| Mike Millson Web Systems Engineer [email protected] |
February 5, 2004 Merit Online Systems, Inc. www.meritonlinesystems.com |
Java servlets are a powerful tool for building websites and web based applications. One skill that every Java web developer should have is the ability to install and configure the Tomcat servlet engine. Many thanks to the Apache Software Foundation for providing this mature, stable, open source software. It was recently voted the Best Application Server of 2003 by InfoWorld readers.
This article discusses how to integrate Tomcat with the Apache web server on Red Hat Linux 9 or Red Hat Enterprise Linux 3. The goal is to provide a simple, stable configuration that will allow users to gain confidence using Tomcat.
Please note the following code conventions:I chose to install Apache using the Red Hat RPM. Using the RPM instead of compiling Apache from source simplifies system administration in the following ways:
I recommend using the Red Hat up2date command line utility to install Red Hat RPMs. It eliminates a multitude of headaches by ensuring the software you install is the correct version and you have the right dependencies installed on your system.
Red Hat RPMs that must be installed:
To install these packages using up2date, make sure you are connected to the Internet, and enter the following:
up2date -i httpd up2date -i httpd-devel
You should now be able to start/stop/restart Apache as follows:
service httpd start service httpd stop service httpd restart
Verify that Apache is working by starting Apache and typing http://localhost/ into your browser. You should see the default Apache install page with links to documentation.
The only requirements to run Tomcat are that a Java Development Kit (JDK), also called a Java Software Developement Kit (SDK), be installed and the JAVA_HOME environment variable be set.
I chose to install Sun's Java 2 Platform, Standard Edition, which can be downloaded from http://java.sun.com/j2se/). I chose the J2SE v1.4.2 SDK Linux self-extracting binary file.
Change to the directory where you downloaded the SDK and make the self-extracting binary executable:
chmod +x j2sdk-1_4_2-linux-i586.bin
Run the self-extracting binary:
./j2sdk-1_4_2-linux-i586.bin
There should now be a directory called j2sdk1.4.2 in the download directory. Move the SDK directory to where you want it to be installed. I chose to install it in /usr/java. Create /usr/java if it doesn't exist. Here is the command I used from inside the download directory:
mv j2sdk1.4.2 /usr/java
Set the JAVA_HOME environment variable, by modifying /etc/profile so it includes the following:
JAVA_HOME="/usr/java/j2sdk1.4.2" export JAVA_HOME
/etc/profile is run at startup and when a user logs into the system, so you will need to log out and log back in for JAVA_HOME to be defined.
exit su -
Check to make sure JAVA_HOME is defined correctly using the command below. You should see the path to your Java SDK.
echo $JAVA_HOME
You will install and configure Tomcat as root; however, you should create a group and user account for Tomcat to run under as follows:
groupadd tomcat useradd -g tomcat tomcat
This will create the /home/tomcat directory, where I will install my Tomcat applications.
Download the latest release binary build from http://www.apache.org/dist/jakarta/tomcat-4/. Since Tomcat runs directly on top of a standard JDK, I cannot think of any reason to building it from source.
The Tomcat binary is available in two different flavors:
There are a number of different download formats. I chose the LE version gnu zipped tar file (jakarta-tomcat-4.1.29-LE-jdk14.tar.gz).
Unzip Tomcat by issuing the following command from your download directory:
tar xvzf jakarta-tomcat-4.1.29-LE-jdk14.tar.gz
This will create a directory called jakarta-tomcat-4.1.29-LE-jdk14. Move this directory to wherever you would like to install Tomcat. I chose /usr/local. Here is the command I issued from inside the download directory:
mv jakarta-tomcat-4.1.29-LE-jdk14 /usr/local/
The directory where Tomcat is installed is referred to as CATALINA_HOME in the Tomcat documentation. In this case CATALINA_HOME=/usr/local/jakarta-tomcat-4.1.29-LE-jdk14.
