date:20181125

Re: help installing mod_jk on Centos 7 on a Google Cloud server

2018-11-25 Thread Greg Huber

> > [Sun Nov 25 18:00:36.250346 2018] [core:notice] [pid 26421] SELinux
> policy enabled; httpd running as context system_u:system_r:httpd_t:s0

Unless its a requirement of your host services just disable selinux as it
adds complexity.  When apache/tomcat is up and running you can enable it
and then try and get it working with selinux.

On Sun, 25 Nov 2018 at 20:27, Lou Wallace  wrote:

> How will selinux help? Not sure what you mean...
>
> On Sun, Nov 25, 2018 at 3:16 PM Loai Abdallatif  >
> wrote:
>
> > try  selinux to permissive mode using #setenforce 0 to exclude it from
> > analyses
> >
> > On Sun, Nov 25, 2018 at 8:05 PM Lou Wallace 
> > wrote:
> >
> > > hey Greg,
> > >
> > > No obvious errors in mod_jk log. Only has five lines
> > >
> > > [Sun Nov 25 15:22:11.637 2018] [14159:139840145266816] [info]
> > > init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
> > > [Sun Nov 25 15:22:11.657 2018] [14159:139840145266816] [info]
> > > init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
> > > [Sun Nov 25 15:37:01.930 2018] [15407:140260327409792] [info]
> > > init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
> > > [Sun Nov 25 15:37:01.951 2018] [15407:140260327409792] [info]
> > > init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
> > > [Sun Nov 25 18:00:36.252 2018] [26421:139699565041792] [info]
> > > init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
> > > [Sun Nov 25 18:00:36.276 2018] [26421:139699565041792] [info]
> > > init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
> > >
> > > error_log
> > >
> > > [Sun Nov 25 18:00:36.250346 2018] [core:notice] [pid 26421] SELinux
> > policy
> > > enabled; httpd running as context system_u:system_r:httpd_t:s0
> > > [Sun Nov 25 18:00:36.251392 2018] [suexec:notice] [pid 26421] AH01232:
> > > suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
> > > [Sun Nov 25 18:00:36.252380 2018] [jk:warn] [pid 26421] No JkLogFile
> > > defined in httpd.conf. Using default /etc/httpd/logs/mod_jk.log
> > > [Sun Nov 25 18:00:36.252466 2018] [jk:warn] [pid 26421] No JkShmFile
> > > defined in httpd.conf. Using default /etc/httpd/logs/jk-runtime-status
> > > [Sun Nov 25 18:00:36.273798 2018] [auth_digest:notice] [pid 26421]
> > AH01757:
> > > generating secret for digest authentication ...
> > > [Sun Nov 25 18:00:36.275236 2018] [lbmethod_heartbeat:notice] [pid
> 26421]
> > > AH02282: No slotmem from mod_heartmonitor
> > > [Sun Nov 25 18:00:36.276120 2018] [jk:warn] [pid 26421] No JkLogFile
> > > defined in httpd.conf. Using default /etc/httpd/logs/mod_jk.log
> > > [Sun Nov 25 18:00:36.276179 2018] [jk:warn] [pid 26421] No JkShmFile
> > > defined in httpd.conf. Using default /etc/httpd/logs/jk-runtime-status
> > > [Sun Nov 25 18:00:36.280163 2018] [mpm_prefork:notice] [pid 26421]
> > AH00163:
> > > Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_jk/1.2.46 configured --
> > > resuming normal operations
> > > [Sun Nov 25 18:00:36.280201 2018] [core:notice] [pid 26421] AH00094:
> > > Command line: '/usr/sbin/httpd -D FOREGROUND'
> > >
> > >
> > >
> > >
> > >
> > >
> > > On Sun, Nov 25, 2018 at 12:42 PM Greg Huber 
> wrote:
> > >
> > > > OK, sorry, if you are remote then 8080 port may not be open.
> > > >
> > > > You need to check tomcat app actually shows the page correctly.
> > > >
> > > > If the page http://IP/index.jsp 
> > > > just shows the jsp, have a look at the /var/log/httpd logs to see
> what
> > > its
> > > > doing,
> > > >
> > > > eg access.log
> > > > xxx.xxx.xxx.xxx.xxx - - [25/Nov/2018:07:28:08 +] "GET /index.jsp
> > > > HTTP/1.1" 200 27080 "
> > > >
> > > > also look in the error.log for errors
> > > >
> > > > mod_jk.log
> > > > [Sun Nov 25 07:27:10 2018][1452:140132954712192] [info]
> > init_jk::mod_jk.c
> > > > (3591): mod_jk/1.2.46 initialized
> > > >
> > > > You could try yum package links which is a command line browser.
> > > >
> > > > Name: links
> > > > Arch: x86_64
> > > > Epoch   : 1
> > > > Version : 2.13
> > > > Release : 1.el7
> > > > Size: 2.8 M
> > > > Repo: epel/x86_64
> > > > Summary : Web browser running in both graphics and text mode
> > > > URL : http://links.twibright.com/
> > > > Licence : GPLv2+
> > > > Description : Links is a web browser capable of running in either
> > > graphics
> > > > or text mode.
> > > > : It provides a pull-down menu system, renders complex
> > pages,
> > > > has partial HTML
> > > > : 4.0 support (including tables, frames and support for
> > > > multiple character sets
> > > > : and UTF-8), supports color and monochrome terminals and
> > > > allows horizontal
> > > > : scrolling.
> > > >
> > > > On Sun, 25 Nov 2018 at 17:07, Lou Wallace 
> > > wrote:
> > > >
> > > > > How can I do that from the command line shell? I tried it from
> > browser
> > > > and
> > > > > it timed out using http://IP:8080/index.jsp
> > > > >
> > > > >
> > > > > On Sun, Nov 25, 2018 at 11:54 AM Greg Huber

