165 lines
7.9 KiB
XML
165 lines
7.9 KiB
XML
<!-- CASA ATS Server Configuration File -->
|
|
<!-- Note that component elements are nested corresponding to their
|
|
parent-child relationships with each other -->
|
|
<!-- A "Server" is a singleton element that represents the entire JVM,
|
|
which may contain one or more "Service" instances. The Server
|
|
listens for a shutdown command on the indicated port.
|
|
|
|
Note: A "Server" is not itself a "Container", so you may not
|
|
define subcomponents such as "Valves" or "Loggers" at this level.
|
|
-->
|
|
<Server port="8585" shutdown="SHUTDOWN">
|
|
|
|
|
|
<!-- Global JNDI resources -->
|
|
<GlobalNamingResources>
|
|
|
|
<!-- Test entry for demonstration purposes -->
|
|
<Environment name="simpleValue" type="java.lang.Integer" value="30"/>
|
|
|
|
<!-- Editable user database that can also be used by
|
|
UserDatabaseRealm to authenticate users -->
|
|
<Resource name="UserDatabase" auth="Container" type="org.apache.catalina.UserDatabase" description="User database that can be updated and saved" factory="org.apache.catalina.users.MemoryUserDatabaseFactory" pathname="conf/tomcat-users.xml"/>
|
|
|
|
</GlobalNamingResources>
|
|
|
|
<!-- A "Service" is a collection of one or more "Connectors" that share
|
|
a single "Container" (and therefore the web applications visible
|
|
within that Container). Normally, that Container is an "Engine",
|
|
but this is not required.
|
|
|
|
Note: A "Service" is not itself a "Container", so you may not
|
|
define subcomponents such as "Valves" or "Loggers" at this level.
|
|
-->
|
|
|
|
<!-- Define the Tomcat Stand-Alone Service -->
|
|
<Service name="Catalina">
|
|
|
|
<!-- A "Connector" represents an endpoint by which requests are received
|
|
and responses are returned. Each Connector passes requests on to the
|
|
associated "Container" (normally an Engine) for processing.
|
|
|
|
By default, a non-SSL HTTP/1.1 Connector is established on port 8080.
|
|
You can also enable an SSL HTTP/1.1 Connector on port 8443 by
|
|
following the instructions below and uncommenting the second Connector
|
|
entry. SSL support requires the following steps (see the SSL Config
|
|
HOWTO in the Tomcat 5 documentation bundle for more detailed
|
|
instructions):
|
|
* If your JDK version 1.3 or prior, download and install JSSE 1.0.2 or
|
|
later, and put the JAR files into "$JAVA_HOME/jre/lib/ext".
|
|
* Execute:
|
|
%JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA (Windows)
|
|
$JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA (Unix)
|
|
with a password value of "changeit" for both the certificate and
|
|
the keystore itself.
|
|
|
|
By default, DNS lookups are enabled when a web application calls
|
|
request.getRemoteHost(). This can have an adverse impact on
|
|
performance, so you can disable it by setting the
|
|
"enableLookups" attribute to "false". When DNS lookups are disabled,
|
|
request.getRemoteHost() will return the String version of the
|
|
IP address of the remote client.
|
|
-->
|
|
|
|
|
|
<!-- Note : To use gzip compression you could set the following properties :
|
|
|
|
compression="on"
|
|
compressionMinSize="2048"
|
|
noCompressionUserAgents="gozilla, traviata"
|
|
compressableMimeType="text/html,text/xml"
|
|
-->
|
|
|
|
<!-- Important Note : The ATS uses configuration tools to enable and disable connectors.
