SUNScholar/Prepare Ubuntu/S05
Contents
Step 5. Setup Tomcat Java Webapp Server
Step 5.1: Install Tomcat
Type the following:
apt-get install tomcat6
Step 5.2: Allow Tomcat to listen on ports "80" and "443"
Step 5.2.1: Setup "authbind" for Tomcat
To enable Tomcat to listen on a privileged port below 100, we need to enable "authbind". Edit the /etc/default/tomcat6 file as follows:
nano /etc/default/tomcat6
Remove the hash sign from in front of the authbind parameter and change authbind to yes as follows
# If you run Tomcat on port numbers that are all higher than 1023, then you # do not need authbind. It is used for binding Tomcat to lower port numbers. # NOTE: authbind works only with IPv4. Do not enable it when using IPv6. # (yes/no, default: no) AUTHBIND=yes
- NANO Editor Help
| CTL+O | = Save the file and then press Enter |
| CTL+X | = Exit "nano" |
| CTL+K | = Delete line |
| CTL+U | = Undelete line |
| CTL+W | = Search for %%string%% |
| CTL+\ | = Search for %%string%% and replace with $$string$$ |
| CTL+C | = Show line numbers |
More info = http://en.wikipedia.org/wiki/Nano_(text_editor)
Now we need to tell "authbind" that Tomcat is allowed to use lower port numbers. Type the following commands:
touch /etc/authbind/byport/80
touch /etc/authbind/byport/443
chmod 0755 /etc/authbind/byport/80
chmod 0755 /etc/authbind/byport/443
chown tomcat6.tomcat6 /etc/authbind/byport/80
chown tomcat6.tomcat6 /etc/authbind/byport/443
Now Tomcat has permission to use ports 80 and 443. See below for an example listing of the files in the /etc/authbind/byport folder.
root@ir1:/etc/authbind/byport# ls -l total 0 -rwxr-xr-x 1 tomcat6 tomcat6 0 2011-06-10 18:33 443 -rwxr-xr-x 1 tomcat6 tomcat6 0 2011-06-10 18:33 80
Step 5.2.2: Setup Tomcat server listening ports
Now we tell the Tomcat server to listen on the "authbind" ports. Edit the following file.
nano /etc/tomcat6/server.xml
Find the connector for port 8080 and change it to port 80. Also add the UTF-8 encoding. See example below.
<Connector port="80" protocol="HTTP/1.1"
connectionTimeout="20000"
URIEncoding="UTF-8"
redirectPort="8443" />
Find the connector for port 8443 and change it to port 443. Remove the comments around the port "443" connector section. These are the <!-- and --> comment directives.
<Connector port="443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
If enabled, comment out the AJP 1.3 connector. It is not needed.
Save the file by pressing CTL+O and then CTL+X on the keyboard.
Now setup the secure connection to the Tomcat server. Then return here to continue the setup.
Step 5.3: Setup Tomcat admin users
Type as follows:
nano /etc/tomcat6/tomcat-users.xml
Delete all the contents of the file and add the following admin and manager roles with a password.
<?xml version='1.0' encoding='utf-8'?> <tomcat-users> <role rolename="manager"/> <role rolename="admin"/> <user username="dspace" password="dspace" roles="admin,manager"/> </tomcat-users>
Save the file by pressing CTL+O and then CTL+X on the keyboard.
Step 5.4: Setup Tomcat group permissions
Type the following in a terminal.
adduser tomcat6 dspace
adduser dspace tomcat6
Step 5.5: Restart the Tomcat server
Now restart the tomcat server as follows:
/etc/init.d/tomcat6 restart
Step 5.6: Post Tomcat installation checks
Now let's look if all went well:
netstat -tapn | grep java
Tomcat should be listening on ports 80 and 443:
root@server1:~# netstat -tapn | grep java tcp 0 0 127.0.0.1:8005 0.0.0.0:* LISTEN 8063/java tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 8063/java tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 8063/java tcp 0 0 127.0.0.1:34113 127.0.0.1:5432 ESTABLISHED 8063/java tcp 0 0 127.0.0.1:34112 127.0.0.1:5432 ESTABLISHED 8063/java root@server1:~#
Thats it, now you have a working Java webapp server.
SUNScholar server load using the Tomcat "authbind" method.
PREVIOUS
NEXT
