Tomcat 7#

Resources#

Tomcat upgrade to release 7.0.0.2#

Let's play a bit with Tomcat 7 and see if my apps are still working......

Download#

Download the usual way from http://tomcat.apache.org/download-70.cgi

Split manager role#

If you are using conf/tomcat-users.xml, then split up the manager role in 4 roles:

.....
  <role rolename="manager"/>
  <role rolename="manager-gui"/>
  <role rolename="manager-script"/>
  <role rolename="manager-jmx"/>
  <role rolename="manager-status"/>
....

lib directory#

new are:

  • ecj-3.6.jar (we use the Eclipse JDT compiler for JSP compilation, so we no longer require a full JDK, but a JRE insteed)
  • tomcat-api.jar ((Interfaces shared by Catalina and Jasper)) :
metskem@gneisenau:/usr/local/tomcat/lib$ jar -tf tomcat-api.jar 
META-INF/
META-INF/MANIFEST.MF
org/
org/apache/
org/apache/tomcat/
org/apache/tomcat/buildutil/
org/apache/tomcat/jni/
org/apache/tomcat/util/
org/apache/tomcat/InstanceManager.class
org/apache/tomcat/JarScanner.class
org/apache/tomcat/JarScannerCallback.class
org/apache/tomcat/PeriodicEventListener.class
META-INF/NOTICE
META-INF/LICENSE

We don't copy the old mysql-connector-java-5.1.7-bin.jar, but download a fresh mysql-connector-java-5.1.13-bin.jar from http://dev.mysql.com/ to the lib directory.

config#

  • (if necessary) create keystore : keytool -genkey -alias tomcat -keystore keystore.jks
  • Update server.xml with ssl, add keystoreFile="${catalina.home}/conf/keystore" keystorePass="password" to ssl connector.
  • Update server.xml with prefix="access." suffix=".log" pattern="common"
  • Update server.xml with URIEncoding="UTF-8"
  • Update context.xml, uncomment manager pathname... to disable session persistence
  • Copy conf/keystore from old tomcat version (this has the SSL certificate we need for the https connector)

Starting up#

First remove *.bat from the bin directory (we don't need these for sure on linux).
The fire up the bin/startup.sh :

metskem@gneisenau:/usr/local/tomcat/bin$ ./startup.sh 
Using CATALINA_BASE:   /usr/local/tomcat
Using CATALINA_HOME:   /usr/local/tomcat
Using CATALINA_TMPDIR: /usr/local/tomcat/temp
Using JRE_HOME:        /usr
Using CLASSPATH:       /usr/local/tomcat/bin/bootstrap.jar:/usr/local/tomcat/bin/tomcat-juli.jar
metskem@gneisenau:/usr/local/tomcat/bin$ Oct 8, 2010 3:30:29 PM org.apache.catalina.core.AprLifecycleListener init
INFO: The APR based Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path: /usr/lib/jvm/java-6-sun-1.6.0.20/jre/lib/i386/server:/usr/lib/jvm/java-6-sun-1.6.0.20/jre/lib/i386:/usr/lib/jvm/java-6-sun-1.6.0.20/jre/../lib/i386:/usr/java/packages/lib/i386:/lib:/usr/lib
Oct 8, 2010 3:30:29 PM org.apache.coyote.http11.Http11Protocol init
INFO: Initializing Coyote HTTP/1.1 on http-8080
Oct 8, 2010 3:30:29 PM org.apache.coyote.ajp.AjpProtocol init
INFO: Initializing Coyote AJP/1.3 on ajp-8009
Oct 8, 2010 3:30:29 PM org.apache.catalina.startup.Catalina load
INFO: Initialization processed in 737 ms
Oct 8, 2010 3:30:29 PM org.apache.catalina.core.StandardService startInternal
INFO: Starting service Catalina
Oct 8, 2010 3:30:29 PM org.apache.catalina.core.StandardEngine startInternal
INFO: Starting Servlet Engine: Apache Tomcat/7.0.2
Oct 8, 2010 3:30:29 PM org.apache.catalina.startup.HostConfig deployDirectory
INFO: Deploying web application directory host-manager
Oct 8, 2010 3:30:30 PM org.apache.catalina.startup.HostConfig deployDirectory
INFO: Deploying web application directory manager
Oct 8, 2010 3:30:30 PM org.apache.catalina.startup.HostConfig deployDirectory
INFO: Deploying web application directory examples
Oct 8, 2010 3:30:30 PM org.apache.catalina.startup.HostConfig deployDirectory
INFO: Deploying web application directory docs
Oct 8, 2010 3:30:30 PM org.apache.catalina.startup.HostConfig deployDirectory
INFO: Deploying web application directory ROOT
Oct 8, 2010 3:30:30 PM org.apache.coyote.http11.Http11Protocol start
INFO: Starting Coyote HTTP/1.1 on http-8080
Oct 8, 2010 3:30:30 PM org.apache.coyote.ajp.AjpProtocol start
INFO: Starting Coyote AJP/1.3 on ajp-8009
Oct 8, 2010 3:30:30 PM org.apache.catalina.startup.Catalina start
INFO: Server startup in 887 ms

