Tomcat server.xml Configuration Tutorials and examples

Preparatory work:

Install Apache Tomcat 7. (Get source code from Apache Tomcat's website)

1. Tomcat installation directory

Install the completed Tomcat and is placed in your local storage. For windows, typically under the program Files folder, for Mac or Linux, it may be under the/user/var/opt or/user/<>/application folder. Entering the directory, you can see the following files and folders:

Bin:tomcat binary startup script.
CONF: Global configuration applied to all WebApp. The following configuration is provided by default:
Catalina.policy provides a special security policy.
Two Properties files: catalina.properties and Logging.properties,
Four XML configuration files: Server.xml (Tomcat Master profile), Web.xml (Web application Global Deployment description), Context.xml (Tomcat special Configuration Global options), and Tomcat-user.xml (Authorization and access control username, password and role database).

Each engine has a corresponding subdirectory in the Conf directory, such as Catalina, which in turn has a two-level subdirectory for each host, such as localhost. You can place the context information configuration here (similar to context.xml, but for each webapp under host, the file is named Webapp.xml).
Lib: Make sure that the Jar-file in the directory is valid for all webapp. The default installation includes Servlet-api.jar (servlet), Jasper.jar (JSP), and Jasper-el.jar (EL). External JAR files can also be placed here, such as the MySQL JDBC driver (mysql-connector-java-5.1). {Xx}-bin.jar) and JSTL (Jstl.jar and Standard.jar).
Logs: Includes engine log file Catalina. {yyyy-mm-dd}.log, host log file localhost. {Yyyy-mm-dd}.log, and other application log files, such as manager and Host-manager. The Access log (created by Accesslogvalve) is also placed here.

WebApps: defaults to AppBase? The root directory of the Web application.
Work:contains the translated servlet source files and classes of JSP/JSF. Organized in hierarchy of engine name (Catalina), host name (localhost), webapp name, followed by the Java classes package Structure.
Temp: Temporary files.

2. Tomcat Architecture

Tomcat is an HTTP server. Also a servlet container that can execute the Java servlet and convert JavaServer Page (JSP) and Javaserverfaces (JSF) to the Java servlet. Tomcat uses a hierarchical and modular architecture, as follows:

Picture 1.0 Tomcat Architecture

3. Main configuration file (Server.xml)

Server.xml

"Server.xml" is a Tomcat's primary configuration file that you can see in the <catalina_home>conf directory. The default "Server.xml" files after refactoring (after deleting annotations and formatting) are as follows:

<?xml version= ' 1.0 '  encoding= ' utf-8 '?> <server port= ' 8005 '  shutdown= ' shutdown ' >   <listener classname= "Org.apache.catalina.core.JasperListener"  />   < Listener classname= "Org.apache.catalina.core.AprLifecycleListener"  sslengine= "on"  />    <listener classname= "Org.apache.catalina.core.JreMemoryLeakPreventionListener"  />  
 <listener classname= "Org.apache.catalina.mbeans.GlobalResourcesLifecycleListener"  />   <listener classname= "Org.apache.catalina.core.ThreadLocalLeakPreventionListener"  / >     <GlobalNamingResources>     <resource name= " Userdatabase " auth=" Container "               type= "Org.apache.catalina.UserDatabase"                description= "User database that can be updated and saved"                factory= " Org.apache.catalina.users.MemoryUserDatabaseFactory "               pathname= "Conf/tomcat-users.xml"  />   </ globalnamingresources>     <service name= "Catalina" >     < connector port= "8080"  protocol= "http/1.1"                 connectiontimeout= "20000"                 redirectport= "8443"  />     <connector  port= "8009"  protocol= "ajp/1.3"  redirectport= "8443"  />        <engine name= "Catalina"  defaulthost= "localhost" >  
      <realm classname= "Org.apache.catalina.realm.LockOutRealm" >         <realm classname= " Org.apache.catalina.realm.UserDatabaseRealm "           
    resourcename= "Userdatabase"/>       </Realm>         


3.1, Server

The Server (the second row) is a top-level component that represents a Tomcat instance. Can contain one or more Services, each of which has its own engines and connectors.

