[32696] | 1 | <?xml version="1.0" encoding="UTF-8"?>
|
---|
| 2 | <!--
|
---|
| 3 | Licensed to the Apache Software Foundation (ASF) under one or more
|
---|
| 4 | contributor license agreements. See the NOTICE file distributed with
|
---|
| 5 | this work for additional information regarding copyright ownership.
|
---|
| 6 | The ASF licenses this file to You under the Apache License, Version 2.0
|
---|
| 7 | (the "License"); you may not use this file except in compliance with
|
---|
| 8 | the License. You may obtain a copy of the License at
|
---|
| 9 |
|
---|
| 10 | http://www.apache.org/licenses/LICENSE-2.0
|
---|
| 11 |
|
---|
| 12 | Unless required by applicable law or agreed to in writing, software
|
---|
| 13 | distributed under the License is distributed on an "AS IS" BASIS,
|
---|
| 14 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
---|
| 15 | See the License for the specific language governing permissions and
|
---|
| 16 | limitations under the License.
|
---|
| 17 | -->
|
---|
| 18 | <!-- Note: A "Server" is not itself a "Container", so you may not
|
---|
| 19 | define subcomponents such as "Valves" at this level.
|
---|
| 20 | Documentation at /docs/config/server.html
|
---|
| 21 | -->
|
---|
| 22 | <Server port="@shutdown-port@" shutdown="SHUTDOWN">
|
---|
| 23 | <Listener className="org.apache.catalina.startup.VersionLoggerListener" />
|
---|
| 24 | <!-- Security listener. Documentation at /docs/config/listeners.html
|
---|
| 25 | <Listener className="org.apache.catalina.security.SecurityListener" />
|
---|
| 26 | -->
|
---|
| 27 | <!--APR library loader. Documentation at /docs/apr.html -->
|
---|
| 28 | <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
|
---|
| 29 | <!-- Prevent memory leaks due to use of particular java/javax APIs-->
|
---|
| 30 | <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
|
---|
| 31 | <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
|
---|
| 32 | <Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
|
---|
| 33 |
|
---|
| 34 | <!-- Global JNDI resources
|
---|
| 35 | Documentation at /docs/jndi-resources-howto.html
|
---|
| 36 | -->
|
---|
| 37 | <GlobalNamingResources>
|
---|
| 38 | <!-- Editable user database that can also be used by
|
---|
| 39 | UserDatabaseRealm to authenticate users
|
---|
| 40 | -->
|
---|
| 41 | <Resource name="UserDatabase" auth="Container"
|
---|
| 42 | type="org.apache.catalina.UserDatabase"
|
---|
| 43 | description="User database that can be updated and saved"
|
---|
| 44 | factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
|
---|
| 45 | pathname="conf/tomcat-users.xml" />
|
---|
| 46 | </GlobalNamingResources>
|
---|
| 47 |
|
---|
| 48 | <!-- A "Service" is a collection of one or more "Connectors" that share
|
---|
| 49 | a single "Container" Note: A "Service" is not itself a "Container",
|
---|
| 50 | so you may not define subcomponents such as "Valves" at this level.
