184 lines
8.2 KiB
XML
184 lines
8.2 KiB
XML
<!-- CASA ATS Server Configuration File -->
|
|
|
|
<!-- A "Server" is a singleton element that represents the entire JVM,
|
|
which may contain one or more "Service" instances. The Server
|
|
listens for a shutdown command on the indicated port.
|
|
|
|
Note: A "Server" is not itself a "Container", so you may not
|
|
define subcomponents such as "Valves" or "Loggers" at this level.
|
|
-->
|
|
|
|
<Server port="8585" shutdown="SHUTDOWN" debug="0">
|
|
|
|
|
|
<!-- Global JNDI resources -->
|
|
<GlobalNamingResources>
|
|
|
|
<!-- Test entry for demonstration purposes -->
|
|
<Environment name="simpleValue" type="java.lang.Integer" value="30"/>
|
|
|
|
<!-- Editable user database that can also be used by
|
|
UserDatabaseRealm to authenticate users -->
|
|
<Resource name="UserDatabase" auth="Container"
|
|
type="org.apache.catalina.UserDatabase"
|
|
description="User database that can be updated and saved">
|
|
</Resource>
|
|
<ResourceParams name="UserDatabase">
|
|
<parameter>
|
|
<name>factory</name>
|
|
<value>org.apache.catalina.users.MemoryUserDatabaseFactory</value>
|
|
</parameter>
|
|
<parameter>
|
|
<name>pathname</name>
|
|
<value>conf/tomcat-users.xml</value>
|
|
</parameter>
|
|
</ResourceParams>
|
|
|
|
</GlobalNamingResources>
|
|
|
|
<!-- A "Service" is a collection of one or more "Connectors" that share
|
|
a single "Container" (and therefore the web applications visible
|
|
within that Container). Normally, that Container is an "Engine",
|
|
but this is not required.
|
|
|
|
Note: A "Service" is not itself a "Container", so you may not
|
|
define subcomponents such as "Valves" or "Loggers" at this level.
|
|
-->
|
|
|
|
<!-- Define the Tomcat Stand-Alone Service -->
|
|
<Service name="Catalina">
|
|
|
|
<!-- A "Connector" represents an endpoint by which requests are received
|
|
and responses are returned. Each Connector passes requests on to the
|
|
associated "Container" (normally an Engine) for processing.
|
|
|
|
By default, a non-SSL HTTP/1.1 Connector is established on port 8080.
|
|
You can also enable an SSL HTTP/1.1 Connector on port 8443 by
|
|
following the instructions below and uncommenting the second Connector
|
|
entry. SSL support requires the following steps (see the SSL Config
|
|
HOWTO in the Tomcat 5 documentation bundle for more detailed
|
|
instructions):
|
|
* If your JDK version 1.3 or prior, download and install JSSE 1.0.2 or
|
|
later, and put the JAR files into "$JAVA_HOME/jre/lib/ext".
|
|
* Execute:
|
|
%JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA (Windows)
|
|
$JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA (Unix)
|
|
with a password value of "changeit" for both the certificate and
|
|
the keystore itself.
|
|
|
|
By default, DNS lookups are enabled when a web application calls
|
|
request.getRemoteHost(). This can have an adverse impact on
|
|
performance, so you can disable it by setting the
|
|
"enableLookups" attribute to "false". When DNS lookups are disabled,
|
|
request.getRemoteHost() will return the String version of the
|
|
IP address of the remote client.
|
|
-->
|
|
|
|
<!-- Note : To disable connection timeouts, set connectionTimeout value
|
|
to 0 -->
|
|
|
|
<!-- Important Note : The ATS uses configuration tools to enable and disable connectors.