Re: help installing mod_jk on Centos 7 on a Google Cloud server

2018-11-25 Thread tomcat


On 25.11.2018 21:43, Lou Wallace wrote:

Whew. Just read that link

Warning: If Apache and Tomcat are configured to serve content from the same
file system location then care must be taken to ensure that Apache is not
able to serve inappropriate content such as the contents of the WEB-INF
directory or JSP source code.

This could occur if the Apache DocumentRoot overlaps with a Tomcat Host's
appBase or the docBase of any Context. It could also occur when using the
Apache Alias directive with a Tomcat Host's appBase or the docBase of any
Context.

And I just checked and sure enough I can access from the browser the
contents of the site directory. Now I haven't yet configured httpd-vhosts
to define site yet - could that be why I can access the directory itself
from a browser?

And where do I look to see if Apache DocumentRoot overlaps with a Tomcat
Host's appBase or the docBase?



Make a picture. I'm not kidding.
Presumably, you know what a filesystem directory structure looks like.
So make a little schema of the Apache httpd document directories, starting at what is 
indicated in the DocumentRoot of the httpd.conf (or apache2.conf or whatever it is on your 
system); and make a similar schema of the directories of Tomcat, starting at the positions 
mentioned in the appBase/docBase attributes.
If any of these overlap, you have a problem. It is not a fatal problem, and one can avoid 
the problem with a careful httpd configuration. But if there is an overlap, you are always 
at risk of forgetting to configure this properly, so better to avoid it altogether.
(Of course, all of this can happen only if Apache httpd and Tomcat are running on the same 
host; if not, there is no such risk. Unless of course they share some common network 
directories..


browser <- A+B -> httpd + mod_jk <-- B --> tomcat
| |
A B
| |
  httpd DocumentRoot webapps
sub-directories |
and files   -- webbap-1
 - files (1)
 |- WEB-INF
   |- files (2)
Legend :
- A+B are all requests sent by the browser, to the front-end httpd.
  Some of these requests are for documents/applications on the front-end (A).
  Some of these requests are for the back-end tomcat's webapps (B).
  httpd + mod_jk "know" which requests to proxy to tomcat (B), by the "JkMount"
  directives. What is not proxied to tomcat (aka "not B") is served locally by
  httpd (A).
As long as "httpd DocumentRoot" and "webapps" are totally separate on disk, there is no 
problem.

The problem is when some part of "httpd DocumentRoot" overlaps some part of 
"webapps".
Then for example a browser can send something which appears to be directed at 
httpd
(iow a URL addressing A), but which in reality accesses something under 
"webapps".
Because then, httpd will serve this "raw", and none of the security (or JSP compilation 
and execution of (1)) of tomcat will ever even know that httpd is serving things from 
under its nose, even forbidden things (2).


