Apache Integrated Tomcat

First, start with the general architecture of the Java EE project.

This is a common Web-b/S project architecture, which consists of:

Üweb Server

Üapp Server

Üdb Server

Three major components, including:

²web Server

Placed outside the enterprise firewall, this firewall, which everyone can think of as a Cisco router, then opened on the Cisco router two ports for: 80 and 443.

80 port: for normal HTTP access

443 port: For HTTPS access, that is, if you enter an address such as https://xxx.xxx.xx in IE, the default

This is the port of 443.

Webserver specializes in:

For parsing HTML, JS (JavaScript), CSS, jpg/gif and other picture format files, TXT,

All the "static" Web content of VBSCRIPT, PHP, and more.

²app Server

Placed within the corporate firewall, the connection between it and the Web server must be and must be an internal IP connection.

External IP: That is, the Internet IP address, our Web server will generally have an internal IP an external IP, so here, our app server does not have any external IP, only the internal IP, so I say this side of the app server and the Web The server can only connect as an internal IP.

Let's say we use Tomcat, its port is 8080, then the IP address of the 8080 port can only be accessed by any internal IP, the external Internet is not accessible, this is for security.

App server is used to resolve any of our "dynamic" Web pages that require a Java compiler to parse, but the app server itself can parse any static web page.

So let's think about it this way:

We let the Web server, which specializes in parsing static Web pages, parse HTML and so on, and let app server specifically resolve anything that requires the Java compiler to parse, so that they "both" do their part. The benefits of this:

1) "Decompression" for app Server, while also improving performance

2) no longer expose the 8080 port to the Internet, it is also very safe, it will be our app server on our code, even if the compiled code is easy to "decompile", which is very insecure.

3) Lay the groundwork for further "cluster expansion" in the future

²db Server

Let's say we're using Oracle, and it needs to connect to app server via 1521, isn't it? So this 1521 is what we call a database connection port, and if it's exposed to the Internet, is it a bit dangerous? Even if our passwords are complex, it's only a matter of time before a smart hacker can break your password.

So we put our DB server in the same network as the app server and put it in the firewall. This is the reason that any DB connection and management can only be accessed through the intranet, within the company's enterprise.

Second, hands-on architecture 2.1 Oracle data plus installation and configuration

DB (Oracle) I've got it all ready for you. The connection information is:

Ip:	10.225.10x.xx
Port:	1521
Username/password:	Xxx/xxx
Sid:	Jcoedb1
Url:	Jdbc:oracle:thin:@10.225.10x.xx:1521:xxx

So, according to the above structure, we can drop a list of the following to NSS or the relevant network management department, let them open the appropriate port for us:

Web Server	Foreign IP:xxx.xxx.xxx.xxx Internal IP:10.225.XXX.XXX 80 and 443 ports open to the Internet
APP Server	Internal IP:10.225.XXX.XXX Only for 10.225. Segment IP Open 8080,8009 and other ports,
Db Server	Internal IP:10.225.XXX.XXX IP open 1521 port only for 10.225. Segment

Installation of 2.2 APP server

Directly unzip Tomcat to your local such as: D:\tomcat, my side of the directory named Tomcat2, we arbitrarily, the best name can be as simple as possible d:\tomcat or c:\tomcat on the line, do not put too "deep."

2.3 Installation of Web server

We will install Apache for Win 2.2.x here, it will occupy 80 and 443 ports of your machine. So if you have any programs on your machine that occupy your 80 and 443 ports, you must turn it off, for example:

We have Microsoft IIS, which is itself a webserver, so please turn it off:

Controlpanel->administrative Tools->service, find IISAdmin and, close it all and set the startup mode to: manual so that you do not have to shut down manually after each reboot.

Then use Netstat–ano to find any program that is still occupying the 80 port and turn it off.

2.4 Start installing Apache Http Server

We will install this version of Apache HTTP server as the Web server we have been using for the future

This side of the server name you want to fill in the real name of your server, you can not use my this, this servername such as: shnlap93.cts.com only can I use, the name is globally unique, and your IP.

Select All Installation

When you're done, you'll be given an extra icon to click on the icon, which has the option to control the start, stop, and restart of Apache HTTP server. At the same time in your services panel, you can also find such a service item, which is started by default as the system starts, we change it to "manual" bar, because in the future we will also install IBM Http Server for practice.

