[20080] | 1 | <!-- Example Server Configuration File -->
|
---|
| 2 | <!-- Note that component elements are nested corresponding to their
|
---|
| 3 | parent-child relationships with each other -->
|
---|
| 4 |
|
---|
| 5 | <!-- A "Server" is a singleton element that represents the entire JVM,
|
---|
| 6 | which may contain one or more "Service" instances. The Server
|
---|
| 7 | listens for a shutdown command on the indicated port.
|
---|
| 8 |
|
---|
| 9 | Note: A "Server" is not itself a "Container", so you may not
|
---|
| 10 | define subcomponents such as "Valves" or "Loggers" at this level.
|
---|
| 11 | -->
|
---|
| 12 |
|
---|
| 13 | <Server port="@shutdown-port@" shutdown="SHUTDOWN">
|
---|
| 14 |
|
---|
| 15 | <!-- Comment these entries out to disable JMX MBeans support used for the
|
---|
| 16 | administration web application -->
|
---|
| 17 | <Listener className="org.apache.catalina.core.AprLifecycleListener" />
|
---|
| 18 | <Listener className="org.apache.catalina.mbeans.ServerLifecycleListener" />
|
---|
| 19 | <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
|
---|
| 20 | <Listener className="org.apache.catalina.storeconfig.StoreConfigLifecycleListener"/>
|
---|
| 21 |
|
---|
| 22 | <!-- Global JNDI resources -->
|
---|
| 23 | <GlobalNamingResources>
|
---|
| 24 |
|
---|
| 25 | <!-- Test entry for demonstration purposes -->
|
---|
| 26 | <Environment name="simpleValue" type="java.lang.Integer" value="30"/>
|
---|
| 27 |
|
---|
| 28 | <!-- Editable user database that can also be used by
|
---|
| 29 | UserDatabaseRealm to authenticate users -->
|
---|
| 30 | <Resource name="UserDatabase" auth="Container"
|
---|
| 31 | type="org.apache.catalina.UserDatabase"
|
---|
| 32 | description="User database that can be updated and saved"
|
---|
| 33 | factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
|
---|
| 34 | pathname="conf/tomcat-users.xml" />
|
---|
| 35 |
|
---|
| 36 | </GlobalNamingResources>
|
---|
| 37 |
|
---|
| 38 | <!-- A "Service" is a collection of one or more "Connectors" that share
|
---|
| 39 | a single "Container" (and therefore the web applications visible
|
---|
| 40 | within that Container). Normally, that Container is an "Engine",
|
---|
| 41 | but this is not required.
|
---|
| 42 |
|
---|
| 43 | Note: A "Service" is not itself a "Container", so you may not
|
---|
| 44 | define subcomponents such as "Valves" or "Loggers" at this level.
|
---|
| 45 | -->
|
---|
| 46 |
|
---|
| 47 | <!-- Define the Tomcat Stand-Alone Service -->
|
---|
| 48 | <Service name="Catalina">
|
---|
| 49 |
|
---|
| 50 | <!-- A "Connector" represents an endpoint by which requests are received
|
---|
| 51 | and responses are returned. Each Connector passes requests on to the
|
---|
| 52 | associated "Container" (normally an Engine) for processing.
|
---|
| 53 |
|
---|
| 54 | By default, a non-SSL HTTP/1.1 Connector is established on port 8080.
|
---|
| 55 | You can also enable an SSL HTTP/1.1 Connector on port 8443 by
|
---|
| 56 | following the instructions below and uncommenting the second Connector
|
---|
| 57 | entry. SSL support requires the following steps (see the SSL Config
|
---|
| 58 | HOWTO in the Tomcat 5 documentation bundle for more detailed
|
---|
| 59 | instructions):
|
---|
| 60 | * If your JDK version 1.3 or prior, download and install JSSE 1.0.2 or
|
---|
| 61 | later, and put the JAR files into "$JAVA_HOME/jre/lib/ext".
|
---|
| 62 | * Execute:
|
---|
| 63 | %JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA (Windows)
|
---|
| 64 | $JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA (Unix)
|
---|
| 65 | with a password value of "changeit" for both the certificate and
|
---|
| 66 | the keystore itself.