I recommend setting up a symbolic link to point to your current Tomcat version. This will save you from having to change your startup and shutdown scripts each time you upgrade Tomcat or set a CATALINA_HOME environment variable. It also allows you to keep several versions of Tomcat on your system and easily switch amongst them. Here is the command I issued from inside /usr/local to create a symbolic link called /usr/local/jakarta-tomcat that points to /usr/local/jakarta-tomcat-4.1.29-LE-jdk14:
ln -s jakarta-tomcat-4.1.29-LE-jdk14 jakarta-tomcat
Change the group and owner of the /usr/local/jakarta-tomcat and /usr/local/jakarta-tomcat-4.1.29-LE-jdk14 directories to tomcat:
chown tomcat.tomcat /usr/local/jakarta-tomcat chown -R tomcat.tomcat /usr/local/jakarta-tomcat-4.1.29-LE-jdk14
It is not necessary to set the CATALINA_HOME environment variable. Tomcat is smart enough to figure out CATALINA_HOME on its own.
You should now be able to start and stop Tomcat from the CATALINA_HOME/bin directory by typing ./startup.sh and ./shutdown.sh respectively. Test that Tomcat is working by starting it and typing http://localhost:8080 into your browser. You should see the Tomcat welcome page with links to documentation and sample code. Verify Tomcat is working by clicking on some of the examples links.
At this point, Apache and Tomcat should be working separately in standalone mode. You can run Tomcat in standalone mode as an alternative to Apache. In fact, in some cases, it is said that Tomcat standalone is faster than serving static content from Apache and dynamic content from Tomcat. However, there are compelling reasons to use Apache as the front end. If you run Tomcat standalone:
I think the increased functionality obtained by using Apache on the front end far outweighs the effort required to install and configure a connector. With that said, I selected the tried and true mod_jk connector. It has been around a long while and is very stable. mod_jk2 is the wave of the future, but I'm holding off on that for now. In early 2002 I invested a considerable amount of time on the "wave of the future" connector at that time, mod_webapp, which is now no longer being developed. For that reason, I am being cautious about migrating to mod_jk2.
The mod_jk connector is the communication link between Apache and Tomcat. It listens on port 8009 for requests from Apache.
In my experience, it's safest to think of connectors as being version dependent. If you upgrade Tomcat and you have a connector issue, try compiling the connector using the version-specific connector source.
Download the jk connector source from http://www.apache.org/dist/jakarta/tomcat-connectors/jk/. I used jakarta-tomcat-connectors-jk-1.2-src-current.tar.gz.
Unzip the contents of the file into your download directory as follows:
tar xvzf jakarta-tomcat-connectors-jk-1.2-src-current.tar.gz
This will create a folder called jakarta-tomcat-connectors-jk-1.2.5-src. Move this folder to wherever you store source files on your system. I chose /usr/src. Here is the command I issued from inside the download directory:
mv jakarta-tomcat-connectors-jk-1.2.5-src /usr/src
I refer to the folder where the connector source is installed as CONN_SRC_HOME. In my case CONN_SRC_HOME = /usr/src/jakarta-tomcat-connectors-jk-1.2.5-src.
Run the buildconf script to to create the CONN_SRC_HOME/jk/native/configure file.
CONN_SRC_HOME/jk/native/buildconf.sh
Run the configure script with the path to the apxs file on your system and the options below:
./configure --with-apxs=/usr/sbin/apxs
Build mod_jk with the following command:
make
If all went well, the mod_jk.so file was successfully created. Manually copy it to Apache's shared object files directory:
cp CONN_SRC_HOME/jk/native/apache-2.0/mod_jk.so /etc/httpd/modules
The workers.properties file contains information so mod_jk can connect to the Tomcat worker processes.
Create a directory called CATALINA_HOME/conf/jk and place the workers.properties file below in this directory.
