Friday, 28 April 2017

Tomcat07-Security-and-User-Accounts

Security and User Accounts

  • If we need to access the Tomcat WebApplications then we need to setup some user accounts.
  • For this we need to edit the conf/tomcat-users.xml
  • At the bottom of this file we can find some roles and user accounts
  • Let us add some new roles and users now
    • Adding tomcat,manager, manager-gui, admin-gui roles
     <role rolename="tomcat"/>
     <role rolename="manager"/>
     <role rolename="manager-gui"/>
     <role rolename="admin-gui"/>
    
    • Adding admintom user
     <user username="admintom" password="s3cret" roles="manager,manager-gui,admin-gui"/>
    
  • Now setting up your Hostname / IP to your server instead of localhost
    • Open conf/server.xml and edit the following lines to add your Hostname
     Find the line starts with Engine and change the value of defaultHost
     <Engine name="Catalina" defaultHost="dev02.linux-library.com">
     
     Find the line starts with Host change the value of name to your hostname same as above
     <Host name="dev02.linux-library.com"  appBase="webapps"
    
  • If you want to access the tomcat manager from other than your local machine then you need to allow those IP ranges
    • To allow IPs to access manager edit webapps/manager/META-INF/context.xml file
    NOTE: If you want to access the app from a host of Class-A IP then you should add 10.\d+.\d+.\d+ to the allow directive That should look like below. I have allowed Class-A as well as Class-C ranges
     allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1|10\.\d+\.\d+\.\d+|192\.168\.1\.\d+" />
    
    • In the same way you can allow access to you hostmanager too.
    • Open webapps/host-manager/META-INF/context.xml and edit same as above

Thursday, 27 April 2017

Tomcat06-Architechture

Tomcat File and Directory Architecture

Let us know about the directories in CATALINA_HOME directory
  • bin In this directory we have all our control scripts / programs / executables of our tomcat application
  • conf In this directory we have all our xml based config files through which we can customize our tomcat application
  • lib In this directory we can have our standard library files. If we want to add any third party libraries then we can drop those here
  • logs All the tomcat logs can be found here.
    • localhost - Information of Apache Tomcat engine from the host perspective
    • manager - Information of starting and stopping instances
    • host-manager - Information about managing Apache tomcat engine
    • catalina - Logs all the errors in the applications which are running on Tomcat
  • temp - Contains the objects which will cached out to the disk while the engine is running
  • webapps - Applet contexts or our applications can be found here
    • ROOT - Here we can place the .war files of our applications

Wednesday, 19 April 2017

Tomcat05-Customizing-JVM

Customizing a Java Virtual Machine

  • Customizing the catalina.sh
    • CATALINA_OPTS
     CATALINA_OPTS="$CATALINA_OPTS $JPDA_OPTS"
    
    • By default the CATALINA_OPTS line will looks like above. Among which the JPDA_OPTS is used to provide the debug options for the catalina script.
    • Now we need to edit this line and can add our custom options like the size of initial memory of JVM (min. size), the size of memory of the JVM (max. size) it can grow upto, garbage collection options, etc.
    • Add the below at the end of the CATALINA_OPTS line
     -Xms128m -Xmx256m 
     
    
    • -Xms means Extended Minimum Size which is the min / initial size of a JVM to start with
    • -Xmx means Extended Maximum Size which is the max size upto which a JVM can grow

Monday, 17 April 2017

Tomcat04-Tomcat8_ENV_Setup

Tomcat 8 Environment Setup

  • We need to add the Environment setups to the universal profile file.
  • Let us edit /etc/profile and add the below lines
CATALINA_BASE=/opt/tomcat8
CATALINA_HOME=/opt/tomcat8
CATALINA_TMPDIR=/opt/tomcat8/temp
JAVA_HOME=/opt/jdk8
JRE_HOME=/opt/jdk8

Sunday, 16 April 2017

Tomcat03-Tomcat8_Installation

Apache Tomcat 8 Installation

  • Download Tomcat 8
# wget http://www-us.apache.org/dist/tomcat/tomcat-8/v8.5.11/bin/apache-tomcat-8.5.11.tar.gz
# tar -xzvf apache-tomcat-8.5.11.tar.gz
# mv apache-tomcat-8.5.11/ tomcat8
  • Export the Environment Variables
# cd /opt/tomcat8/bin
# export CATALINA_HOME=/opt/tomcat8/
  • Now start the Tomcat application using startup.sh located within bin directory of CATALINA_HOME
# cd $CATALINA_HOME/bin
# ./startup.sh
  • Check Tomcat process
# ps -ef | grep catalina | grep -v grep 
# netstat -ant | grep 8080 | grep -v grep