|
---|
| 67 |
|
---|
| 68 | By default, DNS lookups are enabled when a web application calls
|
---|
| 69 | request.getRemoteHost(). This can have an adverse impact on
|
---|
| 70 | performance, so you can disable it by setting the
|
---|
| 71 | "enableLookups" attribute to "false". When DNS lookups are disabled,
|
---|
| 72 | request.getRemoteHost() will return the String version of the
|
---|
| 73 | IP address of the remote client.
|
---|
| 74 | -->
|
---|
| 75 |
|
---|
| 76 | <!-- Define a non-SSL HTTP/1.1 Connector on port 8080 -->
|
---|
| 77 | <Connector port="@port@" maxHttpHeaderSize="8192"
|
---|
| 78 | maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
|
---|
| 79 | enableLookups="false" redirectPort="8443" acceptCount="100"
|
---|
| 80 | connectionTimeout="20000" disableUploadTimeout="true" URIEncoding="UTF-8"/>
|
---|
| 81 | <!-- Note : To disable connection timeouts, set connectionTimeout value
|
---|
| 82 | to 0 -->
|
---|
| 83 |
|
---|
| 84 | <!-- Note : To use gzip compression you could set the following properties :
|
---|
| 85 |
|
---|
| 86 | compression="on"
|
---|
| 87 | compressionMinSize="2048"
|
---|
| 88 | noCompressionUserAgents="gozilla, traviata"
|
---|
| 89 | compressableMimeType="text/html,text/xml"
|
---|
| 90 | -->
|
---|
| 91 |
|
---|
| 92 | <!-- Define a SSL HTTP/1.1 Connector on port 8443 -->
|
---|
| 93 | <!--
|
---|
| 94 | <Connector port="8443" maxHttpHeaderSize="8192"
|
---|
| 95 | maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
|
---|
| 96 | enableLookups="false" disableUploadTimeout="true"
|
---|
| 97 | acceptCount="100" scheme="https" secure="true"
|
---|
| 98 | clientAuth="false" sslProtocol="TLS" />
|
---|
| 99 | -->
|
---|
| 100 |
|
---|
| 101 | <!-- Define an AJP 1.3 Connector on port 8009 -->
|
---|
| 102 | <Connector port="8009"
|
---|
| 103 | enableLookups="false" redirectPort="8443" protocol="AJP/1.3" />
|
---|
| 104 |
|
---|
| 105 | <!-- Define a Proxied HTTP/1.1 Connector on port 8082 -->
|
---|
| 106 | <!-- See proxy documentation for more information about using this. -->
|
---|
| 107 | <!--
|
---|
| 108 | <Connector port="8082"
|
---|
| 109 | maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
|
---|
| 110 | enableLookups="false" acceptCount="100" connectionTimeout="20000"
|
---|
| 111 | proxyPort="80" disableUploadTimeout="true" />
|
---|
| 112 | -->
|
---|
| 113 |
|
---|
| 114 | <!-- An Engine represents the entry point (within Catalina) that processes
|
---|
| 115 | every request. The Engine implementation for Tomcat stand alone
|
---|
| 116 | analyzes the HTTP headers included with the request, and passes them
|
---|
| 117 | on to the appropriate Host (virtual host). -->
|
---|
| 118 |
|
---|
| 119 | <!-- You should set jvmRoute to support load-balancing via AJP ie :
|
---|
| 120 | <Engine name="Standalone" defaultHost="localhost" jvmRoute="jvm1">
|
---|
| 121 | -->
|
---|
| 122 |
|
---|
| 123 | <!-- Define the top level container in our container hierarchy -->
|
---|
| 124 | <Engine name="Catalina" defaultHost="localhost">
|
---|
| 125 |
|
---|
| 126 | <!-- The request dumper valve dumps useful debugging information about
|
---|
| 127 | the request headers and cookies that were received, and the response
|
---|
| 128 | headers and cookies that were sent, for all requests received by
|
---|
| 129 | this instance of Tomcat. If you care only about requests to a
|
---|
| 130 | particular virtual host, or a particular application, nest this
|
---|
| 131 | element inside the corresponding <Host> or <Context> entry instead.