<server port= "8005" shutdown= "Shutdown" > ... </Server>


3.1.1, basic attributes

ClassName: Use the name of the Java implementation class. This class must implement the Org.apache.catalina.Server interface. If the class name is not specified, the standard implementation is used.
Address:server listens on a shutdown command on this TCP/IP address. If you do not specify an address, localhost is used.
Port:server listens on a shutdown command on this port. Set to-1 disables the shutdown command.
Shutdown: TCP/IP that is connected to the specified port will close Tomcat when it receives this command character.

3.2, Listeners

The Server can contain several listeners. A listener listens to the specified event and responds to it.

Jasperlistener works on the Jasper JSP engine, which is responsible for recompiling the updated JSP pages.

Listener classname= "Org.apache.catalina.core.JasperListener"/>

Globalresourceslifecyclelistener acts on global resources to ensure the accessibility of JNDI to resources, such as databases.

<listener classname= "Org.apache.catalina.mbeans.GlobalResourcesLifecycleListener"/>


3.2.1, basic attributes

Sslengine: The sslengine name used. OFF: Do not use Ssl,on: use SSL but do not specify engine. The default value is on. Initializes the local SSL engine, which must be available for Apr/native connector that use the Sslenabled property.
Sslrandomseed: Specifies the random number seed source for the pseudo-random number generator (PRNG), and the default value is builtin. In the development environment, you might want to set it to/dev/urandom for faster boot speeds.
Fipsmode: Set to On will request OpenSSL into FIPS mode (if OpenSSL is already in FIPS mode, this pattern will be retained). Setting to enter will force OpenSSL into FIPS mode (if OpenSSL is already in FIPS mode, an error will be generated). Setting to require requires OpenSSL to be in FIPS mode (if OpenSSL is not currently in FIPS mode, an error will be generated).

3.3. Global naming Resources

Elements from 9 to 15 lines define JNDI (Java naming and directory interface) resources that allow Java software clients to search for and find data by name.

The default configuration defines a JNDI named Userdatabase with 10 to 14 lines of elements, and a memory database for user authorization is obtained through "conf/tomcat-users.xml".

<GlobalNamingResources>
<resource name= "Userdatabase" auth= "Container"
Type= "Org.apache.catalina.UserDatabase"
description= "User database" can be updated and saved "
factory= "Org.apache.catalina.users.MemoryUserDatabaseFactory"
Pathname= "Conf/tomcat-users.xml"/>
</GlobalNamingResources>

You can also define other global Jndi resources to implement connection pooling, such as MySQL database.

3.4. Services

A Service can connect one or more connectors to an engine. The default configuration defines a Service called "Catalina" that connects two connectors:http and AJP to the current engine.

<service name= "Catalina" > ... </Service>


3.4.1, basic attributes

ClassName: The Java class name that the implementation uses. This class must implement the Org.apache.catalina.Service interface. If you do not specify a class name, a standard implementation is used.
The display name of the Name:service, if the standard Catalina component is used, the log information will be included. The name associated with a particular Server for each Service must be unique.

3.5, Connectors

A Connector is associated with a TCP port that handles the interaction between the Service and the client. The default configuration defines two connectors.

http/1.1: Handles HTTP requests so that TOMCAT becomes an HTTP server. The client can send HTTP requests to the server via Connector to receive server-side HTTP response information.

<connector port= "8080" protocol= "http/1.1" connectiontimeout= "20000" redirectport= "8443"/>

Unlike production services, which use the 80 port defaults, the Tomcat HTTP service runs on TCP port 8080 by default. You can select any number between 1024 and 65535 as the port number to run the TOMCAT server, provided that the port is not used by any other application. The ConnectionTimeout property defines the maximum wait-time milliseconds for the request URI Line (Request information) response after the link has been agreed to by the connector. The default is 20 seconds. The Redirect property redirects the SSL request to TCP's port 8443. The Ajp/1.3:apache Jserv Protocol Connector handles the interaction between the Tomcat server and the Apache HTTP server.

<connector port= "8009" protocol= "ajp/1.3" redirectport= "8443"/>

Tomcat and Apache HTTP Services can be run together, and the Apache HTTP server handles static requests and PHP;TOMCAT servers responsible for handling Java servlet/jsp. You can see how "Tomcat and Apache work together to configure".

3.6. Container

Tomcat, which contains Engine, Host, context, and Cluster, is called a container. The most advanced is the Engine, the bottom is the context. Some components, such as Realm and Valve, can also be placed in containers.


3.7. Engine

The engine is the highest level part of the container. Can contain one or more Host. The TOMCAT server can be configured to run on multiple host names, including virtual hosts.