Saturday, 15 April 2017

Tomcat02-Java8_Installation

Oracle Java 8 - Inatallation & Setup

  • Download Oracle JDK 8 or later from Oracle site.
# cd /opt/
# wget --no-cookies --no-check-certificate --header "Cookie: gpw_e24=http%3A%2F%2Fwww.oracle.com%2F; oraclelicense=accept-securebackup-cookie" "http://download.oracle.com/otn-pub/java/jdk/8u121-b13/e9e7ea248e2c4826b92b3f075a80e441/jdk-8u121-linux-x64.tar.gz"
# tar xzf jdk-8u121-linux-x64.tar.gz
# mv jdk1.8.0_121/ jdk8/
  • Install Java with Alternatives
# cd /opt/jdk8
# alternatives --install /usr/bin/java java /opt/jdk8/bin/java 2
# alternatives --config java

# alternatives --install /usr/bin/jar jar /opt/jdk8/bin/jar 2
# alternatives --set jar /opt/jdk8/bin/jar

# alternatives --install /usr/bin/javac javac /opt/jdk8/bin/javac 2
# alternatives --set javac /opt/jdk8/bin/javac
  • Check the installation
# java -version
# javac -version
  • Now we have Oracle Java 8 ready as a pre-requisite of Tomcat 8
  • Configuring Environment variables
    • Setup JAVA_HOME
     # export JAVA_HOME=/opt/jdk8
    
    • Setup JRE_HOME
     # export JRE_HOME=/opt/jdk8/jre
    
    • Setup PATH
     # export PATH=$PATH:/opt/jdk8/bin:/opt/jdk8/jre/bin

Friday, 14 April 2017

Tomcat01-Intro

Apache Tomcat 8 Application Server Introduction

Apache Tomcat, often referred to as Tomcat Server, is an open-source Java Servlet Container developed by the Apache Software Foundation (ASF). Tomcat implements several Java EE specifications including Java Servlet, JavaServer Pages (JSP), Java EL, and WebSocket, and provides a "pure Java" HTTP web server environment in which Java code can run.
Tomcat is developed and maintained by an open community of developers under the auspices of the Apache Software Foundation, released under the Apache License 2.0 license, and is open-source software.
Below are the components of Tomcat:
  • 1. Catalina
Catalina is Tomcat's servlet container. Catalina implements Sun Microsystems's specifications for servlet and JavaServer Pages (JSP). In Tomcat, a Realm element represents a "database" of usernames, passwords, and roles (similar to Unix groups) assigned to those users. Different implementations of Realm allow Catalina to be integrated into environments where such authentication information is already being created and maintained, and then use that information to implement Container Managed Security as described in the Servlet Specification.
  • 2. Coyote
Coyote is a Connector component for Tomcat that supports the HTTP 1.1 protocol as a web server. This allows Catalina, nominally a Java Servlet or JSP container, to also act as a plain web server that serves local files as HTTP documents.[4]
Coyote listens for incoming connections to the server on a specific TCP port and forwards the request to the Tomcat Engine to process the request and send back a response to the requesting client. Another Coyote Connector, Coyote JK, listens similarly but instead forwards its requests to another web server, such as Apache, using the JK protocol.[5] This usually offers better performance.
  • 3. Jasper
Jasper is Tomcat's JSP Engine. Jasper parses JSP files to compile them into Java code as servlets (that can be handled by Catalina). At runtime, Jasper detects changes to JSP files and recompiles them. As of version 5, Tomcat uses Jasper 2, which is an implementation of the Sun Microsystems's JSP 2.0 specification. From Jasper to Jasper 2, important features were added
  • JSP Tag library pooling - Each tag markup in JSP file is handled by a tag handler class. Tag handler class objects can be pooled and reused in the whole JSP servlet.
  • Background JSP compilation - While recompiling modified JSP Java code, the older version is still available for server requests. The older JSP servlet is deleted once the new JSP servlet has finished being recompiled.
  • Recompile JSP when included page changes - Pages can be inserted and included into a JSP at runtime. The JSP will not only be recompiled with JSP file changes but also with included page changes.
  • JDT Java compiler - Jasper 2 can use the Eclipse JDT (Java Development Tools) Java compiler instead of Ant and javac.
Three new components were added with the release of Tomcat 7:
  • 4. Cluster
This component has been added to manage large applications. It is used for load balancing that can be achieved through many techniques. Clustering support currently requires the JDK version 1.5 or later.
  • 5. High Availability
A high-availability feature has been added to facilitate the scheduling of system upgrades (e.g. new releases, change requests) without affecting the live environment. This is done by dispatching live traffic requests to a temporary server on a different port while the main server is upgraded on the main port. It is very useful in handling user requests on high-traffic web applications.
  • 6. Web Application
It has also added user- as well as system-based web applications enhancement to add support for deployment across the variety of environments. It also tries to manage sessions as well as applications across the network.
Tomcat is building additional components. A number of additional components may be used with Apache Tomcat. These components may be built by users should they need them or they can be downloaded from one of the mirrors.