Nice !

Configuring Tomcat in Eclipse#

SSL and users/roles#

See the WTP_Tomcat_FAQ

Open the server config and "Open launch configuration" :

tomcat-ssl.png

Pick up the CATALINA_HOME and modify the server.xml there with something like :

<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
   maxThreads="150" scheme="https" secure="true" URIEncoding="UTF-8" 
   clientAuth="false" sslProtocol="TLS" 
   keystoreFile="${catalina.home}/conf/keystore.jks" keystorePass="tomcat"/>

In the same location you can change your tomcat-users.xml !

Tomcat JDBCRealm#

Store your userids, passwords and roles in an SQL database.
See the tomcat docs for all reference information.

Create the database and tables#

Note: If you want to use digested passwords, you need varchar(32) for the user_pass column (instead of varchar(15))
create database tomcatuserDB;

create user 'tomcatuser'@'localhost' identified by "tomcatpassword";

use tomcatuserDB;

create table users (
  user_name         varchar(15) not null primary key,
  user_pass         varchar(32) not null
);

create table user_roles (
  user_name         varchar(15) not null,
  role_name         varchar(15) not null,
  primary key (user_name, role_name)
);

grant all privileges on tomcatuserDB.* to 'tomcatuser'@'localhost';

Now we have to insert a user/password, but we want to use digested passwords. Therefore we first have to generate an (md5) generated password (testpassword)(:

metskem@gneisenau:/usr/local/tomcat/lib$ java -cp catalina.jar:../bin/tomcat-juli.jar:tomcat-util.jar org.apache.catalina.realm.RealmBase -a md5 -e utf-8 testpassword
testpassword:e16b2ab8d12314bf4efbd6203906ea6c

Then insert the row, and also insert a role row :

insert into users(user_name,user_pass) values('testuser','e16b2ab8d12314bf4efbd6203906ea6c');
insert into user_roles(user_name,role_name) values('testuser','manager-gui');

Setup Realm in server.xml#

The following is added to conf/server.xml :

      <Realm className="org.apache.catalina.realm.LockOutRealm">
       <Realm className="org.apache.catalina.realm.JDBCRealm"
             driverName="com.mysql.jdbc.Driver"
          connectionURL="jdbc:mysql://localhost/tomcatuserDB?user=tomcatuser&amp;password=tomcatpassword"
              userTable="users" userNameCol="user_name" userCredCol="user_pass"
          userRoleTable="user_roles" roleNameCol="role_name"
          digest="md5"/>
      </Realm>

Add new attachment

In order to upload a new attachment to this page, please use the following box to find the file, then click on “Upload”.

List of attachments

Kind Attachment Name Size Version Date Modified Author Change note
jpg
Chrysanthemum.jpg 879.4 kB 1 23-Jul-2014 17:23 117.26.53.191 aaa
png
tomcat-ssl.png 77.2 kB 1 14-Oct-2010 19:15 Harry Metske
« This page (revision-15) was last changed on 27-Oct-2010 18:12 by Harry Metske  
G’day (anonymous guest) My Prefs
Active
Sessions
12
Uptime59d, 18h 19m 7s
Number of pages257

Referenced by
HarryPages

JSPWiki v2.10.1