1 | <!-- Example Server Configuration File -->
|
---|
2 | <!-- Note that component elements are nested corresponding to their
|
---|
3 | parent-child relationships with each other -->
|
---|
4 |
|
---|
5 | <!-- A "Server" is a singleton element that represents the entire JVM,
|
---|
6 | which may contain one or more "Service" instances. The Server
|
---|
7 | listens for a shutdown command on the indicated port.
|
---|
8 |
|
---|
9 | Note: A "Server" is not itself a "Container", so you may not
|
---|
10 | define subcomponents such as "Valves" or "Loggers" at this level.
|
---|
11 | -->
|
---|
12 |
|
---|
13 | <Server port="@shutdown-port@" shutdown="SHUTDOWN">
|
---|
14 |
|
---|
15 | <!-- Comment these entries out to disable JMX MBeans support used for the
|
---|
16 | administration web application -->
|
---|
17 | <Listener className="org.apache.catalina.core.AprLifecycleListener" />
|
---|
18 | <Listener className="org.apache.catalina.mbeans.ServerLifecycleListener" />
|
---|
19 | <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
|
---|
20 | <Listener className="org.apache.catalina.storeconfig.StoreConfigLifecycleListener"/>
|
---|
21 |
|
---|
22 | <!-- Global JNDI resources -->
|
---|
23 | <GlobalNamingResources>
|
---|
24 |
|
---|
25 | <!-- Test entry for demonstration purposes -->
|
---|
26 | <Environment name="simpleValue" type="java.lang.Integer" value="30"/>
|
---|
27 |
|
---|
28 | <!-- Editable user database that can also be used by
|
---|
29 | UserDatabaseRealm to authenticate users -->
|
---|
30 | <Resource name="UserDatabase" auth="Container"
|
---|
31 | type="org.apache.catalina.UserDatabase"
|
---|
32 | description="User database that can be updated and saved"
|
---|
33 | factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
|
---|
34 | pathname="conf/tomcat-users.xml" />
|
---|
35 |
|
---|
36 | </GlobalNamingResources>
|
---|
37 |
|
---|
38 | <!-- A "Service" is a collection of one or more "Connectors" that share
|
---|
39 | a single "Container" (and therefore the web applications visible
|
---|
40 | within that Container). Normally, that Container is an "Engine",
|
---|
41 | but this is not required.
|
---|
42 |
|
---|
43 | Note: A "Service" is not itself a "Container", so you may not
|
---|
44 | define subcomponents such as "Valves" or "Loggers" at this level.
|
---|
45 | -->
|
---|
46 |
|
---|
47 | <!-- Define the Tomcat Stand-Alone Service -->
|
---|
48 | <Service name="Catalina">
|
---|
49 |
|
---|
50 | <!-- A "Connector" represents an endpoint by which requests are received
|
---|
51 | and responses are returned. Each Connector passes requests on to the
|
---|
52 | associated "Container" (normally an Engine) for processing.
|
---|
53 |
|
---|
54 | By default, a non-SSL HTTP/1.1 Connector is established on port 8080.
|
---|
55 | You can also enable an SSL HTTP/1.1 Connector on port 8443 by
|
---|
56 | following the instructions below and uncommenting the second Connector
|
---|
57 | entry. SSL support requires the following steps (see the SSL Config
|
---|
58 | HOWTO in the Tomcat 5 documentation bundle for more detailed
|
---|
59 | instructions):
|
---|
60 | * If your JDK version 1.3 or prior, download and install JSSE 1.0.2 or
|
---|
61 | later, and put the JAR files into "$JAVA_HOME/jre/lib/ext".
|
---|
62 | * Execute:
|
---|
63 | %JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA (Windows)
|
---|
64 | $JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA (Unix)
|
---|
65 | with a password value of "changeit" for both the certificate and
|
---|
66 | the keystore itself.
|
---|
67 |
|
---|
68 | By default, DNS lookups are enabled when a web application calls
|
---|
69 | request.getRemoteHost(). This can have an adverse impact on
|
---|
70 | performance, so you can disable it by setting the
|
---|
71 | "enableLookups" attribute to "false". When DNS lookups are disabled,
|
---|
72 | request.getRemoteHost() will return the String version of the
|
---|
73 | IP address of the remote client.
