1 |
> can you post your server.xml ? |
2 |
|
3 |
Basically it's the default one that comes with the tomcat5 ~x86 ebuild: |
4 |
|
5 |
<!-- Example Server Configuration File --> |
6 |
<!-- Note that component elements are nested corresponding to their |
7 |
parent-child relationships with each other --> |
8 |
|
9 |
<!-- A "Server" is a singleton element that represents the entire JVM, |
10 |
which may contain one or more "Service" instances. The Server |
11 |
listens for a shutdown command on the indicated port. |
12 |
|
13 |
Note: A "Server" is not itself a "Container", so you may not |
14 |
define subcomponents such as "Valves" or "Loggers" at this level. |
15 |
--> |
16 |
|
17 |
<Server port="8005" shutdown="ceaaec5a39646db" debug="0"> |
18 |
|
19 |
|
20 |
<!-- Comment these entries out to disable JMX MBeans support --> |
21 |
<!-- You may also configure custom components (e.g. Valves/Realms) by |
22 |
including your own mbean-descriptor file(s), and setting the |
23 |
"descriptors" attribute to point to a ';' seperated list of paths |
24 |
(in the ClassLoader sense) of files to add to the default list. |
25 |
e.g. descriptors="/com/myfirm/mypackage/mbean-descriptor.xml" |
26 |
--> |
27 |
<Listener |
28 |
className="org.apache.catalina.mbeans.ServerLifecycleListener" |
29 |
debug="0"/> |
30 |
<Listener |
31 |
className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" |
32 |
debug="0"/> |
33 |
|
34 |
<!-- Global JNDI resources --> |
35 |
<GlobalNamingResources> |
36 |
|
37 |
<!-- Test entry for demonstration purposes --> |
38 |
<Environment name="simpleValue" type="java.lang.Integer" |
39 |
value="30"/> |
40 |
|
41 |
<!-- Editable user database that can also be used by |
42 |
UserDatabaseRealm to authenticate users --> |
43 |
<Resource name="UserDatabase" auth="Container" |
44 |
type="org.apache.catalina.UserDatabase" |
45 |
description="User database that can be updated and saved"> |
46 |
</Resource> |
47 |
<ResourceParams name="UserDatabase"> |
48 |
<parameter> |
49 |
<name>factory</name> |
50 |
|
51 |
<value>org.apache.catalina.users.MemoryUserDatabaseFactory</value> |
52 |
</parameter> |
53 |
<parameter> |
54 |
<name>pathname</name> |
55 |
<value>conf/tomcat-users.xml</value> |
56 |
</parameter> |
57 |
</ResourceParams> |
58 |
|
59 |
</GlobalNamingResources> |
60 |
|
61 |
<!-- A "Service" is a collection of one or more "Connectors" that |
62 |
share |
63 |
a single "Container" (and therefore the web applications visible |
64 |
within that Container). Normally, that Container is an "Engine", |
65 |
but this is not required. |
66 |
|
67 |
Note: A "Service" is not itself a "Container", so you may not |
68 |
define subcomponents such as "Valves" or "Loggers" at this level. |
69 |
--> |
70 |
|
71 |
<!-- Define the Tomcat Stand-Alone Service --> |
72 |
<Service name="Catalina"> |
73 |
|
74 |
<!-- A "Connector" represents an endpoint by which requests are |
75 |
received |
76 |
and responses are returned. Each Connector passes requests on |
77 |
to the |
78 |
associated "Container" (normally an Engine) for processing. |
79 |
|
80 |
By default, a non-SSL HTTP/1.1 Connector is established on port |
81 |
8080. |
82 |
You can also enable an SSL HTTP/1.1 Connector on port 8443 by |
83 |
following the instructions below and uncommenting the second |
84 |
Connector |
85 |
entry. SSL support requires the following steps (see the SSL |
86 |
Config |
87 |
HOWTO in the Tomcat 5 documentation bundle for more detailed |
88 |
instructions): |
89 |
* If your JDK version 1.3 or prior, download and install JSSE |
90 |
1.0.2 or |
91 |
later, and put the JAR files into "$JAVA_HOME/jre/lib/ext". |
92 |
* Execute: |
93 |
%JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA |
94 |
(Windows) |
95 |
$JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA |
96 |
(Unix) |
97 |
with a password value of "changeit" for both the certificate |
