I've a Java based web application using tomcat8 and apache2. If I access my website via an ip address it displays the application located in /opt/tomcat/webapps. If however I try and access my website via it's domain name it directs me to the default apache2 page located in /var/www/html/index.html ( which is not surprising since the DocumentRoot is set to /var/www/html in my VirtualHost, see below).
What's the correct way to point to the tomcat webapps root directory? Do I need to use JkMount?
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
ServerAdmin webmaster#localhost
ServerName mywebsite.com
DocumentRoot /var/www/html
I resolved this by configuring a reverse proxy in Apache to serve my tomcat application.
https://wiki.apache.org/httpd/TomcatReverseProxy
Related
I'm trying to make grails app run under two different domains - test.com/myapp and test.org/myapp. host in Config.groovy url is pointing to https://test.com/myapp What happens is when I go to test.org/myapp it goes properly to the home page and when I'm trying to login it redirects to the first domain. I guess it's something to be with spring security and path generating. What are my options in order to fix that?
Here is my myapp.conf but if you need additional data pls let me know in comments
Alias /.well-known/acme-challenge/ "/var/www/html/certbot/.well-known/acme-challenge/"
<Directory "/.well-known/acme-challenge/">
Options -Indexes -MultiViews
AllowOverride None
Order allow,deny
Allow from all
</Directory>
<VirtualHost *:80>
ServerName test.com
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</VirtualHost>
<VirtualHost *:443>
ServerName test.com
ServerAlias www.test.com
DocumentRoot /var/www/html/honeypot/
RewriteEngine On
php_flag engine off
RemoveHandler .cgi .php .php3 .php4 .php5 .phtml .pl .py .pyc .pyo
JkMount /* worker1
JkUnMount /myapp/files/* worker1
Alias "/myapp/files" "/var/www/myapp/files"
<Directory "/myapp/files">
allow from all
Options -Indexes
AllowOverride None
</Directory>
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/test.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/test.com/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/test.com/chain.pem
SSLProxyEngine on
ProxyPreserveHost On
ProxyPassMatch ^/myap(.+)$ !
ProxyPass / https://myserver.com/
ProxyPassReverse / https://myserver.com/
</VirtualHost>
UPDATE
grails.serverURL = https://test.com/myapp
Perhaps you should post your configuration for spring-security. Assuming it is that problem, there are different ways to tackle it. One is that you can set external configuration in Grails applications using grails.config.locations (see http://docs.grails.org/2.5.4/guide/single.html#configExternalized) and then you override the application settings for Spring Security within an external file on your server that the grails.config.locations is referencing.
This allows you to manage the application configuration separately, but deploy the same war. You could then manage the external files by some configuration management system, such as Puppet.
I am working on Tomcatcat Clustering with Apache server on Ubuntu14. I did Tomcat Clustering successful and integration with Apache server as well.
In Apache server I did the virtual hosting as well something like following code.
<VirtualHost *:80>
ServerName myexample.com
ServerAdmin webmaster#myexample.com
DocumentRoot /var/www/myexample.com/public_html/
ServerAlias www.myexample.com
JkMount / balancer
# Error page is just the index telling about the situation of not being connected
ErrorDocument 404 /index.html
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
So when I request myexample.com it send the request to balancer and balancer further redirect this request to one Tomcat Worker. My worker.properties file looks like this.
# Define 1 real worker named ajp13
worker.list=balancer,stat
# Set properties for worker named ajp13 to use ajp13 protocol,
# and run on port 8109
worker.tomcat1.type=ajp13
worker.tomcat1.host=localhost
worker.tomcat1.port=8109
worker.tomcat1.lbfactor=10
worker.tomcat2.type=ajp13
worker.tomcat2.host=localhost
worker.tomcat2.port=8209
worker.tomcat2.lbfactor=10
worker.tomcat3.type=ajp13
worker.tomcat3.host=localhost
worker.tomcat3.port=8309
worker.tomcat3.lbfactor=10
worker.balancer.type=lb
worker.balancer.balance_workers=tomcat1,tomcat2,tomcat3
worker.stat.type=status
Now the problem is whenever I request myexample.com, request is redirect to Tomcat Root folder and shows the Root folder content. I have one web application(helloworld) inside webapps folder of each tomcat instance.