|
---|
74 | -->
|
---|
75 |
|
---|
76 | <!-- Define a non-SSL HTTP/1.1 Connector on port 8080 -->
|
---|
77 | <Connector port="@port@" maxHttpHeaderSize="8192"
|
---|
78 | maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
|
---|
79 | enableLookups="false" redirectPort="8443" acceptCount="100"
|
---|
80 | connectionTimeout="20000" disableUploadTimeout="true" URIEncoding="UTF-8"/>
|
---|
81 | <!-- Note : To disable connection timeouts, set connectionTimeout value
|
---|
82 | to 0 -->
|
---|
83 |
|
---|
84 | <!-- Note : To use gzip compression you could set the following properties :
|
---|
85 |
|
---|
86 | compression="on"
|
---|
87 | compressionMinSize="2048"
|
---|
88 | noCompressionUserAgents="gozilla, traviata"
|
---|
89 | compressableMimeType="text/html,text/xml"
|
---|
90 | -->
|
---|
91 |
|
---|
92 | <!-- Define a SSL HTTP/1.1 Connector on port 8443 -->
|
---|
93 | <!--
|
---|
94 | <Connector port="8443" maxHttpHeaderSize="8192"
|
---|
95 | maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
|
---|
96 | enableLookups="false" disableUploadTimeout="true"
|
---|
97 | acceptCount="100" scheme="https" secure="true"
|
---|
98 | clientAuth="false" sslProtocol="TLS" />
|
---|
99 | -->
|
---|
100 |
|
---|
101 | <!-- Define an AJP 1.3 Connector on port 8009 -->
|
---|
102 | <Connector port="8009"
|
---|
103 | enableLookups="false" redirectPort="8443" protocol="AJP/1.3" />
|
---|
104 |
|
---|
105 | <!-- Define a Proxied HTTP/1.1 Connector on port 8082 -->
|
---|
106 | <!-- See proxy documentation for more information about using this. -->
|
---|
107 | <!--
|
---|
108 | <Connector port="8082"
|
---|
109 | maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
|
---|
110 | enableLookups="false" acceptCount="100" connectionTimeout="20000"
|
---|
111 | proxyPort="80" disableUploadTimeout="true" />
|
---|
112 | -->
|
---|
113 |
|
---|
114 | <!-- An Engine represents the entry point (within Catalina) that processes
|
---|
115 | every request. The Engine implementation for Tomcat stand alone
|
---|
116 | analyzes the HTTP headers included with the request, and passes them
|
---|
117 | on to the appropriate Host (virtual host). -->
|
---|
118 |
|
---|
119 | <!-- You should set jvmRoute to support load-balancing via AJP ie :
|
---|
120 | <Engine name="Standalone" defaultHost="localhost" jvmRoute="jvm1">
|
---|
121 | -->
|
---|
122 |
|
---|
123 | <!-- Define the top level container in our container hierarchy -->
|
---|
124 | <Engine name="Catalina" defaultHost="localhost">
|
---|
125 |
|
---|
126 | <!-- The request dumper valve dumps useful debugging information about
|
---|
127 | the request headers and cookies that were received, and the response
|
---|
128 | headers and cookies that were sent, for all requests received by
|
---|
129 | this instance of Tomcat. If you care only about requests to a
|
---|
130 | particular virtual host, or a particular application, nest this
|
---|
131 | element inside the corresponding <Host> or <Context> entry instead.
|
---|
132 |
|
---|
133 | For a similar mechanism that is portable to all Servlet 2.4
|
---|
134 | containers, check out the "RequestDumperFilter" Filter in the
|
---|
135 | example application (the source for this filter may be found in
|
---|
136 | "$CATALINA_HOME/webapps/examples/WEB-INF/classes/filters").