98 |
and |
99 |
the keystore itself. |
100 |
|
101 |
By default, DNS lookups are enabled when a web application |
102 |
calls |
103 |
request.getRemoteHost(). This can have an adverse impact on |
104 |
performance, so you can disable it by setting the |
105 |
"enableLookups" attribute to "false". When DNS lookups are |
106 |
disabled, |
107 |
request.getRemoteHost() will return the String version of the |
108 |
IP address of the remote client. |
109 |
--> |
110 |
|
111 |
<!-- Define a non-SSL Coyote HTTP/1.1 Connector on port 8080 --> |
112 |
<Connector port="8080" |
113 |
maxThreads="150" minSpareThreads="25" |
114 |
maxSpareThreads="75" |
115 |
enableLookups="false" redirectPort="8443" |
116 |
acceptCount="100" |
117 |
debug="0" connectionTimeout="20000" |
118 |
disableUploadTimeout="true" /> |
119 |
<!-- Note : To disable connection timeouts, set connectionTimeout |
120 |
value |
121 |
to 0 --> |
122 |
|
123 |
<!-- Note : To use gzip compression you could set the following |
124 |
properties : |
125 |
|
126 |
compression="on" |
127 |
compressionMinSize="2048" |
128 |
noCompressionUserAgents="gozilla, traviata" |
129 |
compressableMimeType="text/html,text/xml" |
130 |
--> |
131 |
|
132 |
<!-- Define a SSL Coyote HTTP/1.1 Connector on port 8443 --> |
133 |
<!-- |
134 |
<Connector port="8443" |
135 |
maxThreads="150" minSpareThreads="25" |
136 |
maxSpareThreads="75" |
137 |
enableLookups="false" disableUploadTimeout="true" |
138 |
acceptCount="100" debug="0" scheme="https" secure="true" |
139 |
clientAuth="false" sslProtocol="TLS" /> |
140 |
--> |
141 |
|
142 |
<!-- Define a Coyote/JK2 AJP 1.3 Connector on port 8009 --> |
143 |
<Connector port="8009" |
144 |
enableLookups="false" redirectPort="8443" debug="99" |
145 |
protocol="AJP/1.3" /> |
146 |
|
147 |
<!-- Define a Proxied HTTP/1.1 Connector on port 8082 --> |
148 |
<!-- See proxy documentation for more information about using this. |
149 |
--> |
150 |
<!-- |
151 |
<Connector port="8082" |
152 |
maxThreads="150" minSpareThreads="25" |
153 |
maxSpareThreads="75" |
154 |
enableLookups="false" |
155 |
acceptCount="100" debug="0" connectionTimeout="20000" |
156 |
proxyPort="80" disableUploadTimeout="true" /> |
157 |
--> |
158 |
|
159 |
<!-- An Engine represents the entry point (within Catalina) that |
160 |
processes |
161 |
every request. The Engine implementation for Tomcat stand |
162 |
alone |
163 |
analyzes the HTTP headers included with the request, and passes |
164 |
them |
165 |
on to the appropriate Host (virtual host). --> |
166 |
|
167 |
<!-- You should set jvmRoute to support load-balancing via JK/JK2 ie |
168 |
: |
169 |
<Engine name="Standalone" defaultHost="localhost" debug="0" |
170 |
jvmRoute="jvm1"> |
171 |
--> |
172 |
|
173 |
<!-- Define the top level container in our container hierarchy --> |
174 |
<Engine name="Catalina" defaultHost="localhost" debug="0"> |
175 |
|
176 |
<!-- The request dumper valve dumps useful debugging information |
177 |
about |
178 |
the request headers and cookies that were received, and the |
179 |
response |
180 |
headers and cookies that were sent, for all requests received |
181 |
by |
182 |
this instance of Tomcat. If you care only about requests to |
183 |
a |
184 |
particular virtual host, or a particular application, nest |
185 |
this |
186 |
element inside the corresponding <Host> or <Context> entry |
187 |
instead. |
188 |
|
189 |
For a similar mechanism that is portable to all Servlet 2.4 |
190 |
containers, check out the "RequestDumperFilter" Filter in the |
191 |
example application (the source for this filter may be found |
192 |
in |
193 |
"$CATALINA_HOME/webapps/examples/WEB-INF/classes/filters"). |
194 |
|
195 |
Request dumping is disabled by default. Uncomment the |
196 |
following |
197 |
element to enable it. --> |
198 |
<!-- |
199 |
<Valve className="org.apache.catalina.valves.RequestDumperValve"/> |
