tomcat 6 « Intelligrape Groovy & Grails Blogs

Posts Tagged ‘ tomcat 6 ’

How to configure SSL on Tomcat server and run Grails/Java application on HTTPS

Posted by on June 29th, 2012

To run your Java/Grails application on SSL, firstly you need to configure the Tomcat server.

Here in this example I will show how to configure Tomcat instance and run Grails/Java application.

For SSL/HTTPS:

  1. We need .keystore file. You can generate it by using command“keytool -genkey”. Run this command on linux terminal or window cmd, follow the instructions. Fill the desire information and it will generate the .keystore file on following path: Linux: /home/[user]/.keystore file Window: /Documents and Settings/[user]/.keystore
  2. One thing you would have to remember is the password that is used while generating the .keystore file because this password will be used in configuring Tomcat server instance
  3. After the generation of .keystore file, copy .keystore file to webapp of tomcat directory.
  4. Then open server.xml of Tomcat from conf/server.xml and uncomment ssl port connector which is like

<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
               maxThreads="150"  scheme="https" secure="true"
               clientAuth="false" sslProtocol="TLS" keystoreFile="webapps/.keystore"
keystorePass="password-of-.keystore-file" />

Add following line keystoreFile=”webapps/.keystore” & keystorePass=”password-of-.keystore-file

Here keystoreFile is the location of .keystore file, and keystorePass is the password which initially used for creating .keystore file.


5. Now SSL has been configured on Tomcat

6. Now configure your web application as SSL enabled. If you are working on Java application,  add the following lines in web.xml file of your web-application

<security-constraint>
		<web-resource-collection>
			<http-method>GET</http-method>
			<http-method>POST</http-method>
			<url-pattern>/*</url-pattern>
		</web-resource-collection>

  		<user-data-constraint>
      		<transport-guarantee>CONFIDENTIAL</transport-guarantee>
   		 </user-data-constraint>
  	</security-constraint>

If you are working on grails application,you need to run following command to generate the web.xml file because grails framework does not contain any web.xml file and web.xml file automatically generated when you are creating war file

Run following command to get web.xml file in your grails application


grails install-templates


web.xml file will be generated on the following location of your grails application /src/templates/war/web.xml

Then add above mentioned snippet in web.xml, create the war file and deploy on tomcat server. Now your application will successfully run on SSL. You can access your application using following url: https://localhost:8443/<application-name>


Reference:-

http://www.intelligrape.com/blog/2012/05/31/set-up-ssl-communication-between-two-server-using-keytool-command/

http://www.intelligrape.com/blog/2012/06/01/how-to-set-up-ssl-certificates-on-your-server/

http://java.dzone.com/articles/setting-ssl-tomcat-5-minutes


Mohit Garg

mohit@intelligrape.com

    If you are working on grails application,you need to run following command to generate the web.xml file because grails framework does not contain any web.xml file and web.xml file automatically generated when you are creating war file

    Run following command to get web.xml file in your grails application

grails install-templates

    web.xml file generated on following location of your grails application /src/templates/war/web.xml

    Then add above mention snipplet in web.xml, create the war file and deploy on tomcat server.

    Now your application will successfully run on SSL

Access your application using following url’s:

https://localhost:8443/application-name

Reference:- http://java.dzone.com/articles/setting-ssl-tomcat-5-minutes

Thanks & Regards,
Mohit Garg
mohit@intelligrape.com
@gargmohit143

Tags: , , , ,
Posted in Grails
3 Comments »

Tomcat 6 in-memory session replication

Posted by on July 22nd, 2010

Hi All,

Here are the few basic steps that you need to follow in order to achieve the in-memory session replication between two or more Tomcat 6 instances.

This blog refers the Apache Tomcat documentation as found here: http://tomcat.apache.org/tomcat-6.0-doc/cluster-howto.html.
The Tomcat documentation provides more detailed explanation of the Clustering concepts as well as the definition of tags, attributes etc. used in server.xml file.

Step 1: Include the <distributable> tag in web.xml file i.e. you can simple write the following line in your deployment descriptor(i.e. web.xml):

 <distributable />

Please read the following link to know more about this tag: http://wiki.metawerx.net/wiki/Web.xml.Distributable

Step 2: Add the following lines of XML in the server.xml file inside the <Engine> element/tag:

<Engine name="Catalina" defaultHost="localhost">
      <Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"
            channelSendOptions="8">
                     <Manager className="org.apache.catalina.ha.session.DeltaManager"
                      expireSessionsOnShutdown="false" notifyListenersOnReplication="true"/>
                     <Channel className="org.apache.catalina.tribes.group.GroupChannel"> 
                               <Membership className="org.apache.catalina.tribes.membership.McastService" 
                               address="228.0.0.4" port="45564" frequency="500" dropTime="3000"/> 
                              <Receiver className="org.apache.catalina.tribes.transport.nio.NioReceiver" 
                                 address="auto" port="4000" autoBind="100" selectorTimeout="5000" maxThreads="6"/>
                               <Sender className="org.apache.catalina.tribes.transport.ReplicationTransmitter"> 
                                             <Transport className="org.apache.catalina.tribes.transport.nio.PooledParallelSender"/> 
                                </Sender>
                      <Interceptor className="org.apache.catalina.tribes.group.interceptors.TcpFailureDetector"/>
                      <Interceptor className="org.apache.catalina.tribes.group.interceptors.MessageDispatch15Interceptor"/>
                  </Channel>
           <Valve className="org.apache.catalina.ha.tcp.ReplicationValve" filter=""/> 
          <Valve className="org.apache.catalina.ha.session.JvmRouteBinderValve"/> 
          <Deployer className="org.apache.catalina.ha.deploy.FarmWarDeployer" 
                   tempDir="/tmp/war-temp/" deployDir="/tmp/war-deploy/" watchDir="/tmp/war-listen/"
                   watchEnabled="false"/> 
                   <ClusterListener className="org.apache.catalina.ha.session.JvmRouteSessionIDBinderListener"/>
                  <ClusterListener className="org.apache.catalina.ha.session.ClusterSessionListener"/>
     </Cluster>
 .
 .
 .
 .
 </Engine>

Please note that there might be some other elements such as <Host>, <Realm> etc. inside the <Engine> element. Also, for each tomcat instance the value defined for the ‘port’ attribute of the <Receiver> tag must be unique.

And, that’s all. You now have a basic session-replication in place. Your sessions are replicated amongst all the tomcat instances which are part of your cluster.

NOTE: Please make sure if you make any changes to the “context.xml” file, you have to delete the following xml file located in the <TOMCAT_HOME>/conf/Catalina/localhost/{yourAppName}.xml. If you don’t delete this file, then your changes will be ignored and the settings defined in this file will take effect.

Cheers!!!

Abhishek Tejpaul
abhishek@intelligrape.com
[Intelligrape Software Pvt. Ltd.]

Tags: , , , , ,
Posted in System
4 Comments »