Difference between revisions of "SUNScholar/Prepare Ubuntu/S05"
| Line 3: | Line 3: | ||
Type the following: | Type the following: | ||
| − | apt-get install tomcat6 | + | sudo apt-get install tomcat6 |
==Step 5.2: Allow Tomcat to listen on ports "80" and "443"== | ==Step 5.2: Allow Tomcat to listen on ports "80" and "443"== | ||
===Step 5.2.1: Setup "authbind" for Tomcat=== | ===Step 5.2.1: Setup "authbind" for Tomcat=== | ||
To enable Tomcat to listen on a privileged port below 100, we need to enable "authbind". Edit the '''/etc/default/tomcat6''' file as follows: | To enable Tomcat to listen on a privileged port below 100, we need to enable "authbind". Edit the '''/etc/default/tomcat6''' file as follows: | ||
| − | nano /etc/default/tomcat6 | + | sudo nano /etc/default/tomcat6 |
Remove the hash sign from in front of the authbind parameter and change authbind to yes as follows | Remove the hash sign from in front of the authbind parameter and change authbind to yes as follows | ||
<pre> | <pre> | ||
| Line 21: | Line 21: | ||
Now we need to tell "authbind" that Tomcat is allowed to use lower port numbers. Type the following commands: | Now we need to tell "authbind" that Tomcat is allowed to use lower port numbers. Type the following commands: | ||
| − | touch /etc/authbind/byport/80 | + | sudo touch /etc/authbind/byport/80 |
| − | touch /etc/authbind/byport/443 | + | sudo touch /etc/authbind/byport/443 |
| − | chmod 0755 /etc/authbind/byport/80 | + | sudo chmod 0755 /etc/authbind/byport/80 |
| − | chmod 0755 /etc/authbind/byport/443 | + | sudo chmod 0755 /etc/authbind/byport/443 |
| − | chown tomcat6.tomcat6 /etc/authbind/byport/80 | + | sudo chown tomcat6.tomcat6 /etc/authbind/byport/80 |
chown tomcat6.tomcat6 /etc/authbind/byport/443 | chown tomcat6.tomcat6 /etc/authbind/byport/443 | ||
| Line 42: | Line 42: | ||
===Step 5.2.2: Setup Tomcat server listening ports=== | ===Step 5.2.2: Setup Tomcat server listening ports=== | ||
Now we tell the Tomcat server to listen on the "authbind" ports. Edit the following file. | Now we tell the Tomcat server to listen on the "authbind" ports. Edit the following file. | ||
| − | nano /etc/tomcat6/server.xml | + | sudo nano /etc/tomcat6/server.xml |
Find the connector for port 8080 and change it to port 80. Also add the UTF-8 encoding. See example below. | Find the connector for port 8080 and change it to port 80. Also add the UTF-8 encoding. See example below. | ||
<pre> | <pre> | ||
| Line 66: | Line 66: | ||
Type as follows: | Type as follows: | ||
| − | nano /etc/tomcat6/tomcat-users.xml | + | sudo nano /etc/tomcat6/tomcat-users.xml |
Delete all the contents of the file and add the following admin and manager roles with a password. | Delete all the contents of the file and add the following admin and manager roles with a password. | ||
| Line 82: | Line 82: | ||
==Step 5.4: Setup Tomcat group permissions== | ==Step 5.4: Setup Tomcat group permissions== | ||
Type the following in a terminal. | Type the following in a terminal. | ||
| − | adduser tomcat6 dspace | + | sudo adduser tomcat6 dspace |
| − | adduser dspace tomcat6 | + | sudo adduser dspace tomcat6 |
==Step 5.5: Restart the Tomcat server== | ==Step 5.5: Restart the Tomcat server== | ||
Now restart the tomcat server as follows: | Now restart the tomcat server as follows: | ||
| − | /etc/init.d/tomcat6 restart | + | sudo /etc/init.d/tomcat6 restart |
==Step 5.6: Post Tomcat installation checks== | ==Step 5.6: Post Tomcat installation checks== | ||
Now let's look if all went well: | Now let's look if all went well: | ||
| − | netstat -tapn | grep java | + | sudo netstat -tapn | grep java |
Tomcat should be listening on ports 80 and 443: | Tomcat should be listening on ports 80 and 443: | ||
Revision as of 13:27, 4 August 2012
Contents
Step 5. Setup Tomcat Java Webapp Server
Step 5.1: Install Tomcat
Type the following:
sudo apt-get install tomcat6
Step 5.2: Allow Tomcat to listen on ports "80" and "443"
Step 5.2.1: Setup "authbind" for Tomcat
To enable Tomcat to listen on a privileged port below 100, we need to enable "authbind". Edit the /etc/default/tomcat6 file as follows:
sudo nano /etc/default/tomcat6
Remove the hash sign from in front of the authbind parameter and change authbind to yes as follows
# If you run Tomcat on port numbers that are all higher than 1023, then you # do not need authbind. It is used for binding Tomcat to lower port numbers. # NOTE: authbind works only with IPv4. Do not enable it when using IPv6. # (yes/no, default: no) AUTHBIND=yes
- NANO Editor Help
| CTL+O | = Save the file and then press Enter |
| CTL+X | = Exit "nano" |
| CTL+K | = Delete line |
| CTL+U | = Undelete line |
| CTL+W | = Search for %%string%% |
| CTL+\ | = Search for %%string%% and replace with $$string$$ |
| CTL+C | = Show line numbers |
More info = http://en.wikipedia.org/wiki/Nano_(text_editor)
Now we need to tell "authbind" that Tomcat is allowed to use lower port numbers. Type the following commands:
sudo touch /etc/authbind/byport/80
sudo touch /etc/authbind/byport/443
sudo chmod 0755 /etc/authbind/byport/80
sudo chmod 0755 /etc/authbind/byport/443
sudo chown tomcat6.tomcat6 /etc/authbind/byport/80
chown tomcat6.tomcat6 /etc/authbind/byport/443
Now Tomcat has permission to use ports 80 and 443. See below for an example listing of the files in the /etc/authbind/byport folder.
root@ir1:/etc/authbind/byport# ls -l total 0 -rwxr-xr-x 1 tomcat6 tomcat6 0 2011-06-10 18:33 443 -rwxr-xr-x 1 tomcat6 tomcat6 0 2011-06-10 18:33 80
Step 5.2.2: Setup Tomcat server listening ports
Now we tell the Tomcat server to listen on the "authbind" ports. Edit the following file.
sudo nano /etc/tomcat6/server.xml
Find the connector for port 8080 and change it to port 80. Also add the UTF-8 encoding. See example below.
<Connector port="80" protocol="HTTP/1.1"
connectionTimeout="20000"
URIEncoding="UTF-8"
redirectPort="8443" />
Find the connector for port 8443 and change it to port 443. Remove the comments around the port "443" connector section. These are the <!-- and --> comment directives.
<Connector port="443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
If enabled, comment out the AJP 1.3 connector. It is not needed.
- NANO Editor Help
| CTL+O | = Save the file and then press Enter |
| CTL+X | = Exit "nano" |
| CTL+K | = Delete line |
| CTL+U | = Undelete line |
| CTL+W | = Search for %%string%% |
| CTL+\ | = Search for %%string%% and replace with $$string$$ |
| CTL+C | = Show line numbers |
More info = http://en.wikipedia.org/wiki/Nano_(text_editor)
Now setup the secure connection to the Tomcat server. Then return here to continue the setup.
Step 5.3: Setup Tomcat admin users
Type as follows:
sudo nano /etc/tomcat6/tomcat-users.xml
Delete all the contents of the file and add the following admin and manager roles with a password.
<?xml version='1.0' encoding='utf-8'?> <tomcat-users> <role rolename="manager"/> <role rolename="admin"/> <user username="dspace" password="dspace" roles="admin,manager"/> </tomcat-users>
- NANO Editor Help
| CTL+O | = Save the file and then press Enter |
| CTL+X | = Exit "nano" |
| CTL+K | = Delete line |
| CTL+U | = Undelete line |
| CTL+W | = Search for %%string%% |
| CTL+\ | = Search for %%string%% and replace with $$string$$ |
| CTL+C | = Show line numbers |
More info = http://en.wikipedia.org/wiki/Nano_(text_editor)
Step 5.4: Setup Tomcat group permissions
Type the following in a terminal.
sudo adduser tomcat6 dspace
sudo adduser dspace tomcat6
Step 5.5: Restart the Tomcat server
Now restart the tomcat server as follows:
sudo /etc/init.d/tomcat6 restart
Step 5.6: Post Tomcat installation checks
Now let's look if all went well:
sudo netstat -tapn | grep java
Tomcat should be listening on ports 80 and 443:
root@server1:~# netstat -tapn | grep java tcp 0 0 127.0.0.1:8005 0.0.0.0:* LISTEN 8063/java tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 8063/java tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 8063/java tcp 0 0 127.0.0.1:34113 127.0.0.1:5432 ESTABLISHED 8063/java tcp 0 0 127.0.0.1:34112 127.0.0.1:5432 ESTABLISHED 8063/java root@server1:~#
Thats it, now you have a working Java webapp server.
SUNScholar server load using the Tomcat "authbind" method.
PREVIOUS
NEXT