200 |
--> |
201 |
|
202 |
<!-- Global logger unless overridden at lower levels --> |
203 |
<Logger className="org.apache.catalina.logger.FileLogger" |
204 |
prefix="catalina_log." suffix=".txt" |
205 |
timestamp="true"/> |
206 |
|
207 |
<!-- Because this Realm is here, an instance will be shared |
208 |
globally --> |
209 |
|
210 |
<!-- This Realm uses the UserDatabase configured in the global |
211 |
JNDI |
212 |
resources under the key "UserDatabase". Any edits |
213 |
that are performed against this UserDatabase are immediately |
214 |
available for use by the Realm. --> |
215 |
<Realm className="org.apache.catalina.realm.UserDatabaseRealm" |
216 |
debug="0" resourceName="UserDatabase"/> |
217 |
|
218 |
<!-- Comment out the old realm but leave here for now in case we |
219 |
need to go back quickly --> |
220 |
<!-- |
221 |
<Realm className="org.apache.catalina.realm.MemoryRealm" /> |
222 |
--> |
223 |
|
224 |
<!-- Replace the above Realm with one of the following to get a |
225 |
Realm |
226 |
stored in a database and accessed via JDBC --> |
227 |
|
228 |
<!-- |
229 |
<Realm className="org.apache.catalina.realm.JDBCRealm" debug="99" |
230 |
driverName="org.gjt.mm.mysql.Driver" |
231 |
connectionURL="jdbc:mysql://localhost/authority" |
232 |
connectionName="test" connectionPassword="test" |
233 |
userTable="users" userNameCol="user_name" |
234 |
userCredCol="user_pass" |
235 |
userRoleTable="user_roles" roleNameCol="role_name" /> |
236 |
--> |
237 |
|
238 |
<!-- |
239 |
<Realm className="org.apache.catalina.realm.JDBCRealm" debug="99" |
240 |
driverName="oracle.jdbc.driver.OracleDriver" |
241 |
connectionURL="jdbc:oracle:thin:@ntserver:1521:ORCL" |
242 |
connectionName="scott" connectionPassword="tiger" |
243 |
userTable="users" userNameCol="user_name" |
244 |
userCredCol="user_pass" |
245 |
userRoleTable="user_roles" roleNameCol="role_name" /> |
246 |
--> |
247 |
|
248 |
<!-- |
249 |
<Realm className="org.apache.catalina.realm.JDBCRealm" debug="99" |
250 |
driverName="sun.jdbc.odbc.JdbcOdbcDriver" |
251 |
connectionURL="jdbc:odbc:CATALINA" |
252 |
userTable="users" userNameCol="user_name" |
253 |
userCredCol="user_pass" |
254 |
userRoleTable="user_roles" roleNameCol="role_name" /> |
255 |
--> |
256 |
|
257 |
<!-- Define the default virtual host |
258 |
Note: XML Schema validation will not work with Xerces 2.2. |
259 |
--> |
260 |
<Host name="localhost" debug="0" appBase="webapps" |
261 |
unpackWARs="true" autoDeploy="true" |
262 |
xmlValidation="false" xmlNamespaceAware="false"> |
263 |
|
264 |
<!-- Defines a cluster for this node, |
265 |
By defining this element, means that every manager will be |
266 |
changed. |
267 |
So when running a cluster, only make sure that you have |
268 |
webapps in there |
269 |
that need to be clustered and remove the other ones. |
270 |
A cluster has the following parameters: |
271 |
|
272 |
className = the fully qualified name of the cluster class |
273 |
|
274 |
name = a descriptive name for your cluster, can be anything |
275 |
|
276 |
debug = the debug level, higher means more output |
277 |
|
278 |
mcastAddr = the multicast address, has to be the same for |
279 |
all the nodes |
280 |
|
281 |
mcastPort = the multicast port, has to be the same for all |
282 |
the nodes |
283 |
|
284 |
mcastBindAddr = bind the multicast socket to a specific |
285 |
address |
286 |
|
287 |
mcastTTL = the multicast TTL if you want to limit your |
288 |
broadcast |
289 |
|
290 |
mcastSoTimeout = the multicast readtimeout |
291 |
|
292 |
mcastFrequency = the number of milliseconds in between |
293 |
sending a "I'm alive" heartbeat |
294 |
|
295 |
mcastDropTime = the number a milliseconds before a node is |
296 |
considered "dead" if no heartbeat is received |
297 |
|
298 |
tcpThreadCount = the number of threads to handle incoming |
299 |