<engine name= "Catalina" defaulthost= "localhost"/>

The Catalina engine receives HTTP requests from the HTTP connector and redirects them to the correct host based on the host name or IP address in the request header information.


3.7.1, basic attributes

backgroundprocessordelay--This value represents the number of seconds between calls to the Backgroundprocess method on the engine and its child containers, including all host and context. When a value is non-negative, the child container is not invoked (meaning that it uses its own processing thread). setting to positive values produces a derived thread. After waiting for the specified time, the thread invokes the Backgroundprocess method on both the engine and all its child containers. If not specified, the default value is 10, which is a delay of 10 seconds.
ClassName: The Java class name that the engine is implemented with. The class must implement the Org.apache.catalina.Engine interface. If not specified, the standard values are used (defined below).
Defaulthost: The default hostname, which defines the name of the host that handles the request to the server, but the name is not configured in this file.
Jvmroute: This parameter must be defined in the load balancing scenario to ensure that session affinity is available, and the name defined for all TOMCAT servers in the cluster must be unique, and the name will be added to the generated conversation designator, so Allows a front-end agent to always forward a specific session to the same Tomcat instance.
The logical name of the Name:engine, used in logs and error messages. When multiple service elements are used in the same Server, each Engine must specify a unique name.
Startstopthreads:engine the number of threads that will be used concurrently when the Host child element is started. If set to 0, the value of Runtime.getruntime (). Availableprocessors () will be used. Set to a negative number, the value of Runtime.getruntime (). Availableprocessors () + value will be used, and 1 threads will be used if the result is less than 1. If not specified, the default value is 1.

3.8, Realm

A Realm (domain) is a database that contains user, password, and role authentication (such as access control). You can define Realm in any container, such as Engine, Host, context, and Cluster.

<realm classname= "Org.apache.catalina.realm.LockOutRealm" >
<realm classname= "Org.apache.catalina.realm.UserDatabaseRealm" resourcename= "Userdatabase"/>
</Realm>

The default configuration defines a Catalina Engine Realm (Userdatabaserealm) that controls the permissions of the user to access the Engine. Its use is defined in Globalnamingresources, with the name Userdatabase JNDI.

In addition to Userdatabaserealm, there are: Jdbcrealm (whether authorized users can link to a relational database via JDBC driver); Datasourcerealm (through JNDI to the data source); Jndirealm (connecting to an LDAP directory) and Memoryrealm (loading XML files into memory).

3.8.1, basic attributes

ClassName: Use the name of the Java implementation class. This class must implement the Org.apache.catalina.Realm interface.

3.9, Hosts

A Host defines a virtual machine under Engine, which in turn supports multiple context (Web applications).


The default configuration defines a host named localhost. The AppBase property defines the root directory of all WebApp, in this case, the WebApps. By default, each WebApp URL has the same name as the directory in which it resides. For example, the default Tomcat installation directory WebApps provides four Web applications: Docs, examples, Host-manager, and manager. Only ROOT is an exception, and it is defined with an empty string. In other words, its URL is http://localhost:8080/. The Unpackwars property specifies whether the war-file placed in the WebApps directory should be decompressed. For unpackwars= "false", Tomcat will run the application directly from War-file, but not the pressure, which may cause the application to run slowly. The Autodeploy property specifies whether an application placed in the WebApps directory is automatically deployed.