|
---|
| 132 |
|
---|
| 133 | For a similar mechanism that is portable to all Servlet 2.4
|
---|
| 134 | containers, check out the "RequestDumperFilter" Filter in the
|
---|
| 135 | example application (the source for this filter may be found in
|
---|
| 136 | "$CATALINA_HOME/webapps/examples/WEB-INF/classes/filters").
|
---|
| 137 |
|
---|
| 138 | Request dumping is disabled by default. Uncomment the following
|
---|
| 139 | element to enable it. -->
|
---|
| 140 | <!--
|
---|
| 141 | <Valve className="org.apache.catalina.valves.RequestDumperValve"/>
|
---|
| 142 | -->
|
---|
| 143 |
|
---|
| 144 | <!-- Because this Realm is here, an instance will be shared globally -->
|
---|
| 145 |
|
---|
| 146 | <!-- This Realm uses the UserDatabase configured in the global JNDI
|
---|
| 147 | resources under the key "UserDatabase". Any edits
|
---|
| 148 | that are performed against this UserDatabase are immediately
|
---|
| 149 | available for use by the Realm. -->
|
---|
| 150 | <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
|
---|
| 151 | resourceName="UserDatabase"/>
|
---|
| 152 |
|
---|
| 153 | <!-- Comment out the old realm but leave here for now in case we
|
---|
| 154 | need to go back quickly -->
|
---|
| 155 | <!--
|
---|
| 156 | <Realm className="org.apache.catalina.realm.MemoryRealm" />
|
---|
| 157 | -->
|
---|
| 158 |
|
---|
| 159 | <!-- Replace the above Realm with one of the following to get a Realm
|
---|
| 160 | stored in a database and accessed via JDBC -->
|
---|
| 161 |
|
---|
| 162 | <!--
|
---|
| 163 | <Realm className="org.apache.catalina.realm.JDBCRealm"
|
---|
| 164 | driverName="org.gjt.mm.mysql.Driver"
|
---|
| 165 | connectionURL="jdbc:mysql://localhost/authority"
|
---|
| 166 | connectionName="test" connectionPassword="test"
|
---|
| 167 | userTable="users" userNameCol="user_name" userCredCol="user_pass"
|
---|
| 168 | userRoleTable="user_roles" roleNameCol="role_name" />
|
---|
| 169 | -->
|
---|
| 170 |
|
---|
| 171 | <!--
|
---|
| 172 | <Realm className="org.apache.catalina.realm.JDBCRealm"
|
---|
| 173 | driverName="oracle.jdbc.driver.OracleDriver"
|
---|
| 174 | connectionURL="jdbc:oracle:thin:@ntserver:1521:ORCL"
|
---|
| 175 | connectionName="scott" connectionPassword="tiger"
|
---|
| 176 | userTable="users" userNameCol="user_name" userCredCol="user_pass"
|
---|
| 177 | userRoleTable="user_roles" roleNameCol="role_name" />
|
---|
| 178 | -->
|
---|
| 179 |
|
---|
| 180 | <!--
|
---|
| 181 | <Realm className="org.apache.catalina.realm.JDBCRealm"
|
---|
| 182 | driverName="sun.jdbc.odbc.JdbcOdbcDriver"
|
---|
| 183 | connectionURL="jdbc:odbc:CATALINA"
|
---|
| 184 | userTable="users" userNameCol="user_name" userCredCol="user_pass"
|
---|
| 185 | userRoleTable="user_roles" roleNameCol="role_name" />
|
---|
| 186 | -->
|
---|
| 187 |
|
---|
| 188 | <!-- Define the default virtual host
|
---|
| 189 | Note: XML Schema validation will not work with Xerces 2.2.