replication requests, optimal would be the same amount of threads as |
300 |
nodes |
301 |
|
302 |
tcpListenAddress = the listen address (bind address) for |
303 |
TCP cluster request on this host, |
304 |
in case of multiple ethernet cards. |
305 |
auto means that address becomes |
306 |
|
307 |
InetAddress.getLocalHost().getHostAddress() |
308 |
|
309 |
tcpListenPort = the tcp listen port |
310 |
|
311 |
tcpSelectorTimeout = the timeout (ms) for the |
312 |
Selector.select() method in case the OS |
313 |
has a wakup bug in java.nio. Set to 0 |
314 |
for no timeout |
315 |
|
316 |
printToScreen = true means that managers will also print to |
317 |
std.out |
318 |
|
319 |
expireSessionsOnShutdown = true means that |
320 |
|
321 |
useDirtyFlag = true means that we only replicate a session |
322 |
after setAttribute,removeAttribute has been called. |
323 |
false means to replicate the session after |
324 |
each request. |
325 |
false means that replication would work for |
326 |
the following piece of code: |
327 |
<% |
328 |
HashMap map = |
329 |
(HashMap)session.getAttribute("map"); |
330 |
map.put("key","value"); |
331 |
%> |
332 |
replicationMode = can be either 'pooled', 'synchronous' or |
333 |
'asynchronous'. |
334 |
* Pooled means that the replication |
335 |
happens using several sockets in a synchronous way. Ie, the data gets |
336 |
replicated, then the request return. This is the same as the |
337 |
'synchronous' setting except it uses a pool of sockets, hence it is |
338 |
multithreaded. This is the fastest and safest configuration. To use |
339 |
this, also increase the nr of tcp threads that you have dealing with |
340 |
replication. |
341 |
* Synchronous means that the thread that |
342 |
executes the request, is also the |
343 |
thread the replicates the data to the |
344 |
other nodes, and will not return until all |
345 |
nodes have received the information. |
346 |
* Asynchronous means that there is a |
347 |
specific 'sender' thread for each cluster node, |
348 |
so the request thread will queue the |
349 |
replication request into a "smart" queue, |
350 |
and then return to the client. |
351 |
The "smart" queue is a queue where when a |
352 |
session is added to the queue, and the same session |
353 |
already exists in the queue from a |
354 |
previous request, that session will be replaced |
355 |
in the queue instead of replicating two |
356 |
requests. This almost never happens, unless there is a |
357 |
large network delay. |
358 |
--> |
359 |
<!-- |
360 |
When configuring for clustering, you also add in a valve to |
361 |
catch all the requests |
362 |
coming in, at the end of the request, the session may or may |
363 |
not be replicated. |
364 |
A session is replicated if and only if all the conditions |
365 |
are met: |
366 |
1. useDirtyFlag is true or setAttribute or removeAttribute |
367 |
has been called AND |
368 |
2. a session exists (has been created) |
369 |
3. the request is not trapped by the "filter" attribute |
370 |
|
371 |
The filter attribute is to filter out requests that could |
372 |
not modify the session, |
373 |
hence we don't replicate the session after the end of this |
374 |
request. |
375 |
The filter is negative, ie, anything you put in the filter, |
376 |
you mean to filter out, |
377 |
ie, no replication will be done on requests that match one |
378 |
of the filters. |
379 |
The filter attribute is delimited by ;, so you can't escape |
380 |
out ; even if you wanted to. |
381 |
|
382 |
filter=".*\.gif;.*\.js;" means that we will not replicate |
383 |
the session after requests with the URI |
384 |
ending with .gif and .js are intercepted. |
385 |
|
386 |
The deployer element can be used to deploy apps cluster |
387 |
wide. |
388 |
Currently the deployment only deploys/undeploys to working |
389 |
members in the cluster |
390 |
so no WARs are copied upons startup of a broken node. |