# workers.properties - ajp13 # # List workers worker.list=wrkr # # Define wrkr worker.wrkr.port=8009 worker.wrkr.host=localhost worker.wrkr.type=ajp13 worker.wrkr.cachesize=10 worker.wrkr.cache_timeout=600 worker.wrkr.socket_timeout=300
Notes
The server.xml file contains Tomcat server configuration information. The default CATALINA_HOME/conf/server.xml file that comes with Tomcat contains so much information that I recommend saving it for future reference (e.g. server.xml.bak) and starting from scratch. The default server.xml is great for verifying that Tomcat works in standalone mode and for viewing the examples that come with the application, but I have found it is not the best starting point when you want to integrate Apache with Tomcat. Instead, create a bare bones server.xml file as follows:
<Server port="8005" shutdown="0fbb9aebcbfbef203eca71b6be367859" debug="0"> <Service name="Tomcat-Apache"> <Connector className="org.apache.ajp.tomcat4.Ajp13Connector" address="127.0.0.1" port="8009" minProcessors="5" maxProcessors="75" enableLookups="false" acceptCount="10" debug="0"/> <Engine name="your_engine" debug="0" defaultHost="your_domain"> <Logger className="org.apache.catalina.logger.FileLogger" prefix="catalina_log." suffix=".txt" timestamp="true"/> <Host name="your_domain" debug="0" unpackWARs="true"> <Context path="" docBase="/home/tomcat/your_application" debug="0" reloadable="true" /> </Host> </Engine> </Service> </Server>
This setup assumes you will put your Tomcat applications in /home/tomcat, not CATALINA_HOME/webapps. This will allow you to easily upgrade Tomcat and back up your Tomcat applications.
If you do keep the default server.xml, make sure you comment out any other connectors besides mod_jk that are listening on port 8009. The default file comes with the Coyote/JK2 connector enabled for the Tomcat-Standalone service. This will conflict with the mod_jk connector in your Tomcat-Apache service. You should comment this connector out. It isn't needed when you connect directly to Tomcat in standalone mode (port 8080), so I'm not sure why this connector is enabled by default.
The Server address defines the interface that Tomcat will listen on for mod_jk requests from Apache. In my configuration, Apache and Tomcat reside on the same box, so I have set the address to the loopback address. The default is for Tomcat to listen on all interfaces, so restricting it to the loopback interface improves security.
The Server shutdown property is the text string that is sent over a socket connection to stop Tomcat. The default value is "SHUTDOWN". The shutdown port is always on the loopback interface, which provides host-level protection. However, there is the possibility that the host could be compromised and someone could send the command SHUTDOWN to all ports and knock Tomcat offline. To prevent this, replace the default value with one that is difficult to guess. Do not use the example string above. Create your own by feeding random bytes into md5sum as follows:
head -1024c /dev/random | md5sum
Change the permissions on server.xml so no one can read the shutdown string:
chmod 600 $CATALINA_HOME/conf/server.xml
Apache is configured with directives placed in the main Apache configuration file, /etc/httpd/conf/httpd.conf. In addition, Apache 2 has configuration files for perl, php, and ssl located in /etc/httpd/conf.d/.
Rename the /etc/httpd/conf.d/ssl.conf file to ssl.conf.bak. The default Red Hat Apache 2 installation comes with ssl support enabled. If ssl is needed, you can re-enable it after you have sucessfully integrated Apache and Tomcat.
You will notice that there are three sections labeled in the httpd.conf file supplied by Red Hat: (1) Global Environment, (2) Main Server Configuration, and (3) Virtual Hosts.
Add the following to the bottom of the existing LoadModule directives in the Global Environment section:
LoadModule jk_module modules/mod_jk.so
Add the following to the bottom of the Main Server Configuration section:
JkWorkersFile "/usr/local/jakarta-tomcat/conf/jk/workers.properties" JkLogFile "/usr/local/jakarta-tomcat/logs/mod_jk.log" JkLogLevel info JkLogStampFormat "[%a %b %d %H:%M:%S %Y]"
The configuration above assumes you created a symbolic link /usr/jakarta-tomcat that points to the directory where your version of Tomcat is installed.