|
---|
| 190 | -->
|
---|
| 191 | <Host name="localhost" appBase="webapps"
|
---|
| 192 | unpackWARs="true" autoDeploy="true"
|
---|
| 193 | xmlValidation="false" xmlNamespaceAware="false">
|
---|
| 194 |
|
---|
| 195 | <!-- Defines a cluster for this node,
|
---|
| 196 | By defining this element, means that every manager will be changed.
|
---|
| 197 | So when running a cluster, only make sure that you have webapps in there
|
---|
| 198 | that need to be clustered and remove the other ones.
|
---|
| 199 | A cluster has the following parameters:
|
---|
| 200 |
|
---|
| 201 | className = the fully qualified name of the cluster class
|
---|
| 202 |
|
---|
| 203 | name = a descriptive name for your cluster, can be anything
|
---|
| 204 |
|
---|
| 205 | mcastAddr = the multicast address, has to be the same for all the nodes
|
---|
| 206 |
|
---|
| 207 | mcastPort = the multicast port, has to be the same for all the nodes
|
---|
| 208 |
|
---|
| 209 | mcastBindAddr = bind the multicast socket to a specific address
|
---|
| 210 |
|
---|
| 211 | mcastTTL = the multicast TTL if you want to limit your broadcast
|
---|
| 212 |
|
---|
| 213 | mcastSoTimeout = the multicast readtimeout
|
---|
| 214 |
|
---|
| 215 | mcastFrequency = the number of milliseconds in between sending a "I'm alive" heartbeat
|
---|
| 216 |
|
---|
| 217 | mcastDropTime = the number a milliseconds before a node is considered "dead" if no heartbeat is received
|
---|
| 218 |
|
---|
| 219 | tcpThreadCount = the number of threads to handle incoming replication requests, optimal would be the same amount of threads as nodes
|
---|
| 220 |
|
---|
| 221 | tcpListenAddress = the listen address (bind address) for TCP cluster request on this host,
|
---|
| 222 | in case of multiple ethernet cards.
|
---|
| 223 | auto means that address becomes
|
---|
| 224 | InetAddress.getLocalHost().getHostAddress()
|
---|
| 225 |
|
---|
| 226 | tcpListenPort = the tcp listen port
|
---|
| 227 |
|
---|
| 228 | tcpSelectorTimeout = the timeout (ms) for the Selector.select() method in case the OS
|
---|
| 229 | has a wakup bug in java.nio. Set to 0 for no timeout
|
---|
| 230 |
|
---|
| 231 | printToScreen = true means that managers will also print to std.out
|
---|
| 232 |
|
---|
| 233 | expireSessionsOnShutdown = true means that
|
---|
| 234 |
|
---|
| 235 | useDirtyFlag = true means that we only replicate a session after setAttribute,removeAttribute has been called.
|
---|
| 236 | false means to replicate the session after each request.
|
---|
| 237 | false means that replication would work for the following piece of code: (only for SimpleTcpReplicationManager)
|
---|
| 238 | <%
|
---|
| 239 | HashMap map = (HashMap)session.getAttribute("map");
|
---|
| 240 | map.put("key","value");
|
---|
| 241 | %>
|
---|
| 242 | replicationMode = can be either 'pooled', 'synchronous' or 'asynchronous'.
|
---|
| 243 | * Pooled means that the replication happens using several sockets in a synchronous way. Ie, the data gets replicated, then the request return. This is the same as the 'synchronous' setting except it uses a pool of sockets, hence it is multithreaded. This is the fastest and safest configuration. To use this, also increase the nr of tcp threads that you have dealing with replication.
|
---|
| 244 | * Synchronous means that the thread that executes the request, is also the
|
---|
| 245 | thread the replicates the data to the other nodes, and will not return until all
|
---|
| 246 | nodes have received the information.
|
---|
| 247 | * Asynchronous means that there is a specific 'sender' thread for each cluster node,
|
---|
| 248 | so the request thread will queue the replication request into a "smart" queue,
|
---|
| 249 | and then return to the client.
|
---|
| 250 | The "smart" queue is a queue where when a session is added to the queue, and the same session
|
---|
| 251 | already exists in the queue from a previous request, that session will be replaced
|
---|
| 252 | in the queue instead of replicating two requests. This almost never happens, unless there is a
|
---|
| 253 | large network delay.