|
---|
| 51 | Documentation at /docs/config/service.html
|
---|
| 52 | -->
|
---|
| 53 | <Service name="Catalina">
|
---|
| 54 |
|
---|
| 55 | <!--The connectors can use a shared executor, you can define one or more named thread pools-->
|
---|
| 56 | <!--
|
---|
| 57 | <Executor name="tomcatThreadPool" namePrefix="catalina-exec-"
|
---|
| 58 | maxThreads="150" minSpareThreads="4"/>
|
---|
| 59 | -->
|
---|
| 60 |
|
---|
| 61 | <!-- A "Connector" represents an endpoint by which requests are received
|
---|
| 62 | and responses are returned. Documentation at :
|
---|
| 63 | Java HTTP Connector: /docs/config/http.html
|
---|
| 64 | Java AJP Connector: /docs/config/ajp.html
|
---|
| 65 | APR (HTTP/AJP) Connector: /docs/apr.html
|
---|
| 66 | Define a non-SSL/TLS HTTP/1.1 Connector on port @localhost.port.http@
|
---|
| 67 | -->
|
---|
| 68 | <!--
|
---|
| 69 | <Connector @http.address.restriction@
|
---|
| 70 | port="@localhost.port.http@" protocol="HTTP/1.1"
|
---|
| 71 | connectionTimeout="20000"
|
---|
| 72 | redirectPort="@https.redirect.port@" />
|
---|
| 73 | -->
|
---|
| 74 | <!-- A "Connector" using the shared thread pool-->
|
---|
| 75 | <!-- In Greenstone we comment out the above default connector for Tomcat
|
---|
| 76 | in preference of the shared thread pool -->
|
---|
| 77 | <Connector executor="tomcatThreadPool" @http.address.restriction@
|
---|
| 78 | port="@localhost.port.http@" protocol="HTTP/1.1"
|
---|
| 79 | connectionTimeout="20000"
|
---|
| 80 | redirectPort="@https.redirect.port@"
|
---|
| 81 | compression="on"
|
---|
| 82 | compressionMinSize="524288"
|
---|
| 83 | compressableMimeType="text/html,text/xml,text/css,text/xsl,text/javascript"
|
---|
| 84 | noCompressionUserAgents="gozilla, traviata"
|
---|
| 85 | URIEncoding="UTF-8"
|
---|
| 86 | />
|
---|
| 87 |
|
---|
| 88 | <!-- Define a SSL/TLS HTTP/1.1 Connector on port @https.redirect.port@
|
---|
| 89 | This connector uses the NIO implementation. The default
|
---|
| 90 | SSLImplementation will depend on the presence of the APR/native
|
---|
| 91 | library and the useOpenSSL attribute of the
|
---|
| 92 | AprLifecycleListener.
|
---|
| 93 | Either JSSE or OpenSSL style configuration may be used regardless of
|
---|
| 94 | the SSLImplementation selected. JSSE style configuration is used below.
|
---|
| 95 | -->
|
---|
| 96 | <!--
|
---|
| 97 | <Connector port="@https.redirect.port@" protocol="org.apache.coyote.http11.Http11NioProtocol"
|
---|
| 98 | maxThreads="150" SSLEnabled="true">
|
---|
| 99 | <SSLHostConfig>
|
---|
| 100 | <Certificate certificateKeystoreFile="conf/localhost-rsa.jks"
|
---|
| 101 | type="RSA" />
|
---|
| 102 | </SSLHostConfig>
|
---|
| 103 | </Connector>
|
---|
| 104 | -->
|
---|
| 105 | <!-- Define a SSL/TLS HTTP/1.1 Connector on port @https.redirect.port@ with HTTP/2
|
---|
| 106 | This connector uses the APR/native implementation which always uses
|
---|
| 107 | OpenSSL for TLS.
|
---|
| 108 | Either JSSE or OpenSSL style configuration may be used. OpenSSL style
|
---|
| 109 | configuration is used below.