|
---|
137 |
|
---|
138 | Request dumping is disabled by default. Uncomment the following
|
---|
139 | element to enable it. -->
|
---|
140 | <!--
|
---|
141 | <Valve className="org.apache.catalina.valves.RequestDumperValve"/>
|
---|
142 | -->
|
---|
143 |
|
---|
144 | <!-- Because this Realm is here, an instance will be shared globally -->
|
---|
145 |
|
---|
146 | <!-- This Realm uses the UserDatabase configured in the global JNDI
|
---|
147 | resources under the key "UserDatabase". Any edits
|
---|
148 | that are performed against this UserDatabase are immediately
|
---|
149 | available for use by the Realm. -->
|
---|
150 | <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
|
---|
151 | resourceName="UserDatabase"/>
|
---|
152 |
|
---|
153 | <!-- Comment out the old realm but leave here for now in case we
|
---|
154 | need to go back quickly -->
|
---|
155 | <!--
|
---|
156 | <Realm className="org.apache.catalina.realm.MemoryRealm" />
|
---|
157 | -->
|
---|
158 |
|
---|
159 | <!-- Replace the above Realm with one of the following to get a Realm
|
---|
160 | stored in a database and accessed via JDBC -->
|
---|
161 |
|
---|
162 | <!--
|
---|
163 | <Realm className="org.apache.catalina.realm.JDBCRealm"
|
---|
164 | driverName="org.gjt.mm.mysql.Driver"
|
---|
165 | connectionURL="jdbc:mysql://localhost/authority"
|
---|
166 | connectionName="test" connectionPassword="test"
|
---|
167 | userTable="users" userNameCol="user_name" userCredCol="user_pass"
|
---|
168 | userRoleTable="user_roles" roleNameCol="role_name" />
|
---|
169 | -->
|
---|
170 |
|
---|
171 | <!--
|
---|
172 | <Realm className="org.apache.catalina.realm.JDBCRealm"
|
---|
173 | driverName="oracle.jdbc.driver.OracleDriver"
|
---|
174 | connectionURL="jdbc:oracle:thin:@ntserver:1521:ORCL"
|
---|
175 | connectionName="scott" connectionPassword="tiger"
|
---|
176 | userTable="users" userNameCol="user_name" userCredCol="user_pass"
|
---|
177 | userRoleTable="user_roles" roleNameCol="role_name" />
|
---|
178 | -->
|
---|
179 |
|
---|
180 | <!--
|
---|
181 | <Realm className="org.apache.catalina.realm.JDBCRealm"
|
---|
182 | driverName="sun.jdbc.odbc.JdbcOdbcDriver"
|
---|
183 | connectionURL="jdbc:odbc:CATALINA"
|
---|
184 | userTable="users" userNameCol="user_name" userCredCol="user_pass"
|
---|
185 | userRoleTable="user_roles" roleNameCol="role_name" />
|
---|
186 | -->
|
---|
187 |
|
---|
188 | <!-- Define the default virtual host
|
---|
189 | Note: XML Schema validation will not work with Xerces 2.2.
|
---|
190 | -->
|
---|
191 | <Host name="localhost" appBase="webapps"
|
---|
192 | unpackWARs="true" autoDeploy="true"
|
---|
193 | xmlValidation="false" xmlNamespaceAware="false">
|
---|
194 |
|
---|
195 | <!-- Defines a cluster for this node,
|
---|
196 | By defining this element, means that every manager will be changed.
|
---|
197 | So when running a cluster, only make sure that you have webapps in there
|
---|
198 | that need to be clustered and remove the other ones.
|
---|
199 | A cluster has the following parameters:
|
---|
200 |
|
---|
201 | className = the fully qualified name of the cluster class
|
---|
202 |
|
---|
203 | name = a descriptive name for your cluster, can be anything
|
---|
204 |
|
---|
205 | mcastAddr = the multicast address, has to be the same for all the nodes
|
---|
206 |
|
---|
207 | mcastPort = the multicast port, has to be the same for all the nodes
|
---|
208 |
|
---|
209 | mcastBindAddr = bind the multicast socket to a specific address
|
---|
210 |
|
---|
211 | mcastTTL = the multicast TTL if you want to limit your broadcast
|
---|
212 |
|
---|
213 | mcastSoTimeout = the multicast readtimeout
|
---|
214 |
|
---|
215 | mcastFrequency = the number of milliseconds in between sending a "I'm alive" heartbeat
|
---|
216 |
|
---|
217 | mcastDropTime = the number a milliseconds before a node is considered "dead" if no heartbeat is received
|
---|
218 |
|
---|
219 | tcpThreadCount = the number of threads to handle incoming replication requests, optimal would be the same amount of threads as nodes
|
---|
220 |
|
---|
221 | tcpListenAddress = the listen address (bind address) for TCP cluster request on this host,
|
---|
222 | in case of multiple ethernet cards.
|
---|
223 | auto means that address becomes
|
---|
224 | InetAddress.getLocalHost().getHostAddress()
|
---|
225 |
|
---|
226 | tcpListenPort = the tcp listen port
|
---|
227 |
|
---|
228 | tcpSelectorTimeout = the timeout (ms) for the Selector.select() method in case the OS
|
---|
229 | has a wakup bug in java.nio. Set to 0 for no timeout
|
---|
230 |
|
---|
231 | printToScreen = true means that managers will also print to std.out
|
---|
232 |
|
---|
233 | expireSessionsOnShutdown = true means that
|
---|
234 |
|
---|
235 | useDirtyFlag = true means that we only replicate a session after setAttribute,removeAttribute has been called.
