root/main/trunk/greenstone3/resources/tomcat/server_tomcat8.xml.svn @ 32696

Revision 32696, 8.5 KB (checked in by davidb, 6 months ago)

Files to operate Greenstone with an apache-tomcat-8.x version

Line 
1<?xml version="1.0" encoding="UTF-8"?>
2<!--
3  Licensed to the Apache Software Foundation (ASF) under one or more
4  contributor license agreements.  See the NOTICE file distributed with
5  this work for additional information regarding copyright ownership.
6  The ASF licenses this file to You under the Apache License, Version 2.0
7  (the "License"); you may not use this file except in compliance with
8  the License.  You may obtain a copy of the License at
9
10      http://www.apache.org/licenses/LICENSE-2.0
11
12  Unless required by applicable law or agreed to in writing, software
13  distributed under the License is distributed on an "AS IS" BASIS,
14  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15  See the License for the specific language governing permissions and
16  limitations under the License.
17-->
18<!-- Note:  A "Server" is not itself a "Container", so you may not
19     define subcomponents such as "Valves" at this level.
20     Documentation at /docs/config/server.html
21 -->
22<Server port="@shutdown-port@" shutdown="SHUTDOWN">
23  <Listener className="org.apache.catalina.startup.VersionLoggerListener" />
24  <!-- Security listener. Documentation at /docs/config/listeners.html
25  <Listener className="org.apache.catalina.security.SecurityListener" />
26  -->
27  <!--APR library loader. Documentation at /docs/apr.html -->
28  <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
29  <!-- Prevent memory leaks due to use of particular java/javax APIs-->
30  <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
31  <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
32  <Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
33
34  <!-- Global JNDI resources
35       Documentation at /docs/jndi-resources-howto.html
36  -->
37  <GlobalNamingResources>
38    <!-- Editable user database that can also be used by
39         UserDatabaseRealm to authenticate users
40    -->
41    <Resource name="UserDatabase" auth="Container"
42              type="org.apache.catalina.UserDatabase"
43              description="User database that can be updated and saved"
44              factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
45              pathname="conf/tomcat-users.xml" />
46  </GlobalNamingResources>
47
48  <!-- A "Service" is a collection of one or more "Connectors" that share
49       a single "Container" Note:  A "Service" is not itself a "Container",
50       so you may not define subcomponents such as "Valves" at this level.
51       Documentation at /docs/config/service.html
52   -->
53  <Service name="Catalina">
54
55    <!--The connectors can use a shared executor, you can define one or more named thread pools-->
56    <!--
57    <Executor name="tomcatThreadPool" namePrefix="catalina-exec-"
58        maxThreads="150" minSpareThreads="4"/>
59    -->
60
61    <!-- A "Connector" represents an endpoint by which requests are received
62         and responses are returned. Documentation at :
63         Java HTTP Connector: /docs/config/http.html
64         Java AJP  Connector: /docs/config/ajp.html
65         APR (HTTP/AJP) Connector: /docs/apr.html
66         Define a non-SSL/TLS HTTP/1.1 Connector on port @localhost.port.http@
67    -->
68    <!--
69    <Connector @http.address.restriction@
70           port="@localhost.port.http@"  protocol="HTTP/1.1"
71               connectionTimeout="20000"
72               redirectPort="@https.redirect.port@" />
73    -->
74    <!-- A "Connector" using the shared thread pool-->   
75    <!-- In Greenstone we comment out the above default connector for Tomcat
76     in preference of the shared thread pool -->   
77    <Connector executor="tomcatThreadPool" @http.address.restriction@
78           port="@localhost.port.http@" protocol="HTTP/1.1"
79               connectionTimeout="20000"
80               redirectPort="@https.redirect.port@"
81           compression="on"
82           compressionMinSize="524288"
83           compressableMimeType="text/html,text/xml,text/css,text/xsl,text/javascript"
84           noCompressionUserAgents="gozilla, traviata"
85               URIEncoding="UTF-8"
86           />
87   
88    <!-- Define a SSL/TLS HTTP/1.1 Connector on port @https.redirect.port@
89         This connector uses the NIO implementation. The default
90         SSLImplementation will depend on the presence of the APR/native