3.9.1, basic attributes

AppBase: The root directory of virtual machine applications. The directory is a pathname that might contain a Web application deployed to a virtual machine. It may also be a specified absolute pathname, or a path name relative to the $CATALINA _base directory. If not specified, WebApps is used by default.
Xmlbase: Virtual machine XML root directory. The directory is a path name that may contain a context XML descriptor deployed to a virtual machine. It may also be a specified absolute pathname, or a path name relative to the $CATALINA _base directory. If not specified, the conf/directory is used by default.
Createdirs: If set to True,tomcat will attempt to create a directory defined by the AppBase and Xmlbase properties during the startup phase. The default value is true. If set to True and directory creation fails, an error message is printed, but the startup process is not terminated.
Autodeploy: The value of this property indicates whether a new or updated Web application needs to be checked periodically when TOMCAT is running. If the appbase and Xmlbase directories are checked periodically for True,tomcat, the new Web application and context XML descriptors found are deployed. Updating the Web application or XML context descriptor triggers the overload of the Web application. The default value is true.
Backgroundprocessordelay: Represents the number of seconds to delay between the Backgroundprocess method that invokes this host and its child container methods, including all the context. If the delay value is not a negative number, the child containers are not invoked (meaning that they will use their own processing threads). Setting to a positive number produces a derived thread. After waiting for the specified time, the thread will raise the Backgroundprocess method in the host, including all its child containers. Host will use the background process to perform tasks related to the Web application deployment. If not specified, the default value is-1, which means that the host will depend on the background processing thread of its parent engine.
ClassName: The name of the Java implementation class used. The class must implement the Org.apache.catalina.Host interface.
Deployignore: A regular expression that defines the directories that need to be ignored in case of automatic deployment and deployment at startup. This allows you to maintain your own configuration in the version control system, for example, without deploying the. svn or CVS folder to the AppBase directory. The regular expression is relative to the appbase. It is also fixed, meaning it is relative to the name of the entire file or directory. Therefore, Foo matches only files or directories with the name Foo, and does not match names such as Foo.war, Foobar, or Myfooapp. If you want to have "foo" match any name, you can use the. *foo.*.
Deployonstartup: Specifies whether the Web application under host should be automatically deployed at Tomcat startup. The default value is true.
Failctxifservletstartfails: When set to true, if any of its load-on-startup>=0 servlet stops itself from starting, it stops starting each of its child context. Each child context may overwrite this property. If not specified, the default value of false is used.
Name: Typically the network name of the virtual host, registered on your domain name server. Regardless of the host name you specify, Tomcat converts it internally to lowercase. A host that is nested inside the Engine must have a host name that matches the default host setting of Engine.
Startstopthreads:host the number of threads that will be used concurrently when the child context element is started. If automatic deployment is used, the new context will be deployed using this thread pool. A value of 0 o'clock will use the value of Runtime.getruntime (). Availableprocessors (). A negative value will use the Runtime.getruntime (). Availableprocessors () plus the worth and less than 1 o'clock will use 1 threads. If not specified, the default value of 1 is used.
Undeployoldversion: The value of this option determines whether TOMCAT, the automated Deployment Process section, checks for outdated Web applications that are deployed concurrently, and any applications found will be removed. will take effect only if Autodeploy is true. If not specified, the default value false will be used.

3.10. Cluster

TOMCAT supports server clusters. It can replicate the session and context properties of the entire cluster. You can also deploy a WAR file to all the clusters.

3.10.1, basic attributes

ClassName: Cluster main class, currently only one is valid, Org.apache.catalina.ha.tcp.SimpleTcpCluster.
Channelsendoptions: Group Communication (tribe Channel) send option, defaults to 8. This option is used to flag all information sent through the simpletcpcluster. The flag specifies how the message is sent, and is a simple logic or.
Channelstartoptions: Sets the start and stop flags for cluster use objects. The default is Channel.default, which starts all Channel services, including senders, receivers, group advertisements, and multicast receivers.
Heartbeatbackgroundenabled: Whether the flag calls channel heartbeat detection in the container's background thread. The default is False. When set to True, do not forget to disable the channel heartbeat detection thread.
Notifylifecyclelisteneronfailure: When all Clusterlistener cannot receive channel messages, the flag bit determines whether to notify Lifecyclelisteners. The default is False.

3.11, Valve

Valve (valve) as a requested predecessor handler, you can intercept an HTTP request before the request is sent to the application. can be defined in any container, such as Engine, Host, context, and Cluster. In the default configuration, Accesslogvalve intercepts the HTTP request and creates a log pointcut in the log file as follows:

<valve classname= "Org.apache.catalina.valves.AccessLogValve" directory= "Logs"
Prefix= "Localhost_access_log." suffix= ". txt"
pattern= "%h%l%u%t"%r "%s%b"/>

