Difference between revisions of "SUNScholar/Prepare Ubuntu/S05"

From Libopedia
Jump to navigation Jump to search
m
Line 15: Line 15:
  
 
==[[SUNScholar/Prepare_Ubuntu/S05/Ubuntu-12.04|For Ubuntu 12.04 LTS]]==
 
==[[SUNScholar/Prepare_Ubuntu/S05/Ubuntu-12.04|For Ubuntu 12.04 LTS]]==
 
==Step 5.1: Install Tomcat==
 
<center>
 
{{Tomcat7}}
 
</center>
 
 
Type the following:
 
 
sudo apt-get install tomcat6
 
 
==Step 5.2: Allow Tomcat to listen on ports "80" and "443"==
 
===Step 5.2.1: Setup "authbind" for Tomcat===
 
To enable Tomcat to listen on a privileged port below 100, we need to enable "authbind". Edit the '''/etc/default/tomcat6''' file as follows:
 
sudo nano /etc/default/tomcat6
 
Remove the hash sign from in front of the authbind parameter and change authbind to yes as follows
 
<pre>
 
# If you run Tomcat on port numbers that are all higher than 1023, then you
 
# do not need authbind.  It is used for binding Tomcat to lower port numbers.
 
# NOTE: authbind works only with IPv4.  Do not enable it when using IPv6.
 
# (yes/no, default: no)
 
AUTHBIND=yes
 
</pre>
 
 
{{NANO}}
 
 
Now we need to tell "authbind" that Tomcat is allowed to use lower port numbers. Type the following commands:
 
sudo touch /etc/authbind/byport/80
 
 
sudo touch /etc/authbind/byport/443
 
 
sudo chmod 0755 /etc/authbind/byport/80
 
 
sudo chmod 0755 /etc/authbind/byport/443
 
 
sudo chown tomcat6.tomcat6 /etc/authbind/byport/80
 
 
sudo chown tomcat6.tomcat6 /etc/authbind/byport/443
 
 
cd /etc/authbind/byport
 
 
ls -l
 
Now Tomcat has permission to use ports 80 and 443. See below for an example listing of the files in the '''/etc/authbind/byport''' folder.
 
<pre>
 
root@ir1:/etc/authbind/byport# ls -l
 
total 0
 
-rwxr-xr-x 1 tomcat6 tomcat6 0 2011-06-10 18:33 443
 
-rwxr-xr-x 1 tomcat6 tomcat6 0 2011-06-10 18:33 80
 
</pre>
 
 
===Step 5.2.2: Setup Tomcat to listen on insecure port 80===
 
Now we tell the Tomcat server to listen on the "authbind" ports. Edit the following file.
 
sudo nano /etc/tomcat6/server.xml
 
Find the connector for port 8080 and change it to port 80.
 
 
See example below.
 
<pre>
 
    <Connector port="80" protocol="HTTP/1.1"
 
      enableLookups="false"
 
              connectionTimeout="20000"
 
              URIEncoding="UTF-8"
 
              redirectPort="443" />
 
</pre>
 
 
<font color="red">'''If enabled, comment out the AJP 1.3 connector. It is not needed.'''</font>
 
 
{{NANO}}
 
 
===Step 5.2.3: Setup Tomcat to listen on secure port 443===
 
Please go to: http://wiki.lib.sun.ac.za/index.php/SUNScholar/Secure_Internet_Connections later, after installation to do secure port 443 setup.
 
 
For now and testing it is ok, just to use port 80 only for Tomcat connections.
 
 
==Step 5.3: Setup Tomcat admin users==
 
Type as follows:
 
 
sudo nano /etc/tomcat6/tomcat-users.xml
 
 
Delete all the contents of the file and add the following admin and manager roles with a password.
 
<pre>
 
<?xml version='1.0' encoding='utf-8'?>
 
<tomcat-users>
 
  <role rolename="manager"/>
 
  <role rolename="admin"/>
 
  <user username="dspace" password="%%%%%%%" roles="admin,manager"/>
 
</tomcat-users>
 
</pre>
 
 
{{NANO}}
 
 
==Step 5.4: Restart the Tomcat server==
 
Now restart the tomcat server as follows:
 
 
sudo /etc/init.d/tomcat6 restart
 
 
==Step 5.5: Post Tomcat installation checks==
 
Now let's look if all went well:
 
 
sudo netstat -tapn | grep java
 
 
Tomcat should be listening on port 80 now:
 
 
<pre>
 
root@server1:~# netstat -tapn | grep java
 
tcp        0      0 127.0.0.1:8005          0.0.0.0:*              LISTEN      8063/java     
 
tcp        0      0 0.0.0.0:80              0.0.0.0:*              LISTEN      8063/java     
 
</pre>
 
 
Thats it, now you have a working Java webapp server.
 
 
==Step 5.6: Troubleshooting==
 
*Check optimisations done for Tomcat in the link below
 
http://wiki.lib.sun.ac.za/index.php/SUNScholar/Optimisations/Tomcat
 
*;Please remember only '''ONE''' server at time may listen on any TCP/UDP port on your server.
 
*A reboot of the server may be needed to get Tomcat working on ports 80 and 443 correctly.
 
*Later on during the actual DSpace installation, you will have to select a "root" webapp so that you have a clean URL. See link below.
 
http://wiki.lib.sun.ac.za/index.php/SUNScholar/Install_DSpace/S08
 
 
==References==
 
*http://manage.jujucharms.com/charms/trusty/tomcat
 
*http://manage.jujucharms.com/charms/precise/tomcat
 

Revision as of 12:45, 15 January 2015

 NEXT - STEP 6

Step 5. Setup Tomcat Java Webapp Server

PLEASE NOTE:

  1. This procedure does NOT require "mod_jk" or Apache2 port re-direction with firewall rules or the Apache2 server installation itself, in fact.
  2. If you want to do URL rewrites as you did with Apache2, then try: http://tuckey.org/urlrewrite to do the same with Tomcat.
  3. If you want to enable Shibboleth with Java only, try: http://shibboleth.net/products/opensaml-java.html.
  4. This procedure has only been tested on an Ubuntu server installation!
  5. This procedure is completely different from the official DSpace documentation.

For Ubuntu 14.04 LTS

For Ubuntu 12.04 LTS

Retrieved from "http://wiki.lib.sun.ac.za/index.php?title=SUNScholar/Prepare_Ubuntu/S05&oldid=33341"