391 |
The deployer watches a directory (watchDir) for WAR files |
392 |
when watchEnabled="true" |
393 |
When a new war file is added the war gets deployed to the |
394 |
local instance, |
395 |
and then deployed to the other instances in the cluster. |
396 |
When a war file is deleted from the watchDir the war is |
397 |
undeployed locally |
398 |
and cluster wide |
399 |
--> |
400 |
|
401 |
<!-- |
402 |
<Cluster |
403 |
className="org.apache.catalina.cluster.tcp.SimpleTcpCluster" |
404 |
|
405 |
managerClassName="org.apache.catalina.cluster.session.DeltaManager" |
406 |
expireSessionsOnShutdown="false" |
407 |
useDirtyFlag="true"> |
408 |
|
409 |
<Membership |
410 |
|
411 |
className="org.apache.catalina.cluster.mcast.McastService" |
412 |
mcastAddr="228.0.0.4" |
413 |
mcastPort="45564" |
414 |
mcastFrequency="500" |
415 |
mcastDropTime="3000"/> |
416 |
|
417 |
<Receiver |
418 |
|
419 |
className="org.apache.catalina.cluster.tcp.ReplicationListener" |
420 |
tcpListenAddress="auto" |
421 |
tcpListenPort="4001" |
422 |
tcpSelectorTimeout="100" |
423 |
tcpThreadCount="6"/> |
424 |
|
425 |
<Sender |
426 |
|
427 |
className="org.apache.catalina.cluster.tcp.ReplicationTransmitter" |
428 |
replicationMode="pooled"/> |
429 |
|
430 |
<Valve |
431 |
className="org.apache.catalina.cluster.tcp.ReplicationValve" |
432 |
|
433 |
filter=".*\.gif;.*\.js;.*\.jpg;.*\.htm;.*\.html;.*\.txt;"/> |
434 |
|
435 |
<Deployer |
436 |
className="org.apache.catalina.cluster.deploy.FarmWarDeployer" |
437 |
tempDir="/tmp/war-temp/" |
438 |
deployDir="/tmp/war-deploy/" |
439 |
watchDir="/tmp/war-listen/" |
440 |
watchEnabled="false"/> |
441 |
</Cluster> |
442 |
--> |
443 |
|
444 |
|
445 |
|
446 |
<!-- Normally, users must authenticate themselves to each web |
447 |
app |
448 |
individually. Uncomment the following entry if you would |
449 |
like |
450 |
a user to be authenticated the first time they encounter a |
451 |
resource protected by a security constraint, and then have |
452 |
that |
453 |
user identity maintained across *all* web applications |
454 |
contained |
455 |
in this virtual host. --> |
456 |
<!-- |
457 |
<Valve |
458 |
className="org.apache.catalina.authenticator.SingleSignOn" |
459 |
debug="0"/> |
460 |
--> |
461 |
|
462 |
<!-- Access log processes all requests for this virtual host. |
463 |
By |
464 |
default, log files are created in the "logs" directory |
465 |
relative to |
466 |
$CATALINA_HOME. If you wish, you can specify a different |
467 |
directory with the "directory" attribute. Specify either a |
468 |
relative |
469 |
(to $CATALINA_HOME) or absolute path to the desired |
470 |
directory. |
471 |
--> |
472 |
<!-- |
473 |
<Valve className="org.apache.catalina.valves.AccessLogValve" |
474 |
directory="logs" prefix="localhost_access_log." |
475 |
suffix=".txt" |
476 |
pattern="common" resolveHosts="false"/> |
477 |
--> |
478 |
|
479 |
<!-- Logger shared by all Contexts related to this virtual host. |
480 |
By |
481 |
default (when using FileLogger), log files are created in |
482 |
the "logs" |
483 |
directory relative to $CATALINA_HOME. If you wish, you can |
484 |
specify |
485 |
a different directory with the "directory" attribute. |
486 |
Specify either a |
487 |
relative (to $CATALINA_HOME) or absolute path to the |
488 |
desired |
489 |
directory.--> |
490 |
<Logger className="org.apache.catalina.logger.FileLogger" |
491 |
directory="logs" prefix="localhost_log." suffix=".txt" |
492 |
timestamp="true"/> |
493 |
|
494 |
|
495 |
</Host> |
496 |
|
497 |
</Engine> |
498 |
|
499 |
</Service> |
500 |
|
501 |
</Server> |
502 |
|
503 |
|
504 |
--- |
505 |
Chris Covington |
506 |
IT |
507 |
Plus One Health Management |
508 |
75 Maiden Lane Suite 801 |
509 |
NY, NY 10038 |
510 |
646-312-6269 |
511 |
http://www.plusoneactive.com |
512 |
|
513 |
-- |
514 |
gentoo-server@g.o mailing list |