source: main/trunk/greenstone3/resources/tomcat/server_tomcat8.xml.svn

Last change on this file was 38892, checked in by kjdon, 4 weeks ago

had erroneous double start comment
File size: 10.2 KB
Line 
1<?xml version="1.0" encoding="UTF-8"?>
2<!--
3 Licensed to the Apache Software Foundation (ASF) under one or more
4 contributor license agreements. See the NOTICE file distributed with
5 this work for additional information regarding copyright ownership.
6 The ASF licenses this file to You under the Apache License, Version 2.0
7 (the "License"); you may not use this file except in compliance with
8 the License. You may obtain a copy of the License at
9
10 http://www.apache.org/licenses/LICENSE-2.0
11
12 Unless required by applicable law or agreed to in writing, software
13 distributed under the License is distributed on an "AS IS" BASIS,
14 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 See the License for the specific language governing permissions and
16 limitations under the License.
17 -->
18<!-- GSDL: Notes
19 To turn a new default 'tomcatN.x.yy/conf/server.xml' into a server_tomcatN.xml.svn
20 Perform the following substitutions:
21 8080 => @localhost.port.http@
22 8443 => @https.redirect.port@
23 8005 => @shutdown-port@
24 8009 => @tomcat.ajp.port@
25
26 Then:
27 diff tomcatN.x.yy/conf/server.xml server_tomcatN.xml.svn
28
29 This will highlight were additional changes are needed.
30 For instance add in:
31 @http.address.restriction@
32 URIEncoding ="UTF-8"
33
34-->
35
36<!-- Note: A "Server" is not itself a "Container", so you may not
37 define subcomponents such as "Valves" at this level.
38 Documentation at /docs/config/server.html
39 -->
40<Server port="@shutdown-port@" shutdown="SHUTDOWN">
41 <Listener className="org.apache.catalina.startup.VersionLoggerListener" />
42 <!-- Security listener. Documentation at /docs/config/listeners.html
43 <Listener className="org.apache.catalina.security.SecurityListener" />
44 -->
45 <!-- APR library loader. Documentation at /docs/apr.html -->
46 <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
47 <!-- Prevent memory leaks due to use of particular java/javax APIs-->
48 <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
49 <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
50 <Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
51
52 <!-- Global JNDI resources
53 Documentation at /docs/jndi-resources-howto.html
54 -->
55 <GlobalNamingResources>
56 <!-- Editable user database that can also be used by
57 UserDatabaseRealm to authenticate users
58 -->
59 <Resource name="UserDatabase" auth="Container"
60 type="org.apache.catalina.UserDatabase"
61 description="User database that can be updated and saved"
62 factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
63 pathname="conf/tomcat-users.xml" />
64 </GlobalNamingResources>
65
66 <!-- A "Service" is a collection of one or more "Connectors" that share
67 a single "Container" Note: A "Service" is not itself a "Container",
68 so you may not define subcomponents such as "Valves" at this level.
69 Documentation at /docs/config/service.html
70 -->
71 <Service name="Catalina">
72
73 <!--The connectors can use a shared executor, you can define one or more named thread pools-->
74 <!--
75 <Executor name="tomcatThreadPool" namePrefix="catalina-exec-"
76 maxThreads="150" minSpareThreads="4"/>
77 -->
78
79
80 <!-- A "Connector" represents an endpoint by which requests are received
81 and responses are returned. Documentation at :
82 Java HTTP Connector: /docs/config/http.html
83 Java AJP Connector: /docs/config/ajp.html
84 APR (HTTP/AJP) Connector: /docs/apr.html
85 Define a non-SSL/TLS HTTP/1.1 Connector on port @localhost.port.http@
86 -->
87 <!-- GSDL: We comment out the 'standard' connector in favour of the tomcatThreadPool one below -->
88 <!-- GSDL: URIEncoding of UTF-8 param also added, and @http.address.restriction@ -->
89 <!--
90
91 <Connector @http.address.restriction@
92 port="@localhost.port.http@" protocol="HTTP/1.1"
93 connectionTimeout="20000"
94 redirectPort="@https.redirect.port@"
95 maxParameterCount="1000"
96 URIEncoding="UTF-8"
97 />
98 -->
99 <!-- A "Connector" using the shared thread pool-->
100 <!-- GSDL: We use this Connector by default. Add @http.address.restriction@
101 Additional params added after redirectPort -->
102 <Connector executor="tomcatThreadPool" @http.address.restriction@
103 port="@localhost.port.http@" protocol="HTTP/1.1"
104 connectionTimeout="20000"
105 redirectPort="@https.redirect.port@"
106 maxParameterCount="1000"
107 compression="on"
108 compressionMinSize="524288"
109 compressableMimeType="text/html,text/xml,text/css,text/xsl,text/javascript"
110 noCompressionUserAgents="gozilla, traviata"
111 URIEncoding="UTF-8"
112 />
113
114 <!-- Define an SSL/TLS HTTP/1.1 Connector on port @https.redirect.port@
115 This connector uses the NIO implementation. The default
116 SSLImplementation will depend on the presence of the APR/native
117 library and the useOpenSSL attribute of the AprLifecycleListener.
