I have a company application deployed on Tomcat 8 and another application making request to an Apache server that uses AJP ` protocol to access the application. I am new to AJP. I have created an AWS infrastructure using containers with the mentioned application (as an alternative to the described above). The problem is I want to avoid using Apache and use Amazon's ALB (application load balancer) and so far it's working, except the AJP request. The problem I am having is that when not using Apache, I do not need to use AJP anymore and I want to replace it with HTTPS. Will enabling the HTTPS connector in Tomcat do the trick? The lines in Apache configuration are:
ProxyPass /pmaddon-a ajp://*.*.*.*:8009/pmaddon-a
ProxyPassReverse /pmaddon-a ajp://*.*.*.*:8009/pmaddon-a
To sum up, if I skip the Apache server and call Tomcat directly with HTTPS (with enabled HTTPS connector of course) will it have the same result as using the AJP connector as I am now?
I understand what you want to do is:
Access you application directly using the TOMCAT connector
Remove the APACHE in front and its AJP communication with TOMCAT
This is possible to do, perhaps you need to adapt that other application (the one that calls apache) to point to the URL that arrives to the TOMCAT connector.
If the question is if you will have the same result:
I understand yes. AJP and HTTP both serve the same content, it's just a different protocol.
You didnt explain if you have HA therefore I did not enter that topic.
AJP is very similar to http/https except it is a binary protocol from Apache (Apache Jserv Protocol) but it is better performant since it size is almost 1/5 of the http/https.
It is widely being used with reverse proxy web server where webserver talk to application server using AJB.
You don't need to stick with AJP if you are directly connecting to Tomcat connector
Related
I have a tomcat .war application that has a number of endpoints. Let's say they are:
http://myapp.com/myapp/endpoint.a
http://myapp.com/myapp/endpoint.b
I want http://myapp.com/myapp/endpoint.a to be available over port 80, and http://myapp.com:8080/myapp/endpoint.b to only be available over port 8080.
I can't have apache in front of tomcat, and it is unacceptable for /myapp/endpoint.b to be accessible on the same port as /myapp/endpoint.a.
Splitting the endpoints into different application contexts is also not possible.
So far:
Spring boot allows setting the management endpoint to be accessible on a different port but we're not using springboot and I'm not sure at what level it achieves this. http://docs.spring.io/spring-boot/docs/current/reference/html/production-ready-monitoring.html#production-ready-customizing-management-server-address
I've been looking at the tomcat connector docs https://tomcat.apache.org/tomcat-7.0-doc/config/http.html but they all seem to connect a port/protocol to an entire application and do not allow specific endpoints, e.g. use only port:8080 for *.b
It's possible to achieve this with apache and JKMount by allowing everything on port 8080 in tomcat, and then forwarding *.a* from 80 to 8080 in apache. But as I said a requirement is to not use apache.
I am using spring if this helps.
It is solvable at the application level with a combination of:
A custom PortAuthorisationFilter configured in web.xml with a filter-mapping of the endpoints we want to restrict:
<url-pattern>*.b</url-pattern>
Inside the filter we check ServletRequest.getLocalPort() is equal to :8080 and reject the request otherwise. This method claims to be the port used in the TCP connection so cannot be spoofed.
At the tomcat level, we have http connectors at ports 80 and 8080, that apply to the entire application.
I am using dedicated server. I have hosted different HTML, PHP and wordpress websites on this server those are working perfectly.
Now I want to deploy java web application on this server. So I have installed Apache tomcat server on another port. So now I want to know how I can handle request directly from domain name to tomcat apache server.
Along with this I want to know how I can deploy multiple web applications on single tomcat. I want to know configuration to call different WAR files from tomcat.
Thank you in advance for your support.
You can use Apache as reverse proxy with the mod_proxy plugin: http://httpd.apache.org/docs/2.2/mod/mod_proxy.html
Therefore, you can handle all HTTP requests with Apache, specifying which requests shall be redirected to the Java web app in Apache Tomcat - port 8080.
Easiest way is to set up a HTTP server (apache, nginx, etc.) as a reverse proxy. Then you can map different domains to different contexts, for example:
www.domain.com -> localhost:8080/main/
www.otherdomain.com -> localhost:8080/othermain/
subdomain.domain.com -> localhost:8080/anotherwar/
For example with Nginx it would be done with a ProxyPass directive. Other HTTP servers have their own respective mechanisms.
I have a web socket server implementation using Netty (say listening on port 8081) and a separate Spring web application running in Tomcat (running in port 80).
I would like to somehow forward all request coming to localhost:80/Websocket to my Netty server on port 8081. Is this possible at all. since Tomcat and spring is build on top of http protocol, idk how this would be possible.
All I wanted to do is enable server push using websocket from my existing spring web app. Any suggestions?
The easiest way would probably be to put an nginx server up front and have it forward requests to /Websockets, however because Websockets is not Http 1.0 you can't use normal ProxyPass directives but according to http://www.letseehere.com/reverse-proxy-web-sockets it's possible via a special plugin
Take a look at the following 2 links which show how to have netty configured using spring. I have done it in grails wherin a netty socket server is running within tomcat, listening on a particular port for binary packets(not http)
link1
link2
Why not just use the WebSocket support in the latest Tomcat (7.0.27)?
Netty can handle HTTP. E.g. http://static.netty.io/3.5/xref/org/jboss/netty/example/http/snoop/package-summary.html
We have developed a web service in Java and have published the wsdl. This is done over http. Now we have to provide it over a secure connection i.e. https. The web service application is hosted on webspehere and we have the certificate used in websphere for https.
I am looking for the steps to update the java code and wsdl so that we can publish web service over https.
You should not need to update any Java code or WSDLs. This is all a function of the server configuration. The server is already listening on regular HTTP, presumably on port 80. A listener needs to be added for HTTPS, presumably on port 443 - and mapped to the same web context as your existing application.
Alternatively, this can be done outside of the web server (WebSphere, in your case) by fronting it with something like Apache HTTP Server or a dedicated load balancer that supports SSL/TLS offloading - which can be more efficient.
Since this really isn't a programming question, I'd recommend opening a new question at http://serverfault.com for details on how to configure WebSphere or something related to the configuration I proposed above.
I'm building a small web app in Spring so I've been using Tomcat as my application server. The web app requires comet connections so I'm using Tomcat's NIO as the connector. However, another part of the app needs to run a php bulletin board. I've done setups where Apache httpd handles all the requests and passes them to Tomcat using mod_jk only when it needs to. Apache handles all the static and php content.
However, it seems Apache httpd cannot be used like this if Tomcat is using NIO or APR to serve comet requests. Is there a way I can have Tomcat handle all requests and pass php requests to Apache which is hanging behind Tomcat? Or is there some other proxy I can use? Any ideas are appreciated. Thanks!
You could route all of your NIO comet connections through port 8080 and bypass apache altogether and then use port 80 apache for your php.
I use Jetty for comet, which is a really good choice for comet as it is a full web server that can stand on its own, so there is no need for Apache.
Another option is to look into the Querces PHP servlet for Java, which may help eliminate Apache while still allowing you to use php.
I hope one of these options, or a combination of them, helps you solve your problem.