|
|
These tools expect that the connectors be surrounded by comments containing
|
|
XX_CONNECTOR_YYY or XXX_CONNECTOR_COMMENT_YYY where XXX refers
|
|
to the type of connector (SSL or AJP) and YYY refers to either BEGIN or END. Please
|
|
do not modify these comments to avoid conflicting with the configuration tools. -->
|
|
|
|
<!-- Define a SSL Coyote HTTP/1.1 Connector on port 2645 -->
|
|
<!-- SSL_CONNECTOR_BEGIN -->
|
|
<Connector port="2645"
|
|
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
|
|
enableLookups="false" disableUploadTimeout="true"
|
|
maxPostSize="16384" connectionTimeout="10000"
|
|
acceptCount="100" debug="0" scheme="https" secure="true"
|
|
clientAuth="false" sslProtocol="TLS"
|
|
keystoreFile="/etc/CASA/authtoken/keys/server/jks-store"
|
|
keystorePass="secret" algorithm="SunX509" />
|
|
<!-- SSL_CONNECTOR_END -->
|
|
|
|
<!-- Define an AJP Connector -->
|
|
<!-- AJP_CONNECTOR_BEGIN -->
|
|
<Connector enableLookups="false" port="9595" protocol="AJP/1.3"/>
|
|
<!-- AJP_CONNECTOR_END -->
|
|
|
|
<!-- An Engine represents the entry point (within Catalina) that processes
|
|
every request. The Engine implementation for Tomcat stand alone
|
|
analyzes the HTTP headers included with the request, and passes them
|
|
on to the appropriate Host (virtual host). -->
|
|
|
|
<!-- You should set jvmRoute to support load-balancing via JK/JK2 ie :
|
|
<Engine name="Standalone" defaultHost="localhost" debug="0" jvmRoute="jvm1">
|
|
-->
|
|
|
|
<!-- Define the top level container in our container hierarchy -->
|
|
<Engine name="Catalina" defaultHost="localhost" debug="0">
|
|
|
|
<!-- The request dumper valve dumps useful debugging information about
|
|
the request headers and cookies that were received, and the response
|
|
headers and cookies that were sent, for all requests received by
|
|
this instance of Tomcat. If you care only about requests to a
|
|
particular virtual host, or a particular application, nest this
|
|
element inside the corresponding <Host> or <Context> entry instead.
|
|
|
|
For a similar mechanism that is portable to all Servlet 2.4
|
|
containers, check out the "RequestDumperFilter" Filter in the
|
|
example application (the source for this filter may be found in
|
|
"$CATALINA_HOME/webapps/examples/WEB-INF/classes/filters").
|
|
|
|
Request dumping is disabled by default. Uncomment the following
|
|
element to enable it. -->
|
|
<!--
|
|
<Valve className="org.apache.catalina.valves.RequestDumperValve"/>
|
|
-->
|
|
|
|
<!-- Global logger unless overridden at lower levels -->
|
|
<Logger className="org.apache.catalina.logger.FileLogger"
|
|
prefix="catalina_log" suffix=".txt"
|
|
timestamp="false"/>
|
|
|
|
<!-- Because this Realm is here, an instance will be shared globally -->
|
|
|
|
<!-- This Realm uses the UserDatabase configured in the global JNDI
|
|
resources under the key "UserDatabase". Any edits
|
|
that are performed against this UserDatabase are immediately
|
|
available for use by the Realm. -->
|
|
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
|
|
debug="0" resourceName="UserDatabase"/>
|
|
|
|
<!-- Define the default virtual host
|
|
Note: XML Schema validation will not work with Xerces 2.2.
|
|
-->
|
|
<Host name="localhost" debug="0" appBase="webapps"
|
|
unpackWARs="true" autoDeploy="true"
|
|
xmlValidation="false" xmlNamespaceAware="false">
|
|
|
|
<!-- Access log processes all requests for this virtual host. By
|
|
default, log files are created in the "logs" directory relative to
|
|
$CATALINA_HOME. If you wish, you can specify a different
|
|
directory with the "directory" attribute. Specify either a relative
|
|
(to $CATALINA_HOME) or absolute path to the desired directory.
|
|
-->
|
|
<!--
|
|
<Valve className="org.apache.catalina.valves.AccessLogValve"
|
|
directory="logs" prefix="localhost_access_log." suffix=".txt"
|
|
pattern="common" resolveHosts="false"/>
|
|
-->
|
|
|
|
<!-- Logger shared by all Contexts related to this virtual host. By
|
|
default (when using FileLogger), log files are created in the "logs"
|
|
directory relative to $CATALINA_HOME. If you wish, you can specify
|
|
a different directory with the "directory" attribute. Specify either a
|
|
relative (to $CATALINA_HOME) or absolute path to the desired
|
|
directory.-->
|
|
<Logger className="org.apache.catalina.logger.FileLogger"
|
|
directory="logs" prefix="localhost_log" suffix=".txt"
|
|
timestamp="false"/>
|
|
|
|
</Host>
|
|
|
|
</Engine>
|
|
|
|
</Service>
|
|
|
|
</Server>
|
|
|