|
---|
236 | false means to replicate the session after each request.
|
---|
237 | false means that replication would work for the following piece of code: (only for SimpleTcpReplicationManager)
|
---|
238 | <%
|
---|
239 | HashMap map = (HashMap)session.getAttribute("map");
|
---|
240 | map.put("key","value");
|
---|
241 | %>
|
---|
242 | replicationMode = can be either 'pooled', 'synchronous' or 'asynchronous'.
|
---|
243 | * Pooled means that the replication happens using several sockets in a synchronous way. Ie, the data gets replicated, then the request return. This is the same as the 'synchronous' setting except it uses a pool of sockets, hence it is multithreaded. This is the fastest and safest configuration. To use this, also increase the nr of tcp threads that you have dealing with replication.
|
---|
244 | * Synchronous means that the thread that executes the request, is also the
|
---|
245 | thread the replicates the data to the other nodes, and will not return until all
|
---|
246 | nodes have received the information.
|
---|
247 | * Asynchronous means that there is a specific 'sender' thread for each cluster node,
|
---|
248 | so the request thread will queue the replication request into a "smart" queue,
|
---|
249 | and then return to the client.
|
---|
250 | The "smart" queue is a queue where when a session is added to the queue, and the same session
|
---|
251 | already exists in the queue from a previous request, that session will be replaced
|
---|
252 | in the queue instead of replicating two requests. This almost never happens, unless there is a
|
---|
253 | large network delay.
|
---|
254 | -->
|
---|
255 | <!--
|
---|
256 | When configuring for clustering, you also add in a valve to catch all the requests
|
---|
257 | coming in, at the end of the request, the session may or may not be replicated.
|
---|
258 | A session is replicated if and only if all the conditions are met:
|
---|
259 | 1. useDirtyFlag is true or setAttribute or removeAttribute has been called AND
|
---|
260 | 2. a session exists (has been created)
|
---|
261 | 3. the request is not trapped by the "filter" attribute
|
---|
262 |
|
---|
263 | The filter attribute is to filter out requests that could not modify the session,
|
---|
264 | hence we don't replicate the session after the end of this request.
|
---|
265 | The filter is negative, ie, anything you put in the filter, you mean to filter out,
|
---|
266 | ie, no replication will be done on requests that match one of the filters.
|
---|
267 | The filter attribute is delimited by ;, so you can't escape out ; even if you wanted to.
|
---|
268 |
|
---|
269 | filter=".*\.gif;.*\.js;" means that we will not replicate the session after requests with the URI
|
---|
270 | ending with .gif and .js are intercepted.
|
---|
271 |
|
---|
272 | The deployer element can be used to deploy apps cluster wide.
|
---|
273 | Currently the deployment only deploys/undeploys to working members in the cluster
|
---|
274 | so no WARs are copied upons startup of a broken node.
|
---|
275 | The deployer watches a directory (watchDir) for WAR files when watchEnabled="true"
|
---|
276 | When a new war file is added the war gets deployed to the local instance,
|
---|
277 | and then deployed to the other instances in the cluster.
