Both sides previous revision
Previous revision
Next revision
|
Previous revision
Next revision
Both sides next revision
|
tutorial:adm:server_preparation_tmp [2020/07/24 09:01] fiserp [Start Tomcat automatically after system startup] |
tutorial:adm:server_preparation_tmp [2020/07/24 09:15] fiserp [Apache Tomcat configuration] |
dnf install -y java-11-openjdk-headless java-11-openjdk-devel | dnf install -y java-11-openjdk-headless java-11-openjdk-devel |
</code> | </code> |
| |
Then create the file ''/etc/profile.d/java.sh'' with following: | |
<file bash java.sh> | |
[ -d /usr/lib/jvm/java-openjdk ] && export JAVA_HOME=/usr/lib/jvm/java-openjdk | |
</file> | |
| |
| |
| |
<code bash> | <code bash> |
[root@tomcat1 logs]# ps -u tomcat -fwww | [root@tomcat1 logs]# ps -ef | grep ^tomcat |
UID PID PPID C STIME TTY TIME CMD | tomcat 1623 1 9 11:08 ? 00:00:04 /usr/lib/jvm/java-openjdk/bin/java -Djava.util.logging.config.file=/opt/tomcat/current/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Djava.awt.headless=true -Djava.security.egd=file:/dev/./urandom -Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true -Djavax.servlet.request.encoding=UTF-8 -Djdk.tls.ephemeralDHKeySize=2048 -Djava.protocol.handler.pkgs=org.apache.catalina.webresources -Dorg.apache.catalina.security.SecurityListener.UMASK=0027 -Xms512M -Xmx1024M -server -XX:+UseParallelGC -Dignore.endorsed.dirs= -classpath /opt/tomcat/current/bin/bootstrap.jar:/opt/tomcat/current/bin/tomcat-juli.jar -Dcatalina.base=/opt/tomcat/current -Dcatalina.home=/opt/tomcat/current -Djava.io.tmpdir=/opt/tomcat/current/temp org.apache.catalina.startup.Bootstrap start |
tomcat 1602 1 1 09:44 ? 00:00:02 /usr/lib/jvm/java-openjdk/bin/java -Djava.util.logging.config.file=/opt/tomcat/current/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Djava.awt.headless=true -Djava.security.egd=file:/dev/./urandom -Dorg.apache.tomcat.util.buf.UDecoder.ALLOW_ENCODED_SLASH=true -Djavax.servlet.request.encoding=UTF-8 -Djdk.tls.ephemeralDHKeySize=2048 -Djava.protocol.handler.pkgs=org.apache.catalina.webresources -Xms512M -Xmx1024M -server -XX:+UseParallelGC -classpath /opt/tomcat/current/bin/bootstrap.jar:/opt/tomcat/current/bin/tomcat-juli.jar -Dcatalina.base=/opt/tomcat/current -Dcatalina.home=/opt/tomcat/current -Djava.io.tmpdir=/opt/tomcat/current/temp org.apache.catalina.startup.Bootstrap start | |
</code> | </code> |
| |
If you want to use them, it is necessary to do following steps. | If you want to use them, it is necessary to do following steps. |
| |
First of all, create a database user that you will use for the access to those applications. If you plan to connect to the applications remotely (not only from localhost) you have to also allow communication from your IP. | First of all, create a Tomcat's database user that you will use for the access to those applications. If you plan to connect to the applications remotely (not only from localhost) you have to also allow communication from your IP. |
| |
Create user like this: | |
| |
Create the a new user in the file ''/opt/tomcat/current/conf/tomcat-users.xml'' and assign him roles "manager-gui" and "admin-gui". | * Create administration user |
The documentation of available roles as well as overall configuration of the application is a part of application installation available at http://localhost:8080/docs/manager-howto.html#Configuring_Manager_Application_Access | * Create the a new user in the file ''/opt/tomcat/current/conf/tomcat-users.xml'' and assign him roles "manager-gui" and "admin-gui". |
| * The documentation of available roles as well as overall configuration of the application is a part of application installation available at http://localhost:8080/docs/manager-howto.html#Configuring_Manager_Application_Access |
| |
The file ''/opt/tomcat/current/conf/tomcat-users.xml'' looks like this: | The file ''/opt/tomcat/current/conf/tomcat-users.xml'' should now look like this: |
<file xml tomcat-users.xml> | <file xml tomcat-users.xml> |
<?xml version="1.0" encoding="UTF-8"?> | <?xml version="1.0" encoding="UTF-8"?> |
</file> | </file> |
| |
If you plan to connect to the applications remotely (not only from localhost) you have to also allow communication from your IP. If you see ''403 Access Denied'' it might be you did not do this setting. | * If you plan to connect to the applications remotely (not only from localhost) you have to also allow communication from your IP. |
| * If you see ''403 Access Denied'' when accessing Tomcat's management remotely, it might be because you did not perform this configuration. |
| |
Add your IP address into application configuration files. In files ''/opt/tomcat/current/webapps/manager/META-INF/context.xml'' and ''/opt/tomcat/current/webapps/host-manager/META-INF/context.xml'' add net mask for your IP (both files should have the same content): | Add your IP address into application configuration files. In files ''/opt/tomcat/current/webapps/manager/META-INF/context.xml'' and ''/opt/tomcat/current/webapps/host-manager/META-INF/context.xml'' add netmask for your IP (both files should have the same content): |
| |
In my case, I want to access to Tomcat management from network 192.168.0.0/24: | For example, if you want to access Tomcat's management from the network ''192.168.0.0/24'': |
| |
<file xml context.xml> | <file xml context.xml> |
</file> | </file> |
| |
Again, restart the tomcat: | * Again, restart the tomcat |
<code bash> | <code bash> |
systemctl restart tomcat | systemctl restart tomcat |
</code> | </code> |
| |
=== Apache Tomcat configuration recommended for production usage === | === Apache Tomcat configuration recommended for production use === |
| |
It is advised to follow these steps for production usage: | We advise to follow these steps to configure Tomcat for production deployment. |
| |
* Remove unnecessary applications that comes with Tomcat: | * Remove unnecessary applications that come with Tomcat: |
| |
<code bash> | <code bash> |
* In the ''/opt/tomcat/current/conf/server.xml'', locate the configuration for port 8080 and add the ''maxSwallowSize="-1"'' property therein. | * In the ''/opt/tomcat/current/conf/server.xml'', locate the configuration for port 8080 and add the ''maxSwallowSize="-1"'' property therein. |
| |
* In same file configure ajp port(''8009'') to look like this: | * In same file configure AJP port (''8009/tcp'') to look like this: |
| |
<code> | <code> |
| |
* Do not show aplication server version: | * Do not show aplication server version: |
* In the file ''/opt/tomcat/current/conf/web.xml'' set showServerInfo to false (default is true): | * In the file ''/opt/tomcat/current/conf/web.xml'' set ''showServerInfo'' to false (default is true): |
| |
<code xml> | <code xml> |