After loading, in the premise of Apache2.2 startup, open an IE input http://localhost, you will get a page like this, it means that your Apache installation is successful.

2.5 Apache Configuration

Java-Learning must have this Apache configuration, otherwise how do you simulate the environment, build environment and architecture environment? The light will coding is not enough, you will always be a yard farm. Hey heh! There are a lot of people who find that behind the Java learning is not up, the key factor is: configuration.

You will be able to match the environment, then you can simulate any client side, the developer's environment.

You'll be in the environment and your code will run successfully when it comes online.

You will be equipped with the environment, so the technical core of the project is you.

Following my tutorial, you will install and run up to hundreds of various software and configuration, make you a stink of stink!!

Are you ready for this?

Of course, do not be afraid, because my configuration is actually running environment, so some things on the internet you can not go to see, because many people are in the online copy, copy, and sometimes not verified, will let you go a lot of detours end up a bug one day world, see my tutorial it.

Apache configuration is mainly focused on the httpd.conf file, which is located in your installation directory, such as:

D:\tools\httpd\conf\

We open it with UltraEdit or the relevant text editing tool to see its contents:

First look for the following line:

#ServerName

We can get the following line of content:

#ServerName shnlap93.cts.com:80

This is our hostname, we can remove the previous "#" and change it to:

ServerName 10.225.106.35:80

After you have changed the file, before restarting your Apache2.2, let's test if our Apache configuration files are correct:

If after you have ordered the test configuration, the black screen flashed over, indicating that your changes are correct, otherwise this black screen will stay in the current state, and tell you, your configuration changes are wrong, where the error.

Re-launch your Apache

Find the following line:

DocumentRoot

You will be sent a line of content like this:

DocumentRoot "D:/tools/httpd/htdocs"

This is called DocumentRoot-Webroot, that is, the publish directory, any project published in this directory will be loaded into the standard Web project when the Apache service is opened, we are now going to take this webroot to our own publishing directory.

DocumentRoot "D:/www"

We changed it to the WWW directory of D, and then we put a index.html file in the directory with the following contents:

Restart our Apache service to test:

Hey, what have we got? No access, why?

Find the following paragraph:

<directory/> Options FollowSymLinks AllowOverride None Order Deny,allow deny from all </Directory>

Did you see it?

Now, change this "deny from all" to "Allow Fromall."

<directory/> Options FollowSymLinks AllowOverride None Order Deny,allow allow from all </Directory>

Restart your Apache service when you are finished modifying

Ok, our Apache publish directory has been successfully changed to the D:\www directory, we will do an experiment:

We entered in Internet Explorer: http://localhost/css/, what do we see?

This is also, if the user is a novice hacker can know what files on our server, which directories can even see the contents of our files directly, how to do?

Find the following line

Options followsymlinks Indexes

Put it out and change it to the following.

#Options followsymlinks Indexes Options None

Don't worry, look down, there's

Options Indexes FollowSymLinks

Another one, get rid of it.

#Options Indexes FollowSymLinks Options None

Restart your Apache service after changing these two lines

Open a new IE again, enter: http://localhost/css/, we see the following interface:

Well, Apache's basic configuration is complete:

1) Basic Security Configuration, directory access not allowed

2) Change Webroot to another physical directory without using Apache's own Webroot directory

2.6 Integrating Apache with Tomcat

Apache (Web Server) is responsible for processing HTML static content;

Tomcat (App Server) is responsible for handling dynamic content;

This is actually the above architecture, the following is the principle

1) Apache is equipped with a module, this module is called MOD_JK

2) Apache is responsible for parsing any static web content through port 80

3) Any unresolved content, use the expression to tell mod_jk, let mod_jk distributed to the relevant app server to explain.

Through the above description we can know:

1) We need to install a mod_jk in Apache first.

2) We need to write some expressions in httpd.conf

This is implemented below.

1) manually copy the mod_jk-1.2.31-httpd-2.2.3.so into our Apache installation directory modules directory, the full name of this file: Mod_ Jk-1.2.31-httpd-2.2.3.so, you can get from the "/javaarchitect/mod_jk/" directory on the FTP, because this file is I use C + + in the local recompile, the Web download is src that the source code, Save you time to compile, and some other online download mod_jk.so is not available.