3.11.1, basic attributes

ClassName: Set to Org.apache.catalina.ha.tcp.ReplicationValve
filter--for a known file extension or URL, you can use the VALVE notification in the request cluster did not modify the session, for this change cluster no need to notify sessions manager. If the request matches the filter model, cluster assumes that the session has not changed. A filter sample is probably such a filter= ". *.gif|. *.js|. *.jpeg|. *.jpg|. *.png|. *.htm|. *.html|. *.css|. *.txt ". The filter uses Java.util.regex regular expressions.
Primaryindicator: Boolean value. If true,replication valve will insert the name of the Primaryindicatorname property definition into the Request property. The value, whether boolean.true or Boolean.false, is placed in the request attribute.
Primaryindicatorname: The default value is Org.apache.catalina.ha.tcp.isPrimarySession, which defines the name of a request property, which is a Boolean value. Indicates whether the server hosting the session is the primary server.
Statistics: Boolean value. Set to True if you want valve to collect the requested statistics. The default value is False

Here are some other valve:

Remoteaddrvalve: Intercept requests from specific IP addresses.
Remotehostvalve: Intercept the request based on the host name.
Requestdumpervalve: The details of the request are logged.
Singlesignon Valve: When placed under a, allow single sign-on to all applications under the host.

More information is found at the top level and at the nesting level of elements and attributes in the Server.xml file, which can be viewed here.

4, optional configuration (server-<name>.xml)

4.1, including Server-.xml documents

Now, what do we do if we want to modify the Server.xml file for the application? You cannot modify the Server.xml file simply because of an application, because it may have an impact on the initialization of all application deployments. How do you isolate the specified changes for the specified application?

The answer is: Create a Server-<name>.xml

Server-.xml is a custom file that contains configuration changes that need to be quarantined for a given app. All files of this format will be invoked after the Server.xml file.

4.2. Use custom server-<name>.xml instead of Server.xml

This is not recommended, but if you want to satisfy your curiosity, you can use your own server.xml as an alternative by editing the Catalina.bat file.

Catalina.bat Start-config Confserver-<name>.xml

In general, both Serve.xml and your own server-<name>.xml files are the core configuration of container. For application developers and publishers, it is a complementary strategy for putting resource files into the container where the Java application is deployed. Other Java EE standard containers (vendors), regardless of how they are implemented, have the same configuration files that allow custom injection and binding, while allowing control over which services are valid when deployed, redeployed, and unloaded.



Tomcat configuration file Server.xml detailed

Planning:
Web Site Directory:/web/www domain name: www.test1.com
Forum Web directory:/web/bbs Url:bbs.test1.com/bbs
Web Site Administration Program: $CATALINA _home/wabapps URL:manager.test.com Allow access to address: 172.23.136.*


conf/server.xml  <server port= "8005"  shutdown= "Shutdown" >    <listener  classname= "Org.apache.catalina.core.AprLifecycleListener"  sslengine= "on"  />     <listener classname= "Org.apache.catalina.core.JasperListener"  />    < Listener classname= "Org.apache.catalina.core.JreMemoryLeakPreventionListener"  />     <listener classname= "Org.apache.catalina.mbeans.GlobalResourcesLifecycleListener"  />     <listener classname= "Org.apache.catalina.core.ThreadLocalLeakPreventionListener"  />    <GlobalNamingResources>    <!--  Global naming resources to define some external access resources, The purpose is to define the external resources referenced by all engine applications  --! >      <resource name= "Userdatabase"   Auth= "Container"                 type = "Org.apache.catalina.UsErdatabase "                 description= "user database that can be updated and saved"                  factory= " Org.apache.catalina.users.MemoryUserDatabaseFactory "                 pathname= "Conf/tomcat-users.xml"  />    </ globalnamingresources>    <!--  defines a certified resource called "Userdatabase" that will conf/ Tomcat-users.xml is loaded into memory for authentication  -->    <service name= "Catalina" in memory when authentication is required >     <!-- #  define service components, to associate connector and engine, a engine can correspond to multiple connector, Only one engine --! >      <connector port= " protocol=" in each service http/1.1 " connectiontimeout=" 20000 " redirectport=" 8443 " />      <!--  Modify http/1.1 's connector listening port is 80. Requests that are accessed by the client through the browser can only be passed to Tomcat via HTTP.   -->      <connector port= "8009"  protocol= "ajp/1.3"   Redirectport= "8443"  />      <engine name= "Catalina"  defaulthost= "
test.com ">      <!--  Modify the current engine, the default host is,www.test.com  -->      <realm classname= "Org.apache.catalina.realm.LockOutRealm" >           <realm classname= " Org.apache.catalina.realm.UserDatabaseRealm "                  resourcename= "Userdatabase"/>      </Realm>       # realm component, which defines authentication for application access within the current container, userdatabase authentication through external resources