The path to the architect (first day) Apache integration Tomcat

first, starting from the general framework of Java EE Project

This is a universal web that is the B/S project architecture, which consists of:

Üweb Server

Üapp Server

Üdb Server

Consisting of three major parts, of which:

²web Server

Outside of the corporate firewall, this firewall, you can think of as a Cisco router, and then opened on the Cisco router two ports are: 80 and 443.

Port 80: For normal HTTP access

Port 443: For HTTPS access, that is, if you enter an address such as https://xxx.xxx.xx in IE, the default

This is the port of 443.

Webserver specializes in:

For parsing HTML, JS (JavaScript), CSS, jpg/gif and other picture format files, TXT,

VBSCRIPT, PHP and Everything "static" page content.

²app Server

Within the enterprise firewall, the connection between it and the Web server must be and must be an internal IP connection.

External IP: That is, the Internet IP address, our Web server will generally have an internal IP an external IP, so here, our app server does not have any external IP, only the internal IP, so I'm here to say app server and web Server can only be connected in the form of internal IP.

For example, we use Tomcat, its port is 8080, then this IP address on the 8080 port can only be accessed by any internal IP, the external Internet is not accessible, this is done for security.

App server resolves any of our "dynamic" Web pages that require a Java compiler to parse, but app server itself can parse any static web pages.

So let's think about this:

We let the Web server, which is responsible for parsing static Web pages, parse HTML and so on, and let app server specifically parse anything that requires a Java compiler to parse, and let them "two" do their respective roles. The benefits of this:

1 for app Server "decompression", but also improve the performance

2 do not have to expose 8080 of this port on the Internet, but also very safe, must be our app server but have our code, even if the compiled code is easy to "decompile", which is very unsafe.

3) Lay the groundwork for further "cluster expansion" in the future

²db Server

Let's say we're using Oracle, and it needs to connect to app server through 1521. So this 1521 is called a database connection port, and if you expose it to the Internet, it's a bit dangerous. Even if our passwords are complex, it is only a matter of time before a smart hacker can break your password.

So we're putting our DB server in the same firewall as app server. Any DB connection and management can only be accessed through intranet, within the corporate enterprise, that is the truth. second, the hands to the structure 2.1 Oracle Data plus installation and configuration

DB (Oracle) I'm ready for you. The connection information is:

IP:	10.225.10x.xx
Port:	1521
Username/password:	xxx/xxx
Sid:	JCOEDB1
URL:	jdbc:oracle:thin:@10.225.10x.xx:1521:xxx

So, according to the above framework, we can throw a list of the following to NSS or the relevant network management department, let them open the corresponding port:

Web Server	Foreign IP:xxx.xxx.xxx.xxx Internal Ip:10.225.xxx.xxx Open 80 and 443 ports to the Internet
App Server	Internal Ip:10.225.xxx.xxx only for 10.225. Segment of the IP open 8080,8009 and other ports,
Db Server	Internal Ip:10.225.xxx.xxx Open 1521 ports only for 10.225-segment IP

installation of 2.2 APP server

Directly decompression tomcat to your local such as: D:\tomcat, my side of the directory called TOMCAT2, everyone at will, the best name can be as simple as possible d:\tomcat or c:\tomcat on the line, do not put too "deep." installation of 2.3 Web server

Here we will install the Apache for Win 2.2.x, which will occupy your machine's 80 and 443 ports. So if you have any program on your machine that occupies your 80 and 443 ports, you must turn it off, for example:

We have Microsoft IIS, which is also a webserver, so please turn it off:

Controlpanel->administrative Tools->service, locate the IISAdmin and, close it all down and set the startup mode to: manual so that you don't have to manually close it after each reboot.

Then use Netstat–ano to find any program that is still taking up 80 ports and turn it off. 2.4 Start installing Apache Http Server

We will install this version of Apache HTTP server as the Web Server we have been using for the future

server name Here you want to fill in the real name of your own server, can not use me this, this servername such as: shnlap93.cts.com only can I use, this name is the global unique, and your IP.

Select All Installation

After loading you will have one more such icon, click on the icon, which has to control the Apache HTTP server to start, stop and restart operation options. At the same time in your "services" panel, you can also find such a service item, it started by default when the system started, we change it to "manual", because in the future we will install IBM Http Server for practice.

After loading, in the premise of Apache2.2 start, open an IE input http://localhost, you will get such a page, it shows that your Apache installation is successful.

2.5 Apache Configuration

The person who learns Java, must be this Apache configuration, otherwise how you simulate environment, build environment and architecture environment. The light will coding is not enough, you will always only be a code farmer ... Hey, heh. A lot of people find that the back of Java can not learn, the key factor is: configuration.

You will be equipped with the environment, then you can simulate any client side, the developer's environment.

You will be equipped with the environment, your code will be online in the future to run successfully.

You will be equipped with the environment, so the whole technical core of the project is you.

Following my tutorial, you will be installing and running hundreds of different software and configurations, making you smell a stink.

Are you ready for this?

