Tomcat User6 wrote:
hi, I am having a problem in configuring the <VirtualHost></VirtualHost> tab in httpd.cong file fro apache web server. I have my application deployed on Tomcat 6.0 server with below configuration in server.xml. <Host name="forum.dev.abc.com" appBase="/usr/local/apache-tomcat-6.0.16/webapps" unpackWARs="true" autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false"> <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" prefix="local_roller_access_log." suffix=".txt" pattern="common" resolveHosts="false"/></Host> The application is deployed at Tomcat's webapps directory"/usr/local/apache-tomcat-6.0.16/webapps" under roller directory.My website uses the apache server so first when I typed "http://forum.dev.abc.com/roller/"; on web browser the action will go to Tomcat server to run application. Each request is made on apache server and and requested to tomcat server. My apache server's httpd.conf file's configuration is as below: # NameVirtualHost forum.dev.abc.com:80 <VirtualHost forum.dev.abc.com:80> ServerName forum.dev.abc.com ServerAlias forum.dev.abc.com DocumentRoot /usr/local/apache-tomcat-6.0.16/webappsDirectoryIndex index.jspErrorLog logs/forum_error_log <Directory / > Options FollowSymLinks AllowOverride all Order allow,deny Allow from all </Directory> JkMount /*.jsp wrkr JkMount /*.do wrkr JkMount /*.action wrkr </VirtualHost> my problem is when I typed at browser as "http://forum.dev.abc.com:8080/roller/"; then as it is running on Tomcat it works fine. each and every actions and links are working fine. but when I typed in "http://forum.dev.abc.com:80/roller/"; or "http://forum.dev.abc.com/roller/"; at browser then as it is running on apache server and redirecting all requests to tomcat
No, it is probably not.Because the DocumentRoot of Apache is (also) /usr/local/apache-tomcat-6.0.16/webapps it is probably Apache which is going to serve your first index page, not Tomcat.
the links are not
working. The first page loaded same for both the requests
No, they are probably not being loaded in the same way. When you enter http://forum.dev.abc.com:8080/roller/it is Tomcat that serves the index page, according to the logic of the webapp.
But when you enter http://forum.dev.abc.com/roller/then it is Apache serving the index page, and it completely bypasses Tomcat (and the jsp processing, and the Tomcat security).
but links on first
page is not working on apache server i.e. working on tomcat server. I am pretty much sure that its a problem with configuration with httpd.conf file for <VirtualHost></VirtualHost>. If you help me out with this, this will be a great help.
I believe there are a couple of mistakes in your configuration above.First, because your DocumentRoot is set to the the top of the webapps directory of Tomcat, it means that all your webapp configuration files are visible to the world.
Try for example : http://forum.dev.abc.com/roller/WEB-INF or http://forum.dev.abc.com/roller/WEB-INF/web.xml I would redo this as follows :1) create a new, empty directory /var/www/forum-dev/docs, and give it r+x permissions for the user:group which is used to run Apache.
(www-data ?).
2) httpd.conf :
...
NameVirtualHost *:80
<VirtualHost *:80>
ServerName forum.dev.abc.com
# (Note : the ServerAlias is totally redundant, unless it is
# different from the ServerName
DocumentRoot /var/www/forum-dev/docs
ErrorLog logs/forum_error_log
DirectoryIndex index.jsp index.html
# Protect your system's root directory !!
<Directory / >
Options None
AllowOverride None
Order allow,deny
Deny from all
</Directory>
# This is now the Apache DocumentRoot
<Directory /var/www/forum-dev/docs >
Options FollowSymLinks
#AllowOverride All # are you sure ?
Order allow,deny
Allow from all
</Directory>
<Location /roller>
SetHandler jakarta-servlet
#SetEnvIf REQUEST_URI "\.(css|gif|jpg|js|html?)$" no-jk
</Location>
</VirtualHost>
Some differences :
1) <Directory /> means your system disk's root directory. You don't want
to give access to everyone to that one (and everything below it), do you ?
2) <Directory /var/www/forum-dev/docs> That is now the top directory that users can (possibly) see.You can put everything you want them to see under there (in sub-directories if you want), and it will be served directly by Apache.
(Except if it is in a <Location> like /roller). 3) <Location /roller> section :For all URLs that start with "/roller", Apache will pass this to mod_jk, and mod_jk to Tomcat.
An alternative way to write this would be :
<Location /roller>
JkMount *.jsp wrkr
JkMount *.do wrkr
JkMount *.action wrkr
#JkUnMount *.css
#JkUnMount *.gif
#JkUnMount *.jpg
....
</Location>
or (no <Location /roller>)
JkMount /roller wrkr
JkMount /roller/* wrkr
4) Tomcat will always refuse to serve anything that is in a "WEB-INF"
directory (but Apache does not care). Because the only place where
there is a WEB-INF directory is under /roller, and everything under
/roller goes through Tomcat, now /roller/WEB-INF/* is safe.
5) Because there is no directory /var/www/forum-dev/docs/roller,any URL starting with /roller must be either served by Tomcat, or else it will give a "Not Found" error.
That is more secure than your previous configuration.Of course, the above is not tested. So save your current http configuration first. ;-)
André --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|