Clear ?







On Sun, Nov 25, 2018 at 3:36 PM André Warnier (tomcat) 
wrote:


Hi.
I have not been following this in detail, but some of the things I've seen
written made me
think of the warning (in red type) on the page :
http://tomcat.apache.org/connectors-doc/reference/apache.html

In other words, if your front-end Apache httpd is configured in such a way
that, to serve
a request URL from a browser, it /can/ access a directory and files which
really belong to
Tomcat, then all kinds of weird and dangerous things will happen.
Such as JSP pages being served 'as is', and browsers being able to access
directories and
files which Tomcat would normally forbid (such as the content of a
webapps/yourapp/WEB-INF
directory).



On 25.11.2018 21:26, Lou Wallace wrote:

How will selinux help? Not sure what you mean...

On Sun, Nov 25, 2018 at 3:16 PM Loai Abdallatif <

loai.abdalla...@gmail.com>

wrote:


try  selinux to permissive mode using #setenforce 0 to exclude it from
analyses

On Sun, Nov 25, 2018 at 8:05 PM Lou Wallace 
wrote:


hey Greg,

No obvious errors in mod_jk log. Only has five lines

[Sun Nov 25 15:22:11.637 2018] [14159:139840145266816] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 15:22:11.657 2018] [14159:139840145266816] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 15:37:01.930 2018] [15407:140260327409792] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 15:37:01.951 2018] [15407:140260327409792] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 18:00:36.252 2018] [26421:139699565041792] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25

Re: help installing mod_jk on Centos 7 on a Google Cloud server

2018-11-25 Thread Lou Wallace

Whew. Just read that link

Warning: If Apache and Tomcat are configured to serve content from the same
file system location then care must be taken to ensure that Apache is not
able to serve inappropriate content such as the contents of the WEB-INF
directory or JSP source code.

This could occur if the Apache DocumentRoot overlaps with a Tomcat Host's
appBase or the docBase of any Context. It could also occur when using the
Apache Alias directive with a Tomcat Host's appBase or the docBase of any
Context.

And I just checked and sure enough I can access from the browser the
contents of the site directory. Now I haven't yet configured httpd-vhosts
to define site yet - could that be why I can access the directory itself
from a browser?

And where do I look to see if Apache DocumentRoot overlaps with a Tomcat
Host's appBase or the docBase?




On Sun, Nov 25, 2018 at 3:36 PM André Warnier (tomcat) 
wrote:

> Hi.
> I have not been following this in detail, but some of the things I've seen
> written made me
> think of the warning (in red type) on the page :
> http://tomcat.apache.org/connectors-doc/reference/apache.html
>
> In other words, if your front-end Apache httpd is configured in such a way
> that, to serve
> a request URL from a browser, it /can/ access a directory and files which
> really belong to
> Tomcat, then all kinds of weird and dangerous things will happen.
> Such as JSP pages being served 'as is', and browsers being able to access
> directories and
> files which Tomcat would normally forbid (such as the content of a
> webapps/yourapp/WEB-INF
> directory).
>
>
>
> On 25.11.2018 21:26, Lou Wallace wrote:
> > How will selinux help? Not sure what you mean...
> >
> > On Sun, Nov 25, 2018 at 3:16 PM Loai Abdallatif <
> loai.abdalla...@gmail.com>
> > wrote:
> >
> >> try  selinux to permissive mode using #setenforce 0 to exclude it from
> >> analyses
> >>
> >> On Sun, Nov 25, 2018 at 8:05 PM Lou Wallace 
> >> wrote:
> >>
> >>> hey Greg,
> >>>
> >>> No obvious errors in mod_jk log. Only has five lines
> >>>
> >>> [Sun Nov 25 15:22:11.637 2018] [14159:139840145266816] [info]
> >>> init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
> >>> [Sun Nov 25 15:22:11.657 2018] [14159:139840145266816] [info]
> >>> init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
> >>> [Sun Nov 25 15:37:01.930 2018] [15407:140260327409792] [info]
> >>> init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
> >>> [Sun Nov 25 15:37:01.951 2018] [15407:140260327409792] [info]
> >>> init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
> >>> [Sun Nov 25 18:00:36.252 2018] [26421:139699565041792] [info]
> >>> init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
> >>> [Sun Nov 25 18:00:36.276 2018] [26421:139699565041792] [info]
> >>> init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
> >>>
> >>> error_log
> >>>
> >>> [Sun Nov 25 18:00:36.250346 2018] [core:notice] [pid 26421] SELinux
> >> policy
> >>> enabled; httpd running as context system_u:system_r:httpd_t:s0
> >>> [Sun Nov 25 18:00:36.251392 2018] [suexec:notice] [pid 26421] AH01232:
> >>> suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
> >>> [Sun Nov 25 18:00:36.252380 2018] [jk:warn] [pid 26421] No JkLogFile
> >>> defined in httpd.conf. Using default /etc/httpd/logs/mod_jk.log
> >>> [Sun Nov 25 18:00:36.252466 2018] [jk:warn] [pid 26421] No JkShmFile
> >>> defined in httpd.conf. Using default /etc/httpd/logs/jk-runtime-status
> >>> [Sun Nov 25 18:00:36.273798 2018] [auth_digest:notice] [pid 26421]
> >> AH01757:
> >>> generating secret for digest authentication ...
> >>> [Sun Nov 25 18:00:36.275236 2018] [lbmethod_heartbeat:notice] [pid
> 26421]
> >>> AH02282: No slotmem from mod_heartmonitor
> >>> [Sun Nov 25 18:00:36.276120 2018] [jk:warn] [pid 26421] No JkLogFile
> >>> defined in httpd.conf. Using default /etc/httpd/logs/mod_jk.log
> >>> [Sun Nov 25 18:00:36.276179 2018] [jk:warn] [pid 26421] No JkShmFile
> >>> defined in httpd.conf. Using default /etc/httpd/logs/jk-runtime-status
> >>> [Sun Nov 25 18:00:36.280163 2018] [mpm_prefork:notice] [pid 26421]
> >> AH00163:
> >>> Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_jk/1.2.46 configured --
> >>> resuming normal operations
> >>> [Sun Nov 25 18:00:36.280201 2018] [core:notice] [pid 26421] AH00094:
> >>> Command line: '/usr/sbin/httpd -D FOREGROUND'
> >>>
> >>>
> >>>
> >>>
> >>>
> >>>
> >>> On Sun, Nov 25, 2018 at 12:42 PM Greg Huber 
> wrote:
> >>>
>  OK, sorry, if you are remote then 8080 port may not be open.
> 
>  You need to check tomcat app actually shows the page correctly.
> 
>  If the page http://IP/index.jsp 
>  just shows the jsp, have a look at the /var/log/httpd logs to see what
> >>> its
>  doing,
> 
>  eg access.log
>  xxx.xxx.xxx.xxx.xxx - - [25/Nov/2018:07:28:08 +] "GET /index.jsp
>  HTTP/1.1" 200 27080 "
> 
>  also look in the error.log for errors
> 
>  mod_jk.log
>  [Sun Nov 25 07:27:10 2018][1452:140132954712192]

Re: help installing mod_jk on Centos 7 on a Google Cloud server

2018-11-25 Thread Loai Abdallatif

you are running apache with selinux context . just try to avoid its
complexity

On Sun, Nov 25, 2018 at 10:27 PM Lou Wallace  wrote:

> How will selinux help? Not sure what you mean...
>
> On Sun, Nov 25, 2018 at 3:16 PM Loai Abdallatif  >
> wrote:
>
> > try  selinux to permissive mode using #setenforce 0 to exclude it from
> > analyses
> >
> > On Sun, Nov 25, 2018 at 8:05 PM Lou Wallace 
> > wrote:
> >
> > > hey Greg,
> > >
> > > No obvious errors in mod_jk log. Only has five lines
> > >
> > > [Sun Nov 25 15:22:11.637 2018] [14159:139840145266816] [info]
> > > init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
> > > [Sun Nov 25 15:22:11.657 2018] [14159:139840145266816] [info]
> > > init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
> > > [Sun Nov 25 15:37:01.930 2018] [15407:140260327409792] [info]
> > > init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
> > > [Sun Nov 25 15:37:01.951 2018] [15407:140260327409792] [info]
> > > init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
> > > [Sun Nov 25 18:00:36.252 2018] [26421:139699565041792] [info]
> > > init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
> > > [Sun Nov 25 18:00:36.276 2018] [26421:139699565041792] [info]
> > > init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
> > >
> > > error_log
> > >
> > > [Sun Nov 25 18:00:36.250346 2018] [core:notice] [pid 26421] SELinux
> > policy
> > > enabled; httpd running as context system_u:system_r:httpd_t:s0
> > > [Sun Nov 25 18:00:36.251392 2018] [suexec:notice] [pid 26421] AH01232:
> > > suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
> > > [Sun Nov 25 18:00:36.252380 2018] [jk:warn] [pid 26421] No JkLogFile
> > > defined in httpd.conf. Using default /etc/httpd/logs/mod_jk.log
> > > [Sun Nov 25 18:00:36.252466 2018] [jk:warn] [pid 26421] No JkShmFile
> > > defined in httpd.conf. Using default /etc/httpd/logs/jk-runtime-status
> > > [Sun Nov 25 18:00:36.273798 2018] [auth_digest:notice] [pid 26421]
> > AH01757:
> > > generating secret for digest authentication ...
> > > [Sun Nov 25 18:00:36.275236 2018] [lbmethod_heartbeat:notice] [pid
> 26421]
> > > AH02282: No slotmem from mod_heartmonitor
> > > [Sun Nov 25 18:00:36.276120 2018] [jk:warn] [pid 26421] No JkLogFile
> > > defined in httpd.conf. Using default /etc/httpd/logs/mod_jk.log
> > > [Sun Nov 25 18:00:36.276179 2018] [jk:warn] [pid 26421] No JkShmFile
> > > defined in httpd.conf. Using default /etc/httpd/logs/jk-runtime-status
> > > [Sun Nov 25 18:00:36.280163 2018] [mpm_prefork:notice] [pid 26421]
> > AH00163:
> > > Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_jk/1.2.46 configured --
> > > resuming normal operations
> > > [Sun Nov 25 18:00:36.280201 2018] [core:notice] [pid 26421] AH00094:
> > > Command line: '/usr/sbin/httpd -D FOREGROUND'
> > >
> > >
> > >
> > >
> > >
> > >
> > > On Sun, Nov 25, 2018 at 12:42 PM Greg Huber 
> wrote:
> > >
> > > > OK, sorry, if you are remote then 8080 port may not be open.
> > > >
> > > > You need to check tomcat app actually shows the page correctly.
> > > >
> > > > If the page http://IP/index.jsp 
> > > > just shows the jsp, have a look at the /var/log/httpd logs to see
> what
> > > its
> > > > doing,
> > > >
> > > > eg access.log
> > > > xxx.xxx.xxx.xxx.xxx - - [25/Nov/2018:07:28:08 +] "GET /index.jsp
> > > > HTTP/1.1" 200 27080 "
> > > >
> > > > also look in the error.log for errors
> > > >
> > > > mod_jk.log
> > > > [Sun Nov 25 07:27:10 2018][1452:140132954712192] [info]
> > init_jk::mod_jk.c
> > > > (3591): mod_jk/1.2.46 initialized
> > > >
> > > > You could try yum package links which is a command line browser.
> > > >
> > > > Name: links
> > > > Arch: x86_64
> > > > Epoch   : 1
> > > > Version : 2.13
> > > > Release : 1.el7
> > > > Size: 2.8 M
> > > > Repo: epel/x86_64
> > > > Summary : Web browser running in both graphics and text mode
> > > > URL : http://links.twibright.com/
> > > > Licence : GPLv2+
> > > > Description : Links is a web browser capable of running in either
> > > graphics
> > > > or text mode.
> > > > : It provides a pull-down menu system, renders complex
> > pages,
> > > > has partial HTML
> > > > : 4.0 support (including tables, frames and support for
> > > > multiple character sets
> > > > : and UTF-8), supports color and monochrome terminals and
> > > > allows horizontal
> > > > : scrolling.
> > > >
> > > > On Sun, 25 Nov 2018 at 17:07, Lou Wallace 
> > > wrote:
> > > >
> > > > > How can I do that from the command line shell? I tried it from
> > browser
> > > > and
> > > > > it timed out using http://IP:8080/index.jsp
> > > > >
> > > > >
> > > > > On Sun, Nov 25, 2018 at 11:54 AM Greg Huber 
> > > wrote:
> > > > >
> > > > > > >>But my .jsp web page is still showing as plain text
> > > > > >
> > > > > > With tomcat running does it show correctly ie
> > > > > > http://127.0.0.1:8080/../mypage.jsp
> > > > > >
> > > > > > then try