Of course, don't be afraid, because my configuration is the actual operation of the environment, so some things on the internet you can not go to see, because a lot of people are in the online copy, copy, and sometimes not verified, will let you go a lot of detours end up with a bug day world, see my tutorial.

The Apache configuration focuses on the httpd.conf file, which is located in your installation directory, such as:

D:\tools\httpd\conf\

We open it with UltraEdit or related text editing tools to see its contents:

First find the following line:

#ServerName

We can get the following line of content:

#ServerName shnlap93.cts.com:80

This is our hostname, we can remove the front "#" and change it to:

ServerName 10.225.106.35:80

Save and save, before restarting your Apache2.2, let's test our Apache configuration file for correct:

If you click Test Configuration, the black screen flashed over, indicating that your changes are correct, otherwise this black screen will stay in the current state, and tell you that your configuration changes are wrong, where.

Restart your Apache.

Find the following line:

DocumentRoot

You will be sending out a line of content like this:

DocumentRoot "D:/tools/httpd/htdocs"

This is called DocumentRoot, which is Webroot, that is: Publish a directory, any project published in this directory will be loaded into the standard Web project when the Apache service is turned on, so let's start by positioning the Webroot into our own publishing directory.

DocumentRoot "D:/www"

We changed it to the WWW directory in D, and then we put a index.html file in the directory, which reads:

Restart our Apache service to test:

Hey, what have we got. No access, why.

Find the following paragraph:

<directory/> Options FollowSymLinks AllowOverride None Order Deny,allow deny from all </Directory>

See, No.

Now, change this "deny from" to "Allow Fromall".

<directory/> Options FollowSymLinks AllowOverride None Order Deny,allow allow from all </Directory>

Restart your Apache service after you have finished modifying

Ok, our Apache publishing directory has been successfully changed to the D:\www directory, let's do an experiment:

We enter in IE browser: http://localhost/css/, what we see.

This is also good, users if it is a beginner hacker can know what files on our server, which directories can even directly see our file content, how to do.

Find the line below.

Options followsymlinks Indexes

Take it off and change it to the bottom.

#Options followsymlinks Indexes Options None

Don't worry, look down, and

Options Indexes FollowSymLinks

Another one, and then get rid of it.

#Options Indexes FollowSymLinks Options None

Restart your Apache service after these two changes are completed

Open a new IE again, input: http://localhost/css/, we see the following interface:

Well, Apache's basic configuration is complete:

1 Basic Security Configuration, directory access is not allowed

2 Change Webroot to another physical directory without using Apache's own Webroot directory 2.6 to integrate Apache with Tomcat

Apache (Web Server) is responsible for processing HTML static content;

Tomcat (App Server) is responsible for handling dynamic content;

In fact, this is a framework, the following is the principle

1 Apache is equipped with a module called MOD_JK

2 Apache is responsible for resolving any static Web content through 80 ports

3 Any unresolved content, use the expression to tell mod_jk, let mod_jk distributed to the relevant app server to explain.

Through the above text description we can know:

1 We need to install a mod_jk in Apache first.

2 We need to write a point expression in httpd.conf

below to implement.

1 the mod_jk-1.2.31-httpd-2.2.3.so manual copy into our Apache installation directory modules directory, the file's full name: Mod_ Jk-1.2.31-httpd-2.2.3.so, you can get from the ftp "/javaarchitect/mod_jk/" directory, because this file is I use C + + in the local recompile, the online download is src is the source code, Save the time for everyone to compile, and some other online downloads of mod_jk.so are not available.

2 with UltraEdit open httpd.conf file, run to the end of the file to add the following lines:

LoadModule Jk_module modules/mod_jk-1.2.31-httpd-2.2.3.so Jkworkersfile conf/workers.properties Jklogfile Logs/mod_jk.log <virtualhost *> ServerAdmin localhost DocumentRoot d:/www/ ServerName localhost DirectoryIndex index.html index.htm index.jsp index.action ErrorLog Logs/shsc-error_log.txt Customlog Logs/shsc-access_log.txt Common Jkmount/*web-inf ajp13 Jkmount/*j_spring_security_check ajp13 Jkmount/*.action ajp13 jkmount/servlet/* ajp13 Jkmount/*.jsp ajp13 Jkmount/*.do ajp13 Jkmount/*.action ajp13 Jkmount/*fckeditor/editor/filemanager/connectors/*.* ajp13 jkmount/fckeditor/editor/filemanager/connectors/* ajp13 </VirtualHost>

The key is the two sentences:

LoadModule Jk_module modules/mod_jk-1.2.31-httpd-2.2.3.so

Jkworkersfile conf/workers.properties

Represent:

Üapache loads an additional plug-in to connect Tomcat.

The configuration parameters of the connection are described in a workers.properties file in the/conf directory of the Apache installation directory, and MOD_JK is typically connected using the AJP13 protocol, using Tomcat's 8009 port.

3) The contents of the Worker.properties document are as follows:

Workers.tomcat_home=d:/tomcat2 workers.java_home=c:/jdk1.6.32 ps=/ Worker.list=ajp13 worker.ajp13.port=8009 Worker.ajp13.host=localhost Worker.ajp13.type=ajp13

4)