Tomcat User6 wrote:
hi,
I am having a problem in configuring the <VirtualHost></VirtualHost> tab in
httpd.cong file fro apache web server. I have my application deployed on
Tomcat 6.0 server with below configuration in server.xml.
<Host name="forum.dev.abc.com"
appBase="/usr/local/apache-tomcat-6.0.16/webapps"
unpackWARs="true" autoDeploy="true"
xmlValidation="false" xmlNamespaceAware="false">
<Valve className="org.apache.catalina.valves.AccessLogValve"
directory="logs"
prefix="local_roller_access_log."
suffix=".txt"
pattern="common"
resolveHosts="false"/></Host>
The application is deployed at Tomcat's webapps directory
"/usr/local/apache-tomcat-6.0.16/webapps" under roller directory.
My website uses the apache server so first when I typed
"http://forum.dev.abc.com/roller/"; on web browser the action will go to
Tomcat server to run application. Each request is made on apache server and
and requested to tomcat server.
My apache server's httpd.conf file's configuration is as below:
# NameVirtualHost forum.dev.abc.com:80
<VirtualHost forum.dev.abc.com:80>
ServerName forum.dev.abc.com
ServerAlias forum.dev.abc.com
DocumentRoot /usr/local/apache-tomcat-6.0.16/webapps
DirectoryIndex index.jsp
ErrorLog logs/forum_error_log
<Directory / >
Options FollowSymLinks
AllowOverride all
Order allow,deny
Allow from all
</Directory>
JkMount /*.jsp wrkr
JkMount /*.do wrkr
JkMount /*.action wrkr
</VirtualHost>
my problem is when I typed at browser as
"http://forum.dev.abc.com:8080/roller/"; then as it is running on Tomcat it
works fine. each and every actions and links are working fine. but when I
typed in "http://forum.dev.abc.com:80/roller/"; or
"http://forum.dev.abc.com/roller/"; at browser then as it is running on
apache server and redirecting all requests to tomcat
No, it is probably not.
Because the DocumentRoot of Apache is (also)
/usr/local/apache-tomcat-6.0.16/webapps
it is probably Apache which is going to serve your first index page, not
Tomcat.
the links are not
working. The first page loaded same for both the requests
No, they are probably not being loaded in the same way.
When you enter
http://forum.dev.abc.com:8080/roller/
it is Tomcat that serves the index page, according to the logic of the
webapp.
But when you enter
http://forum.dev.abc.com/roller/
then it is Apache serving the index page, and it completely bypasses
Tomcat (and the jsp processing, and the Tomcat security).
but links on first
page is not working on apache server i.e. working on tomcat server.
I am pretty much sure that its a problem with configuration with httpd.conf
file for <VirtualHost></VirtualHost>. If you help me out with this, this
will be a great help.
I believe there are a couple of mistakes in your configuration above.
First, because your DocumentRoot is set to the the top of the webapps
directory of Tomcat, it means that all your webapp configuration files
are visible to the world.
Try for example :
http://forum.dev.abc.com/roller/WEB-INF
or
http://forum.dev.abc.com/roller/WEB-INF/web.xml
I would redo this as follows :
1) create a new, empty directory /var/www/forum-dev/docs, and give it
r+x permissions for the user:group which is used to run Apache.
(www-data ?).
2) httpd.conf :
...
NameVirtualHost *:80
<VirtualHost *:80>
ServerName forum.dev.abc.com
# (Note : the ServerAlias is totally redundant, unless it is
# different from the ServerName
DocumentRoot /var/www/forum-dev/docs
ErrorLog logs/forum_error_log
DirectoryIndex index.jsp index.html
# Protect your system's root directory !!
<Directory / >
Options None
AllowOverride None
Order allow,deny
Deny from all
</Directory>
# This is now the Apache DocumentRoot
<Directory /var/www/forum-dev/docs >
Options FollowSymLinks
#AllowOverride All # are you sure ?
Order allow,deny
Allow from all
</Directory>
<Location /roller>
SetHandler jakarta-servlet
#SetEnvIf REQUEST_URI "\.(css|gif|jpg|js|html?)$" no-jk
</Location>
</VirtualHost>
Some differences :
1) <Directory /> means your system disk's root directory. You don't want
to give access to everyone to that one (and everything below it), do you ?
2) <Directory /var/www/forum-dev/docs>
That is now the top directory that users can (possibly) see.
You can put everything you want them to see under there (in
sub-directories if you want), and it will be served directly by Apache.
(Except if it is in a <Location> like /roller).
3) <Location /roller> section :
For all URLs that start with "/roller", Apache will pass this to mod_jk,
and mod_jk to Tomcat.
An alternative way to write this would be :
<Location /roller>
JkMount *.jsp wrkr
JkMount *.do wrkr
JkMount *.action wrkr
#JkUnMount *.css
#JkUnMount *.gif
#JkUnMount *.jpg
....
</Location>
or (no <Location /roller>)
JkMount /roller wrkr
JkMount /roller/* wrkr
4) Tomcat will always refuse to serve anything that is in a "WEB-INF"
directory (but Apache does not care). Because the only place where
there is a WEB-INF directory is under /roller, and everything under
/roller goes through Tomcat, now /roller/WEB-INF/* is safe.
5) Because there is no directory /var/www/forum-dev/docs/roller,
any URL starting with /roller must be either served by Tomcat, or else
it will give a "Not Found" error.
That is more secure than your previous configuration.
Of course, the above is not tested. So save your current http
configuration first. ;-)
André
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