|
---|
| 110 | -->
|
---|
| 111 | <!--
|
---|
| 112 | <Connector port="@https.redirect.port@" protocol="org.apache.coyote.http11.Http11AprProtocol"
|
---|
| 113 | maxThreads="150" SSLEnabled="true" >
|
---|
| 114 | <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />
|
---|
| 115 | <SSLHostConfig>
|
---|
| 116 | <Certificate certificateKeyFile="conf/localhost-rsa-key.pem"
|
---|
| 117 | certificateFile="conf/localhost-rsa-cert.pem"
|
---|
| 118 | certificateChainFile="conf/localhost-rsa-chain.pem"
|
---|
| 119 | type="RSA" />
|
---|
| 120 | </SSLHostConfig>
|
---|
| 121 | </Connector>
|
---|
| 122 | -->
|
---|
| 123 | @https.comment.out.start@
|
---|
| 124 | <Connector port="@tomcat.port.https@" protocol="org.apache.coyote.http11.Http11Protocol"
|
---|
| 125 | maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
|
---|
| 126 | keystoreFile="@keystore.file@"
|
---|
| 127 | keystorePass="@keystore.pass@"
|
---|
| 128 | clientAuth="false" sslProtocol="TLS"
|
---|
| 129 | keystoreType="@keystore.type@" />
|
---|
| 130 | @https.comment.out.end@
|
---|
| 131 |
|
---|
| 132 | <!-- Define an AJP 1.3 Connector on port @tomcat.ajp.port@ -->
|
---|
| 133 | <Connector port="@tomcat.ajp.port@" protocol="AJP/1.3" URIEncoding="UTF-8" redirectPort="@https.redirect.port@" />
|
---|
| 134 |
|
---|
| 135 |
|
---|
| 136 | <!-- An Engine represents the entry point (within Catalina) that processes
|
---|
| 137 | every request. The Engine implementation for Tomcat stand alone
|
---|
| 138 | analyzes the HTTP headers included with the request, and passes them
|
---|
| 139 | on to the appropriate Host (virtual host).
|
---|
| 140 | Documentation at /docs/config/engine.html -->
|
---|
| 141 |
|
---|
| 142 | <!-- You should set jvmRoute to support load-balancing via AJP ie :
|
---|
| 143 | <Engine name="Catalina" defaultHost="localhost" jvmRoute="jvm1">
|
---|
| 144 | -->
|
---|
| 145 | <Engine name="Catalina" defaultHost="localhost">
|
---|
| 146 |
|
---|
| 147 | <!--For clustering, please take a look at documentation at:
|
---|
| 148 | /docs/cluster-howto.html (simple how to)
|
---|
| 149 | /docs/config/cluster.html (reference documentation) -->
|
---|
| 150 | <!--
|
---|
| 151 | <Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/>
|
---|
| 152 | -->
|
---|
| 153 |
|
---|
| 154 | <!-- Use the LockOutRealm to prevent attempts to guess user passwords
|
---|
| 155 | via a brute-force attack -->
|
---|
| 156 | <Realm className="org.apache.catalina.realm.LockOutRealm">
|
---|
| 157 | <!-- This Realm uses the UserDatabase configured in the global JNDI
|
---|
| 158 | resources under the key "UserDatabase". Any edits
|
---|
| 159 | that are performed against this UserDatabase are immediately
|
---|
| 160 | available for use by the Realm. -->
|
---|
| 161 | <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
|
---|
| 162 | resourceName="UserDatabase"/>
|
---|
| 163 | </Realm>
|
---|
| 164 |
|
---|
| 165 | <Host name="localhost" appBase="webapps"
|
---|
| 166 | unpackWARs="true" autoDeploy="true">
|
---|
| 167 |
|
---|
| 168 | <!-- SingleSignOn valve, share authentication between web applications
|
---|
| 169 | Documentation at: /docs/config/valve.html -->
|
---|
| 170 | <!--
|
---|
| 171 | <Valve className="org.apache.catalina.authenticator.SingleSignOn" />
|
---|
| 172 | -->
|
---|
| 173 |
|
---|
| 174 | <!-- Access log processes all example.
|
---|
| 175 | Documentation at: /docs/config/valve.html
|
---|
| 176 | Note: The pattern used is equivalent to using pattern="common" -->
|
---|
| 177 | <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
|
---|
| 178 | prefix="localhost_access_log" suffix=".txt"
|
---|
| 179 | pattern="%h %l %u %t "%r" %s %b" />
|
---|
| 180 |
|
---|
| 181 | </Host>
|
---|
| 182 | </Engine>
|
---|
| 183 | </Service>
|
---|
| 184 | </Server>
|
---|