So my question is how can I configure Tomcat or Apache so that request should redirect go to helloworld instead of Root folder.
I have deployed a java based website on my VPS. It successfully deployed and working correctly. I have defined a redirect rule to redirect from root to sub folder. The issue right now I am facing is,
if I put domain.com -> redirects to domain.com/pages/shopIndex (shows
page correctly)
and
when I put www.domain.com -> redirects to
www.domain.com/pages/shopIndex (shows 404)
I am not understanding this strange behavior because I have added alias for domain.com to www.domain.com in my httpd.conf
This is how my virtual host file look like:
<VirtualHost 192.169.235.118:80>
ServerName domain.parentDomain.in
ServerAlias domain.com www.domain.com www.domain.parentDomain.in
DocumentRoot /path_to/domain.com
ServerAdmin admin#admin
UseCanonicalName Off
CustomLog /path_to/domain.parentDomain.in combined
</VirtualHost>
Can anyone help me to find the solution?
I got the solution for this problem, there is Alias tag for server.xml file where we can put Alias for host we want to represent.
This is how I solved the issue (in server.xml inside host tag):
<Alias>www.domain.com</Alias>
I'm looking for a good load balancer to use with Tomcat. Our application doesn't store anything in the session context so it isn't important to redirect to same server for the same user. I'd simply like something that can queue requests round-robin style or based on each server's inidividual load. I'd also like to be able to add application servers to those available to handle requests without having to restart the load balancer. We're running the application on linux if that matters.
If all you need is a software load balancer on linux use Apache Webserver2, Mod-Jk and Tomcat Clustering:
At your Webserver:
Install apache2 and modjk:
sudo apt-get install apache2 libapache2-mod-jk
sudo a2enmod jk
Create a workers.properties file available to your apache2. In some cases it's automatically created in your /etc/apache2 directory. This file is holding the lb config, node names, ips and ports of your Tomcat servers, i.e.:
worker.list=balancer,lbstats
#node1
worker.node1.type=ajp13
worker.node1.host=YOUR_TOMCAT-NODE-IP
worker.node1.port=YOUR_TOMCAT-NODE-AJP-PORT
worker.node1.lbfactor=10
#more nodes here ... (change name in between)
#lb config
worker.balancer.type=lb
#turn off sticky session
worker.balancer.sticky_session=0
#add all defined node names to this list (node1, node2, ...):
worker.balancer.balance_workers=node1
#lb status information (optional)
worker.lbstats.type=status
Create a Mod-Jk section in your apache2 config file, if it has not been created automatically.
JkWorkersFile /etc/apache2/workers.properties
JkLogFile /var/log/apache2/mod_jk.log
JkShmFile /tmp/jk-runtime-status
JkLogLevel info
Mount your application to the load balancer (apache2 config file):
JkMount /My-Java-App-Name balancer
JkMount /My-Java-App-Name/* balancer
JkMount /modjkstatus lbstats
At your Tomcat servers:
Install tomcat (using the tarball package, imho, way better then the apt verison). Change server.xml:
disable the http connectors in server.xml (by commenting them out).
enable AJP/1.3 connector and set the port you defined in workers.properties for this node.
add jvmRoute with the right node name to the "Engine" element:
<Engine jvmRoute="node1" ...
add a "Cluster" element for simplest configuration
<Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster" />
Deploy your application to all tomcats and add a distributable element to your applications web.xml.
<distributable/>
Make sure the webserver can access the ajp ports on your tomcat servers and no one else can.
Start the webserver and the tomcats one after another and check the logs (/var/log/apache2/mod_jk.log, too).