118 Either JSSE or OpenSSL style configuration may be used regardless of
119 the SSLImplementation selected. JSSE style configuration is used below.
120 -->
121 <!-- GSDL: URIEncoding param added, but note the connector elem itself is commented out by default -->
122 <!--
123 <Connector port="@https.redirect.port@" protocol="org.apache.coyote.http11.Http11NioProtocol"
124 maxThreads="150" SSLEnabled="true"
125 maxParameterCount="1000"
126 URIEncoding="UTF-8"
127 >
128 <SSLHostConfig>
129 <Certificate certificateKeystoreFile="conf/localhost-rsa.jks"
130 type="RSA" />
131 </SSLHostConfig>
132 </Connector>
133 -->
134 <!-- Define an SSL/TLS HTTP/1.1 Connector on port @https.redirect.port@ with HTTP/2
135 This connector uses the APR/native implementation which always uses
136 OpenSSL for TLS.
137 Either JSSE or OpenSSL style configuration may be used. OpenSSL style
138 configuration is used below.
139 -->
140 <!-- GSDL: URIEncoding param added, but note the connector elem itself is commented out by default -->
141 <!--
142 <Connector port="@https.redirect.port@" protocol="org.apache.coyote.http11.Http11AprProtocol"
143 maxThreads="150" SSLEnabled="true"
144 maxParameterCount="1000"
145 URIEncoding="UTF-8"
146 >
147 <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />
148 <SSLHostConfig>
149 <Certificate certificateKeyFile="conf/localhost-rsa-key.pem"
150 certificateFile="conf/localhost-rsa-cert.pem"
151 certificateChainFile="conf/localhost-rsa-chain.pem"
152 type="RSA" />
153 </SSLHostConfig>
154 </Connector>
155 -->
156 <!-- GSDL: Connector element aligned with Greenstone documentation for for https access, if activated -->
157 @https.comment.out.start@
158 <Connector port="@tomcat.port.https@" protocol="org.apache.coyote.http11.Http11Protocol"
159 maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
160 keystoreFile="@keystore.file@"
161 keystorePass="@keystore.pass@"
162 clientAuth="false" sslProtocol="TLS"
163 keystoreType="@keystore.type@"
164 maxParameterCount="1000"
165 URIEncoding="UTF-8" />
166 @https.comment.out.end@
167
168 <!-- Define an AJP 1.3 Connector on port @tomcat.ajp.port@ -->
169 <!-- GSDL: URIEncoding param added, but note the connector elem itself is commented out by default -->
170 <!--
171 <Connector protocol="AJP/1.3"
172 address="::1"
173 port="@tomcat.ajp.port@"
174 redirectPort="@https.redirect.port@"
175 maxParameterCount="1000"
176 URIEncoding="UTF-8"
177 />
178 -->
179
180 <!-- An Engine represents the entry point (within Catalina) that processes
181 every request. The Engine implementation for Tomcat stand alone
182 analyzes the HTTP headers included with the request, and passes them
183 on to the appropriate Host (virtual host).
184 Documentation at /docs/config/engine.html -->
185
186 <!-- You should set jvmRoute to support load-balancing via AJP ie :
187 <Engine name="Catalina" defaultHost="localhost" jvmRoute="jvm1">
188 -->
189 <Engine name="Catalina" defaultHost="localhost">
190
191 <!--For clustering, please take a look at documentation at:
192 /docs/cluster-howto.html (simple how to)
193 /docs/config/cluster.html (reference documentation) -->
194 <!--
195 <Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/>
196 -->
197
198 <!-- Use the LockOutRealm to prevent attempts to guess user passwords
199 via a brute-force attack -->
200 <Realm className="org.apache.catalina.realm.LockOutRealm">
201 <!-- This Realm uses the UserDatabase configured in the global JNDI
202 resources under the key "UserDatabase". Any edits
203 that are performed against this UserDatabase are immediately
204 available for use by the Realm. -->
205 <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
206 resourceName="UserDatabase"/>
207 </Realm>
208
209 <Host name="localhost" appBase="webapps"
210 unpackWARs="true" autoDeploy="true">
211
212 <!-- SingleSignOn valve, share authentication between web applications
213 Documentation at: /docs/config/valve.html -->
214 <!--
215 <Valve className="org.apache.catalina.authenticator.SingleSignOn" />
216 -->
217
218 <!-- Access log processes all example.
219 Documentation at: /docs/config/valve.html
220 Note: The pattern used is equivalent to using pattern="common" -->
221 <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
222 prefix="localhost_access_log" suffix=".txt"
223 pattern="%h %l %u %t &quot;%r&quot; %s %b" />
224
225 </Host>
226 </Engine>
227 </Service>
228</Server>
Note: See TracBrowser for help on using the repository browser.