|
---|
278 | When a war file is deleted from the watchDir the war is undeployed locally
|
---|
279 | and cluster wide
|
---|
280 | -->
|
---|
281 |
|
---|
282 | <!--
|
---|
283 | <Cluster className="org.apache.catalina.cluster.tcp.SimpleTcpCluster"
|
---|
284 | managerClassName="org.apache.catalina.cluster.session.DeltaManager"
|
---|
285 | expireSessionsOnShutdown="false"
|
---|
286 | useDirtyFlag="true"
|
---|
287 | notifyListenersOnReplication="true">
|
---|
288 |
|
---|
289 | <Membership
|
---|
290 | className="org.apache.catalina.cluster.mcast.McastService"
|
---|
291 | mcastAddr="228.0.0.4"
|
---|
292 | mcastPort="45564"
|
---|
293 | mcastFrequency="500"
|
---|
294 | mcastDropTime="3000"/>
|
---|
295 |
|
---|
296 | <Receiver
|
---|
297 | className="org.apache.catalina.cluster.tcp.ReplicationListener"
|
---|
298 | tcpListenAddress="auto"
|
---|
299 | tcpListenPort="4001"
|
---|
300 | tcpSelectorTimeout="100"
|
---|
301 | tcpThreadCount="6"/>
|
---|
302 |
|
---|
303 | <Sender
|
---|
304 | className="org.apache.catalina.cluster.tcp.ReplicationTransmitter"
|
---|
305 | replicationMode="pooled"
|
---|
306 | ackTimeout="15000"/>
|
---|
307 |
|
---|
308 | <Valve className="org.apache.catalina.cluster.tcp.ReplicationValve"
|
---|
309 | filter=".*\.gif;.*\.js;.*\.jpg;.*\.png;.*\.htm;.*\.html;.*\.css;.*\.txt;"/>
|
---|
310 |
|
---|
311 | <Deployer className="org.apache.catalina.cluster.deploy.FarmWarDeployer"
|
---|
312 | tempDir="/tmp/war-temp/"
|
---|
313 | deployDir="/tmp/war-deploy/"
|
---|
314 | watchDir="/tmp/war-listen/"
|
---|
315 | watchEnabled="false"/>
|
---|
316 |
|
---|
317 | <ClusterListener className="org.apache.catalina.cluster.session.ClusterSessionListener"/>
|
---|
318 | </Cluster>
|
---|
319 | -->
|
---|
320 |
|
---|
321 |
|
---|
322 |
|
---|
323 | <!-- Normally, users must authenticate themselves to each web app
|
---|
324 | individually. Uncomment the following entry if you would like
|
---|
325 | a user to be authenticated the first time they encounter a
|
---|
326 | resource protected by a security constraint, and then have that
|
---|
327 | user identity maintained across *all* web applications contained
|
---|
328 | in this virtual host. -->
|
---|
329 | <!--
|
---|
330 | <Valve className="org.apache.catalina.authenticator.SingleSignOn" />
|
---|
331 | -->
|
---|
332 |
|
---|
333 | <!-- Access log processes all requests for this virtual host. By
|
---|
334 | default, log files are created in the "logs" directory relative to
|
---|
335 | $CATALINA_HOME. If you wish, you can specify a different
|
---|
336 | directory with the "directory" attribute. Specify either a relative
|
---|
337 | (to $CATALINA_HOME) or absolute path to the desired directory.
|
---|
338 | -->
|
---|
339 | <!--
|
---|
340 | <Valve className="org.apache.catalina.valves.AccessLogValve"
|
---|
341 | directory="logs" prefix="localhost_access_log." suffix=".txt"
|
---|
342 | pattern="common" resolveHosts="false"/>
|
---|
343 | -->
|
---|
344 |
|
---|
345 | <!-- Access log processes all requests for this virtual host. By
|
---|
346 | default, log files are created in the "logs" directory relative to
|
---|
347 | $CATALINA_HOME. If you wish, you can specify a different
|
---|
348 | directory with the "directory" attribute. Specify either a relative
|
---|
349 | (to $CATALINA_HOME) or absolute path to the desired directory.
|
---|
350 | This access log implementation is optimized for maximum performance,
|
---|
351 | but is hardcoded to support only the "common" and "combined" patterns.
|
---|
352 | -->
|
---|
353 | <!--
|
---|
354 | <Valve className="org.apache.catalina.valves.FastCommonAccessLogValve"
|
---|
355 | directory="logs" prefix="localhost_access_log." suffix=".txt"
|
---|
356 | pattern="common" resolveHosts="false"/>
|
---|
357 | -->
|
---|
358 | <!-- Access log processes all requests for this virtual host. By
|
---|
359 | default, log files are created in the "logs" directory relative to
|
---|
360 | $CATALINA_HOME. If you wish, you can specify a different
|
---|
361 | directory with the "directory" attribute. Specify either a relative
|
---|
362 | (to $CATALINA_HOME) or absolute path to the desired directory.
|
---|
363 | This access log implementation is optimized for maximum performance,
|
---|
364 | but is hardcoded to support only the "common" and "combined" patterns.
|
---|
365 |
|
---|
366 | This valve use NIO direct Byte Buffer to asynchornously store the
|
---|
367 | log.
|
---|
368 | -->
|
---|
369 | <!--
|
---|
370 | <Valve className="org.apache.catalina.valves.ByteBufferAccessLogValve"
|
---|
371 | directory="logs" prefix="localhost_access_log." suffix=".txt"
|
---|
372 | pattern="common" resolveHosts="false"/>
|
---|
373 | -->
|
---|
374 |
|
---|
375 | </Host>
|
---|
376 |
|
---|
377 | </Engine>
|
---|
378 |
|
---|
379 | </Service>
|
---|
380 |
|
---|
381 | </Server>
|
---|