Access your app: http://mywebserver.com/MyApp
Check (and deny access to) the lb status page http://mywebserver.com/modjkstatus
Hi
We started to create our applications with J2EE. We now created a Webservice and deployed it to the Glassfish Server. We have written an apache proxy rule to access it via https://our.server.com/webservice-war (only https port is open to that server):
ProxyRequests Off
ProxyPass /webservice-war http://our.server.com:8080/webservice-war
ProxyPassReverse /webservice-war http://our.server.com:8080/webservice-war
Now everything works fine, but when we go to the to the ServiceEndpoint page (which is automatically generated) there is a link to the WSDL page:
http://our.server.com:8080/webservice-war/HostaliasSearchImplService?wsdl
which is obously wrong (Glassfish listens to port 8080). and also https is changed to http
Anyone an idea how I can fix it, that the automatically generated link is:
https://our.server.com/webservice-war/HostaliasSearchImplService?wsdl
BR, Rene
I discovered what I consider to be a very simple and elegant way to deal with the issue: use mod_substitute. Since those of us with this problem are already using Apache, and it's built in and simple, I liked this approach best.
I put a block similar to the below in one of my Apache conf files and found joy:
<Location />
AddOutputFilterByType SUBSTITUTE text/xml
Substitute "s|http://internal:8080/foo|https://external/foo|ni"
</Location>
Found the solution!
Anonym gave me a good hint about mod_jk. So here the complete configuration (for RHEL5).
First of all Download the mod_jk module for apache: http://archive.apache.org/dist/tomcat/tomcat-connectors/jk/binaries/linux/jk-1.2.31/x86_64/
Put in in the modules directory /etc/httpd/modules and make it executeable:
chmod +x mod_jk-1.2.31-httpd-2.2.x.so
After that create /etc/httpd/conf/workers.properties:
# Define 1 real worker using ajp13
worker.list=worker1
# Set properties for worker1 (ajp13)
worker.worker1.type=ajp13
worker.worker1.host=localhost
worker.worker1.port=8009
The Port 8009 is the where the Glassfish jk connector listens (we come to that later).
No we have to configure mod_jk, therefore create the file: /etc/httpd/conf.d/mod_jk.conf with the following content:
LoadModule jk_module modules/mod_jk-1.2.31-httpd-2.2.x.so
JkWorkersFile /etc/httpd/conf/workers.properties
# Where to put jk logs
JkLogFile /var/log/httpd/mod_jk.log
# Set the jk log level [debug/error/info]
JkLogLevel debug
# Select the log format
JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
# JkOptions indicate to send SSL KEY SIZE,
JkOptions +ForwardKeySize +ForwardURICompat -ForwardDirectories
# JkRequestLogFormat set the request format
JkRequestLogFormat "%w %V %T"
# Send everything for context /atsi-war to worker named worker1 (ajp13)
JkMount /yourapp-war/* worker1
(This means everything from your http://apache.webserver.com/yourapp-war/ will bi redirected to Glassfish yourapp-war application context)
Important, if you are using virtual hosts on apache, you have to set the option:
JkMountCopy On
for your virtual servers. Explication:
If this directive is set to "On" in
some virtual server, the mounts from
the global server will be copied to
this virtual server, more precisely
all mounts defined by JkMount or
JkUnMount.
Now we have to create the jk connecter in glassfish:
asadmin create-http-listener --listenerport 8009 --listeneraddress 0.0.0.0 --defaultvs server jk-connector
asadmin set configs.config.server-config.network-config.network-listeners.network-listener.jk-connector.jk-enabled=true
Restart Glassfish, and everything sould work.
As for rewriting the https -> http, I'm not sure that's possible(yet) without using mod_jk, see here
, but see also this little guide
Though, generally, you'll need configure Glassfish and set http.proxyPort (and probably http.proxyHost too). Hopefully that should reflect in the autogenerated WSDL URL.
Here's 3 different ways to do this:
1
Use asadmin (in the Glassfish bin/ directory, run
asadmin create-jvm-options "-Dhttp.proxyPort=80"
asadmin create-jvm-options "-Dhttp.proxyHost=our.server.com"
2
Edit domain.xml and add under the <java-config> element
<jvm-options>-Dhttp.proxyPort=80</jvm-options>
<jvm-options>-Dhttp.proxyHost=our.server.com</jvm-options>
3.
Open the Glassfish admin web page, under Application Server -> VM Settings -> JVM Options and add these options
http.proxyPort=80
http.proxyHost=our.server.com
Setting
server-config.network-config.protocols.protocol.http-listener-1.http.server-name=MyHost:80
on GlassFish Server Open Source Edition 3.1.2.2 (build 5) solved problem to me.