|
---|
| 254 | -->
|
---|
| 255 | <!--
|
---|
| 256 | When configuring for clustering, you also add in a valve to catch all the requests
|
---|
| 257 | coming in, at the end of the request, the session may or may not be replicated.
|
---|
| 258 | A session is replicated if and only if all the conditions are met:
|
---|
| 259 | 1. useDirtyFlag is true or setAttribute or removeAttribute has been called AND
|
---|
| 260 | 2. a session exists (has been created)
|
---|
| 261 | 3. the request is not trapped by the "filter" attribute
|
---|
| 262 |
|
---|
| 263 | The filter attribute is to filter out requests that could not modify the session,
|
---|
| 264 | hence we don't replicate the session after the end of this request.
|
---|
| 265 | The filter is negative, ie, anything you put in the filter, you mean to filter out,
|
---|
| 266 | ie, no replication will be done on requests that match one of the filters.
|
---|
| 267 | The filter attribute is delimited by ;, so you can't escape out ; even if you wanted to.
|
---|
| 268 |
|
---|
| 269 | filter=".*\.gif;.*\.js;" means that we will not replicate the session after requests with the URI
|
---|
| 270 | ending with .gif and .js are intercepted.
|
---|
| 271 |
|
---|
| 272 | The deployer element can be used to deploy apps cluster wide.
|
---|
| 273 | Currently the deployment only deploys/undeploys to working members in the cluster
|
---|
| 274 | so no WARs are copied upons startup of a broken node.
|
---|
| 275 | The deployer watches a directory (watchDir) for WAR files when watchEnabled="true"
|
---|
| 276 | When a new war file is added the war gets deployed to the local instance,
|
---|
| 277 | and then deployed to the other instances in the cluster.
|
---|
| 278 | When a war file is deleted from the watchDir the war is undeployed locally
|
---|
| 279 | and cluster wide
|
---|
| 280 | -->
|
---|
| 281 |
|
---|
| 282 | <!--
|
---|
| 283 | <Cluster className="org.apache.catalina.cluster.tcp.SimpleTcpCluster"
|
---|
| 284 | managerClassName="org.apache.catalina.cluster.session.DeltaManager"
|
---|
| 285 | expireSessionsOnShutdown="false"
|
---|
| 286 | useDirtyFlag="true"
|
---|
| 287 | notifyListenersOnReplication="true">
|
---|
| 288 |
|
---|
| 289 | <Membership
|
---|
| 290 | className="org.apache.catalina.cluster.mcast.McastService"
|
---|
| 291 | mcastAddr="228.0.0.4"
|
---|
| 292 | mcastPort="45564"
|
---|
| 293 | mcastFrequency="500"
|
---|
| 294 | mcastDropTime="3000"/>
|
---|
| 295 |
|
---|
| 296 | <Receiver
|
---|
| 297 | className="org.apache.catalina.cluster.tcp.ReplicationListener"
|
---|
| 298 | tcpListenAddress="auto"
|
---|
| 299 | tcpListenPort="4001"
|
---|
| 300 | tcpSelectorTimeout="100"
|
---|
| 301 | tcpThreadCount="6"/>
|
---|
| 302 |
|
---|
| 303 | <Sender
|
---|
| 304 | className="org.apache.catalina.cluster.tcp.ReplicationTransmitter"
|
---|
| 305 | replicationMode="pooled"
|
---|
| 306 | ackTimeout="15000"/>
|
---|
| 307 |
|
---|
| 308 | <Valve className="org.apache.catalina.cluster.tcp.ReplicationValve"
|
---|
| 309 | filter=".*\.gif;.*\.js;.*\.jpg;.*\.png;.*\.htm;.*\.html;.*\.css;.*\.txt;"/>
|
---|
| 310 |
|
---|
| 311 | <Deployer className="org.apache.catalina.cluster.deploy.FarmWarDeployer"
|
---|
| 312 | tempDir="/tmp/war-temp/"
|
---|
| 313 | deployDir="/tmp/war-deploy/"
|
---|
| 314 | watchDir="/tmp/war-listen/"
|
---|
| 315 | watchEnabled="false"/>
|
---|
| 316 |
|
