Wednesday Jan 21, 2009

Tomcat 6 in OpenSolaris

In OpenSolaris build 106 there were some important changes to bundled version of Tomcat:
- Tomcat was upgraded to version 6.0.18
- Tomcat was moved under SMF(5) control
- SMF executes Tomcat with "webservd" user credentials
- Tomcat started via SMF service can be configured to use privileged TCP ports (< 1024)
- Tomcat is now installed in different locations /usr/tomcat6 and /var/tomcat6
- New symbolical link /etc/tomcat6 to configuration directory /var/tomcat6/conf
- New man page tomcat(1M)

Starting Tomcat SMF service

Tomcat is shipped with default configuration file (/etc/tomcat6/server.xml) so it can be immediately started via:

# svcadm enable tomcat6

Status of Tomcat SMF service can be queried as follows:

# svcs tomcat6
STATE STIME FMRI
online 4:41:46 svc:/network/http:tomcat6

And finally Tomcat is stopped:

# svcadm disable tomcat6

Configuring Tomcat to listen on port 80

With default configuration Tomcat listens on TCP port 8080. You may need to change it to standard HTTP port 80 (and 443).

The port number is defined in /etc/tomcat6/server.xml as following:

Connector port="8080" protocol="HTTP/1.1"

This is especially nice if you want to use Tomcat alone without Apache Web Server.

Tomcat and HTTPS

Tomcat is using Java Secure Socket Extension (JSSE) for SSL HTTP implementation. Following are steps based on Tomcat ssl-howto which shows how to enable it:

Certificate key store creation:

# /usr/java/bin/keytool -genkey -alias tomcat -keyalg RSA -keystore /etc/tomcat6/keystore

Server configuration (/etc/tomcat6/server.xml) then need uncomment following section and to add in it "keystoreFile" and "keystorePass" attributes:

<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true"
keystoreFile="/etc/tomcat6/keystore" keystorePass="changeit"
clientAuth="false" sslProtocol="TLS" />

Running Tomcat as ordinary user

Even if OpenSolaris bundled Tomcat is primary meant to be controlled via SMF service and to be run with "webservd" user credentials, also other users can still use it.

For such a reasons there is CATALINA_BASE environment variable which specifies part of Tomcat directory structure which must be per Tomcat instance unique, contains server configuration and which is writable. Therefore user will first need to create such data. The easiest way is to copy it:

$ cp -r /var/tomcat6/ ~/tomcat

User can then start Tomcat as follows:

$ CATALINA_BASE=~/tomcat /usr/tomcat6/bin/catalina.sh start

And of course to stop it:

$ CATALINA_BASE=~/tomcat /usr/tomcat6/bin/catalina.sh stop

About

psum

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today