Set up a Virtual Host directive in the Virtual Hosts section of httpd.conf. Below is an example of how to set up the your_domain website so Tomcat handles all jsp pages and requests with "servlet" in the path:
NameVirtualHost 127.0.0.1:80 <VirtualHost 127.0.0.1:80> ServerAdmin webmaster@your_domain ServerName your_domain DocumentRoot /usr/www/your_domain/html ErrorLog /usr/www/your_domain/logs/error_log CustomLog /usr/www/your_domain/logs/access_log common JkMount /*.jsp wrkr JkMount /servlet/* wrkr </VirtualHost>
The configuration above assumes that your application's static html files will be served from the /usr/www/your_domain/html directory.
The argument for the NameVirtualHost directive must match exactly the argument for the VirtualHost directive (127.0.0.1:80).
You can test your Apache configuration by typing the following:
httpd -t -D DUMP_VHOSTS
You should get something like the following response:
127.0.0.1:80 is a NameVirtualHost
default server your_domain (/etc/httpd/conf/httpd.conf:1056)
port 80 namevhost your_domain (/etc/httpd/conf/httpd.conf:1056)
Syntax OK
your_domain does not need to be a domain name with a DNS entry. For testing purposes, you can set up any domain you want in the /etc/hosts file of the machine that you will be using to access your_application.
The example below shows the entry for your_domain when running Apache and Tomcat on a single machine, typical for a development computer.
127.0.0.1 your_domain
We will create and install a simple Hello World html page so we can test to make sure Apache handles requests for static html pages.
Copy the following text into a file called HelloWorld.html and install the file in the /usr/www/your_domain/html directory.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title>Hello World HTML!</title> </head> <body> <h1>Hello World HTML!</h1> </body> </html>
If Apache has not been restarted since you added your virtual host, do so as follows:
service httpd restart
You should now be able to type http://your_domain/HelloWorld.html into your browser and see the always-exciting "Hello World" message.
We will create and install a simple Hello World servlet so we can test to make sure Apache forwards servlet requests to Tomcat for handling.
Copy the following into a file called HelloWorld.jsp:
<%@ page contentType="text/html;charset=WINDOWS-1252"%>
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=ISO-8859-1">
<title>Hello World JSP</title>
</head>
<body>
<h1><% out.println(" Hello World JSP!"); %></h1>
</body>
</html>
Copy the HelloWorld.jsp file to the /home/tomcat/your_application/ directory.
Copy the following into a file called HelloWorld.java:
import java.io.*;
import javax.servlet.*;
import javax.servlet.http.*;
public class HelloWorld
extends HttpServlet {
public void doGet(HttpServletRequest request,
HttpServletResponse response)
throws IOException, ServletException {
response.setContentType("text/html");
PrintWriter out = response.getWriter();
out.println("Hello World Servlet!");
}
}
Compile the source into a class file as follows:
javac -classpath /usr/local/jakarta-tomcat/common/lib/servlet.jar HelloWorld.java
This will create a file called HelloWorld.class. Copy the HelloWorld.class file to the /home/tomcat/your_application/WEB-INF/classes directory.