91         library and the useOpenSSL attribute of the
92         AprLifecycleListener.
93         Either JSSE or OpenSSL style configuration may be used regardless of
94         the SSLImplementation selected. JSSE style configuration is used below.
95    -->
96    <!--
97    <Connector port="@https.redirect.port@" protocol="org.apache.coyote.http11.Http11NioProtocol"
98               maxThreads="150" SSLEnabled="true">
99        <SSLHostConfig>
100            <Certificate certificateKeystoreFile="conf/localhost-rsa.jks"
101                         type="RSA" />
102        </SSLHostConfig>
103    </Connector>
104    -->
105    <!-- Define a SSL/TLS HTTP/1.1 Connector on port @https.redirect.port@ with HTTP/2
106         This connector uses the APR/native implementation which always uses
107         OpenSSL for TLS.
108         Either JSSE or OpenSSL style configuration may be used. OpenSSL style
109         configuration is used below.
110    -->
111    <!--
112    <Connector port="@https.redirect.port@" protocol="org.apache.coyote.http11.Http11AprProtocol"
113               maxThreads="150" SSLEnabled="true" >
114        <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />
115        <SSLHostConfig>
116            <Certificate certificateKeyFile="conf/localhost-rsa-key.pem"
117                         certificateFile="conf/localhost-rsa-cert.pem"
118                         certificateChainFile="conf/localhost-rsa-chain.pem"
119                         type="RSA" />
120        </SSLHostConfig>
121    </Connector>
122    -->
123    @https.comment.out.start@
124    <Connector port="@tomcat.port.https@" protocol="org.apache.coyote.http11.Http11Protocol"
125            maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
126            keystoreFile="@keystore.file@"
127            keystorePass="@keystore.pass@"
128            clientAuth="false" sslProtocol="TLS"
129        keystoreType="@keystore.type@" />
130    @https.comment.out.end@
131
132    <!-- Define an AJP 1.3 Connector on port @tomcat.ajp.port@ -->
133    <Connector port="@tomcat.ajp.port@" protocol="AJP/1.3" URIEncoding="UTF-8" redirectPort="@https.redirect.port@" />
134
135
136    <!-- An Engine represents the entry point (within Catalina) that processes
137         every request.  The Engine implementation for Tomcat stand alone
138         analyzes the HTTP headers included with the request, and passes them
139         on to the appropriate Host (virtual host).
140         Documentation at /docs/config/engine.html -->
141
142    <!-- You should set jvmRoute to support load-balancing via AJP ie :
143    <Engine name="Catalina" defaultHost="localhost" jvmRoute="jvm1">
144    -->
145    <Engine name="Catalina" defaultHost="localhost">
146
147      <!--For clustering, please take a look at documentation at:
148          /docs/cluster-howto.html  (simple how to)
149          /docs/config/cluster.html (reference documentation) -->
150      <!--
151      <Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/>
152      -->
153
154      <!-- Use the LockOutRealm to prevent attempts to guess user passwords
155           via a brute-force attack -->
156      <Realm className="org.apache.catalina.realm.LockOutRealm">
157        <!-- This Realm uses the UserDatabase configured in the global JNDI
158             resources under the key "UserDatabase".  Any edits
159             that are performed against this UserDatabase are immediately
160             available for use by the Realm.  -->
161        <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
162               resourceName="UserDatabase"/>
163      </Realm>
164
165      <Host name="localhost"  appBase="webapps"
166            unpackWARs="true" autoDeploy="true">
167
168        <!-- SingleSignOn valve, share authentication between web applications
169             Documentation at: /docs/config/valve.html -->
170        <!--
171        <Valve className="org.apache.catalina.authenticator.SingleSignOn" />
172        -->
173
174        <!-- Access log processes all example.
175             Documentation at: /docs/config/valve.html
176             Note: The pattern used is equivalent to using pattern="common" -->
177        <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
178               prefix="localhost_access_log" suffix=".txt"
179               pattern="%h %l %u %t &quot;%r&quot; %s %b" />
180
181      </Host>
182    </Engine>
183  </Service>
184</Server>
Note: See TracBrowser for help on using the browser.