---|
| 317 | <ClusterListener className="org.apache.catalina.cluster.session.ClusterSessionListener"/>
|
---|
| 318 | </Cluster>
|
---|
| 319 | -->
|
---|
| 320 |
|
---|
| 321 |
|
---|
| 322 |
|
---|
| 323 | <!-- Normally, users must authenticate themselves to each web app
|
---|
| 324 | individually. Uncomment the following entry if you would like
|
---|
| 325 | a user to be authenticated the first time they encounter a
|
---|
| 326 | resource protected by a security constraint, and then have that
|
---|
| 327 | user identity maintained across *all* web applications contained
|
---|
| 328 | in this virtual host. -->
|
---|
| 329 | <!--
|
---|
| 330 | <Valve className="org.apache.catalina.authenticator.SingleSignOn" />
|
---|
| 331 | -->
|
---|
| 332 |
|
---|
| 333 | <!-- Access log processes all requests for this virtual host. By
|
---|
| 334 | default, log files are created in the "logs" directory relative to
|
---|
| 335 | $CATALINA_HOME. If you wish, you can specify a different
|
---|
| 336 | directory with the "directory" attribute. Specify either a relative
|
---|
| 337 | (to $CATALINA_HOME) or absolute path to the desired directory.
|
---|
| 338 | -->
|
---|
| 339 | <!--
|
---|
| 340 | <Valve className="org.apache.catalina.valves.AccessLogValve"
|
---|
| 341 | directory="logs" prefix="localhost_access_log." suffix=".txt"
|
---|
| 342 | pattern="common" resolveHosts="false"/>
|
---|
| 343 | -->
|
---|
| 344 |
|
---|
| 345 | <!-- Access log processes all requests for this virtual host. By
|
---|
| 346 | default, log files are created in the "logs" directory relative to
|
---|
| 347 | $CATALINA_HOME. If you wish, you can specify a different
|
---|
| 348 | directory with the "directory" attribute. Specify either a relative
|
---|
| 349 | (to $CATALINA_HOME) or absolute path to the desired directory.
|
---|
| 350 | This access log implementation is optimized for maximum performance,
|
---|
| 351 | but is hardcoded to support only the "common" and "combined" patterns.
|
---|
| 352 | -->
|
---|
| 353 | <!--
|
---|
| 354 | <Valve className="org.apache.catalina.valves.FastCommonAccessLogValve"
|
---|
| 355 | directory="logs" prefix="localhost_access_log." suffix=".txt"
|
---|
| 356 | pattern="common" resolveHosts="false"/>
|
---|
| 357 | -->
|
---|
| 358 | <!-- Access log processes all requests for this virtual host. By
|
---|
| 359 | default, log files are created in the "logs" directory relative to
|
---|
| 360 | $CATALINA_HOME. If you wish, you can specify a different
|
---|
| 361 | directory with the "directory" attribute. Specify either a relative
|
---|
| 362 | (to $CATALINA_HOME) or absolute path to the desired directory.
|
---|
| 363 | This access log implementation is optimized for maximum performance,
|
---|
| 364 | but is hardcoded to support only the "common" and "combined" patterns.
|
---|
| 365 |
|
---|
| 366 | This valve use NIO direct Byte Buffer to asynchornously store the
|
---|
| 367 | log.
|
---|
| 368 | -->
|
---|
| 369 | <!--
|
---|
| 370 | <Valve className="org.apache.catalina.valves.ByteBufferAccessLogValve"
|
---|
| 371 | directory="logs" prefix="localhost_access_log." suffix=".txt"
|
---|
| 372 | pattern="common" resolveHosts="false"/>
|
---|
| 373 | -->
|
---|
| 374 |
|
---|
| 375 | </Host>
|
---|
| 376 |
|
---|
| 377 | </Engine>
|
---|
| 378 |
|
---|
| 379 | </Service>
|
---|
| 380 |
|
---|
| 381 | </Server>
|
---|