httpd.conf.
ProxyPass thirddomain.mydomain.com/ localhost:8080
ProxyPassReverse thirddomain.mydomain.com/ localhost:8080
Here your Apache HTTP Server will act as an reverse proxy.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 9 years ago.
Improve this question
I am trying to get Apache to forward requests to the examples that come with Tomcat. I did it once on another machine a few months ago, but on this new server I am stump.
Tomcat is running fine, localhost:8080 loads the default homepage and localhost:8080/examples/ displays the example page. But when I drop the 8080 and use port 80 on the apache server, it simply gives me a 404.
What is really bugging me is the lack of any log info on why. I am using the stock httpd-jk.conf with this added:
JkMount /examples/* worker1
Then this is my workers.properties:
worker.list=jk-status
worker.jk-status.type=status
worker.jk-status.read_only=true
worker.list=jk-manager
worker.jk-manager.type=status
worker.list=worker1
worker.worker1.reference=worker.template
worker.worker1.host=localhost
worker.worker1.port=8009
worker.worker1.activation=A
worker.template.type=ajp13
worker.template.socket_connect_timeout=5000
worker.template.socket_keepalive=true
worker.template.ping_mode=A
worker.template.ping_timeout=10000
worker.template.connection_pool_minsize=0
worker.template.connection_pool_timeout=600
worker.template.reply_timeout=300000
worker.template.recovery_options=3
And the Tomcat server.xml:
<?xml version='1.0' encoding='utf-8'?>
<Server port="8005" shutdown="SHUTDOWN">
<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
<Listener className="org.apache.catalina.core.JasperListener" />
<Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
<Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
<GlobalNamingResources>
<Resource name="UserDatabase" auth="Container"
type="org.apache.catalina.UserDatabase"
description="User database that can be updated and saved"
factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
pathname="conf/tomcat-users.xml" />
</GlobalNamingResources>
<Service name="Catalina">
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
<Engine name="Catalina" defaultHost="localhost">
<Realm className="org.apache.catalina.realm.LockOutRealm">
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
resourceName="UserDatabase"/>
</Realm>
<Host name="localhost" appBase="webapps"
unpackWARs="true" autoDeploy="true">
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="localhost_access_log." suffix=".txt"
pattern="%h %l %u %t "%r" %s %b" />
</Host>
</Engine>
</Service>
</Server>
Answering with a checklist;
Are you certain port 80 is served by the Apache you expect - are your "404" responses showing in the access logs of that Apache instance
are you certain your mod_jk module is being loaded (see Apache logs, or use one of the Apache status page views to verify); if the module was not loaded, the JK configuration section would be silently ignored
are you certain your workers.properties is being found (Still, see Apache logs; you might also wish to raise the JkLogLevel in httpd.conf to trace for the time being; also, make sure you know where your JkLogFile is located)
Then about the SSL issue; mod_jk and mod_proxy_ajp should both work. If you just want basic "server-side SSL", and are not working with client certificates, then everything will be handled by your Apache httpd. If, on the other hand, you'll be doing client authentication using SSL client certificates, then I think there's another SO posting rather relevant to that use case.