Create the following directories and files in /home/tomcat/your_application:
/home/tomcat/your_application/WEB-INF /home/tomcat/your_application/WEB-INF/classes /home/tomcat/your_application/WEB-INF/web.xml
The web.xml file is where you map the name of your servlet to a URL pattern so Tomcat can run your servlet when requested. Below is the web.xml file that runs the HelloWorld servlet whenever the URL http://your_domain/servlet/HelloWorld is entered in the browser:
<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE web-app
PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
"http://java.sun.com/dtd/web-app_2_3.dtd">
<web-app>
<servlet>
<servlet-name>HelloWorld</servlet-name>
<servlet-class>HelloWorld</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>HelloWorld</servlet-name>
<url-pattern>/servlet/HelloWorld</url-pattern>
</servlet-mapping>
</web-app>
Restart Tomcat as follows:
/CATALINA_HOME/bin/shutdown.sh /CATALINA_HOME/bin/startup.sh
Restart Apache as follows:
service httpd restart
You should now be able to type the following into your browser and see the always-exciting "Hello World" message:
http://your_domain/HelloWorld.jsp
http://your_domain/servlet/HelloWorld
The following steps are not mandatory, but are suggested for a better, tighter Tomcat installation.
If you want to automatically start Tomcat when your system boots and manage it using the service command as we do Apache, you must create an initialization script.
Create the following Tomcat initialization script as /etc/rc.d/init.d/tomcat
#!/bin/sh # # Startup script for Tomcat, the Apache Servlet Engine # # chkconfig: 345 80 20 # description: Tomcat is the Apache Servlet Engine # processname: tomcat # pidfile: /var/run/tomcat.pid # # Mike Millson <[email protected]> # # version 1.02 - Clear work directory on shutdown per John Turner suggestion. # version 1.01 - Cross between Red Hat Tomcat RPM and Chris Bush scripts # Tomcat name :) TOMCAT_PROG=tomcat # if TOMCAT_USER is not set, use tomcat like Apache HTTP server if [ -z "$TOMCAT_USER" ]; then TOMCAT_USER="tomcat" fi RETVAL=0 # start and stop functions start() { echo -n "Starting tomcat: " chown -R $TOMCAT_USER:$TOMCAT_USER /usr/local/jakarta-tomcat/* chown -R $TOMCAT_USER:$TOMCAT_USER /home/tomcat/* su -l $TOMCAT_USER -c '/usr/local/jakarta-tomcat/bin/startup.sh' RETVAL=$? echo [ $RETVAL = 0 ] && touch /var/lock/subsys/tomcat return $RETVAL } stop() { echo -n "Stopping tomcat: " su -l $TOMCAT_USER -c '/usr/local/jakarta-tomcat/bin/shutdown.sh' RETVAL=$? echo [ $RETVAL = 0 ] && rm -f /var/lock/subsys/tomcat /var/run/tomcat.pid rm -rf /usr/local/jakarta-tomcat/work/* } # See how we were called. case "$1" in start) start ;; stop) stop ;; restart) stop # Ugly hack # We should really make sure tomcat # is stopped before leaving stop sleep 2 start ;; *) echo "Usage: $0 {start|stop|restart}" exit 1 esac exit $RETVAL
Add the startup script to your system as follows:
chkconfig --add tomcat
You will be able to start/stop/restart it using the following commands:
service tomcat start service tomcat stop service tomcat restart
If you want Tomcat to start automatically when your system boots, you need to add tomcat to your runlevel as follows:
chkconfig --level 5 tomcat on
Runlevel 5 is the X Window System, typical for a development computer. Runlevel 3 is typical for a dedicated web server.
Apache and Tomcat can be started in any order, and each can be restarted independently of the other.
During development, you will need access to your tomcat application directory. Add the user account under which you will be doing development to the tomcat group in /etc/group. For example, this is what the tomcat entry might look like in /etc/group if you do development under the yourname account:
tomcat:x:502:yourname
Make sure the tomcat group has permission to publish files (e.g. using ant) to your Tomcat application in /home/tomcat/your_application. Issue the following command as root:
chmod g+rw /home/tomcat
Look here for clues to Apache httpd.conf configuration issues, for example VirtualHost setup.
Look here for clues to Tomcat server.xml configuration issues. This file is written to when Tomcat starts and stops. It also catches System.out and System.err.
Look here for clues to mod_jk configuration issues.