|
|
These tools expect that the connectors be surrounded by comments containing
|
|
XX_CONNECTOR_YYY or XXX_CONNECTOR_COMMENT_YYY where XXX refers
|
|
to the type of connector (SSL or AJP) and YYY refers to either BEGIN or END. Please
|
|
do not modify these comments to avoid conflicting with the configuration tools. -->
|
|
|
|
|
|
<!-- Define a SSL Coyote HTTP/1.1 Connector on port 2645 -->
|
|
<!-- SSL_CONNECTOR_BEGIN -->
|
|
<Connector port="2645" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true" acceptCount="100" debug="0" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystoreFile="/etc/CASA/authtoken/keys/server/jks-store" keystorePass="secret" algorithm="SunX509"/>
|
|
<!-- SSL_CONNECTOR_END -->
|
|
|
|
<!-- Define an AJP Connector -->
|
|
<!-- AJP_CONNECTOR_BEGIN -->
|
|
<Connector enableLookups="false" port="9595" protocol="AJP/1.3"/>
|
|
<!-- AJP_CONNECTOR_END -->
|
|
|
|
<!-- An Engine represents the entry point (within Catalina) that processes
|
|
every request. The Engine implementation for Tomcat stand alone
|
|
analyzes the HTTP headers included with the request, and passes them
|
|
on to the appropriate Host (virtual host). -->
|
|
|
|
<!-- You should set jvmRoute to support load-balancing via AJP ie :
|
|
<Engine name="Standalone" defaultHost="localhost" jvmRoute="jvm1">
|
|
-->
|
|
|
|
<!-- Define the top level container in our container hierarchy -->
|
|
<Engine name="Catalina" defaultHost="localhost">
|
|
|
|
<!-- The request dumper valve dumps useful debugging information about
|
|
the request headers and cookies that were received, and the response
|
|
headers and cookies that were sent, for all requests received by
|
|
this instance of Tomcat. If you care only about requests to a
|
|
particular virtual host, or a particular application, nest this
|
|
element inside the corresponding <Host> or <Context> entry instead.
|
|
|
|
For a similar mechanism that is portable to all Servlet 2.4
|
|
containers, check out the "RequestDumperFilter" Filter in the
|
|
example application (the source for this filter may be found in
|
|
"$CATALINA_HOME/webapps/examples/WEB-INF/classes/filters").
|
|
|
|
Request dumping is disabled by default. Uncomment the following
|
|
element to enable it. -->
|
|
<!--
|
|
<Valve className="org.apache.catalina.valves.RequestDumperValve"/>
|
|
-->
|
|
|
|
<!-- Because this Realm is here, an instance will be shared globally -->
|
|
|
|
<!-- This Realm uses the UserDatabase configured in the global JNDI
|
|
resources under the key "UserDatabase". Any edits
|
|
that are performed against this UserDatabase are immediately
|
|
available for use by the Realm. -->
|
|
<Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase"/>
|
|
|
|
<!-- Define the default virtual host
|
|
Note: XML Schema validation will not work with Xerces 2.2.
|
|
-->
|
|
<Host name="localhost" appBase="webapps" unpackWARs="true" autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false">
|
|
|
|
<!-- Access log processes all requests for this virtual host. By
|
|
default, log files are created in the "logs" directory relative to
|
|
$CATALINA_HOME. If you wish, you can specify a different
|
|
directory with the "directory" attribute. Specify either a relative
|
|
(to $CATALINA_HOME) or absolute path to the desired directory.
|
|
-->
|
|
<!--
|
|
<Valve className="org.apache.catalina.valves.AccessLogValve"
|
|
directory="logs" prefix="localhost_access_log." suffix=".txt"
|
|
pattern="common" resolveHosts="false"/>
|
|
-->
|
|
|
|
<!-- Access log processes all requests for this virtual host. By
|
|
default, log files are created in the "logs" directory relative to
|
|
$CATALINA_HOME. If you wish, you can specify a different
|
|
directory with the "directory" attribute. Specify either a relative
|
|
(to $CATALINA_HOME) or absolute path to the desired directory.
|
|
This access log implementation is optimized for maximum performance,
|
|
but is hardcoded to support only the "common" and "combined" patterns.
|
|
-->
|
|
<!--
|
|
<Valve className="org.apache.catalina.valves.FastCommonAccessLogValve"
|
|
directory="logs" prefix="localhost_access_log." suffix=".txt"
|
|
pattern="common" resolveHosts="false"/>
|
|
-->
|
|
|
|
</Host>
|
|
|
|
</Engine>
|
|
|
|
</Service>
|
|
|
|
</Server> |