2) Open the httpd.conf file with UltraEdit, and run to the last side of the file to add the following lines:

LoadModule Jk_module modules/mod_jk-1.2.31-httpd-2.2.3.so Jkworkersfile conf/workers.properties Jklogfile Logs/mod_jk.log <virtualhost *> ServerAdmin localhost DocumentRoot d:/www/ ServerName localhost DirectoryIndex index.html index.htm index.jsp index.action Errorlog Logs/shsc-error_log.txt Customlog Logs/shsc-access_log.txt Common Jkmount/*web-inf ajp13 Jkmount/*j_spring_security_check ajp13 Jkmount/*.action ajp13 jkmount/servlet/* ajp13 Jkmount/*.jsp ajp13 Jkmount/*.do ajp13 Jkmount/*.action ajp13 Jkmount/*fckeditor/editor/filemanager/connectors/*.* ajp13 jkmount/fckeditor/editor/filemanager/connectors/* ajp13 </VirtualHost>

The key is these two sentences:

LoadModule Jk_module modules/mod_jk-1.2.31-httpd-2.2.3.so

Jkworkersfile conf/workers.properties

Represent:

Üapache loads an additional plug-in to connect to Tomcat.

ü The configuration parameters for the connection are described in a named Workers.properties file located in the/conf directory of the Apache installation directory, MOD_JK generally uses the AJP13 protocol connection, using Tomcat's 8009 port.

3) The contents of the Worker.properties file are as follows:

Workers.tomcat_home=d:/tomcat2 workers.java_home=c:/jdk1.6.32 ps=/ Worker.list=ajp13 worker.ajp13.port=8009 Worker.ajp13.host=localhost Worker.ajp13.type=ajp13

4) Tell us about Apache, which is to be given to Tomcat to parse, in addition to the Apache itself to parse :

<virtualhost *> ServerAdmin localhost DocumentRoot d:/www/ ServerName localhost DirectoryIndex index.html index.htm index.jsp index.action Errorlog Logs/shsc-error_log.txt Customlog Logs/shsc-access_log.txt Common Jkmount/*web-inf ajp13 Jkmount/*j_spring_security_check ajp13 Jkmount/*.action ajp13 jkmount/servlet/* ajp13 Jkmount/*.jsp ajp13 Jkmount/*.do ajp13 Jkmount/*.action ajp13 Jkmount/*fckeditor/editor/filemanager/connectors/*.* ajp13 jkmount/fckeditor/editor/filemanager/connectors/* ajp13 </VirtualHost>

As you can see, all/servlet/* are parsed by Tomcat, all JSPs,. Do,. Action are parsed by Tomcat.

There is also a special/fckeditor, this is a blog editor we use, this because it is a servlet, so also need to give Tomcat to the iron analysis.

5) put/cbbs project into Tomcat's WebApps directory

6) Copy the/cbbs to the D:/www directory by hand

7) Delete D:/www/cbbs/web-inf This directory, hey, because d:/www under the things are parsed by Apache, all of the Web-inf is Java, we just need to deployment under Tomcat can, is not it?

8) Restart Tomcat, restart Apache, enter directly in IE: Http://localhost/cbbs, log in with SALLY/ABCDEFG, operate, all success

Oh...yeah, Tomcat+apache a step.

Three, the Cbbs engineering configuration for the experiment

Finally, attach the configuration that Cbbs need to use, the related works can be obtained through the cbbs.zip of FTP "/java architect/project/".

ü Open Server.xml in tomcat join:

<resource Driverclassname= "Oracle.jdbc.OracleDriver" factory= "Org.apache.commons.dbcp.BasicDataSourceFactory" Maxactive= "maxidle=" maxwait= "name=" Jdbc/eltds " password= "XXX" Type= "Javax.sql.DataSource" Url= "JDBC:ORACLE:THIN:@10.225.101.51:1521:JCOEDB1" Username= "xxx"/>

And

<context crosscontext= "true" docbase= "D:/upload" path= "/uploadpic" reloadable= "true"/> <context docbase= "Cbbs" path= "/cbbs" reloadable= "true"/>

ü Manually set up a upload directory in the D packing directory, and then create an image directory in this directory.

ü Open context.xml in tomcat join

<resourcelink name= "Jdbc/cbbsds" type= "Javax.sql.DataSource" global= "Jdbc/cbbsds"/>

Apache Integrated Tomcat (GO)