Re: help installing mod_jk on Centos 7 on a Google Cloud server

2018-11-25 Thread tomcat


Hi.
I have not been following this in detail, but some of the things I've seen written made me 
think of the warning (in red type) on the page :

http://tomcat.apache.org/connectors-doc/reference/apache.html

In other words, if your front-end Apache httpd is configured in such a way that, to serve 
a request URL from a browser, it /can/ access a directory and files which really belong to 
Tomcat, then all kinds of weird and dangerous things will happen.
Such as JSP pages being served 'as is', and browsers being able to access directories and 
files which Tomcat would normally forbid (such as the content of a webapps/yourapp/WEB-INF 
directory).




On 25.11.2018 21:26, Lou Wallace wrote:

How will selinux help? Not sure what you mean...

On Sun, Nov 25, 2018 at 3:16 PM Loai Abdallatif 
wrote:


try  selinux to permissive mode using #setenforce 0 to exclude it from
analyses

On Sun, Nov 25, 2018 at 8:05 PM Lou Wallace 
wrote:


hey Greg,

No obvious errors in mod_jk log. Only has five lines

[Sun Nov 25 15:22:11.637 2018] [14159:139840145266816] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 15:22:11.657 2018] [14159:139840145266816] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 15:37:01.930 2018] [15407:140260327409792] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 15:37:01.951 2018] [15407:140260327409792] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 18:00:36.252 2018] [26421:139699565041792] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 18:00:36.276 2018] [26421:139699565041792] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized

error_log

[Sun Nov 25 18:00:36.250346 2018] [core:notice] [pid 26421] SELinux

policy

enabled; httpd running as context system_u:system_r:httpd_t:s0
[Sun Nov 25 18:00:36.251392 2018] [suexec:notice] [pid 26421] AH01232:
suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Sun Nov 25 18:00:36.252380 2018] [jk:warn] [pid 26421] No JkLogFile
defined in httpd.conf. Using default /etc/httpd/logs/mod_jk.log
[Sun Nov 25 18:00:36.252466 2018] [jk:warn] [pid 26421] No JkShmFile
defined in httpd.conf. Using default /etc/httpd/logs/jk-runtime-status
[Sun Nov 25 18:00:36.273798 2018] [auth_digest:notice] [pid 26421]

AH01757:

generating secret for digest authentication ...
[Sun Nov 25 18:00:36.275236 2018] [lbmethod_heartbeat:notice] [pid 26421]
AH02282: No slotmem from mod_heartmonitor
[Sun Nov 25 18:00:36.276120 2018] [jk:warn] [pid 26421] No JkLogFile
defined in httpd.conf. Using default /etc/httpd/logs/mod_jk.log
[Sun Nov 25 18:00:36.276179 2018] [jk:warn] [pid 26421] No JkShmFile
defined in httpd.conf. Using default /etc/httpd/logs/jk-runtime-status
[Sun Nov 25 18:00:36.280163 2018] [mpm_prefork:notice] [pid 26421]

AH00163:

Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_jk/1.2.46 configured --
resuming normal operations
[Sun Nov 25 18:00:36.280201 2018] [core:notice] [pid 26421] AH00094:
Command line: '/usr/sbin/httpd -D FOREGROUND'






On Sun, Nov 25, 2018 at 12:42 PM Greg Huber  wrote:


OK, sorry, if you are remote then 8080 port may not be open.

You need to check tomcat app actually shows the page correctly.

If the page http://IP/index.jsp 
just shows the jsp, have a look at the /var/log/httpd logs to see what

its

doing,

eg access.log
xxx.xxx.xxx.xxx.xxx - - [25/Nov/2018:07:28:08 +] "GET /index.jsp
HTTP/1.1" 200 27080 "

also look in the error.log for errors

mod_jk.log
[Sun Nov 25 07:27:10 2018][1452:140132954712192] [info]

init_jk::mod_jk.c

(3591): mod_jk/1.2.46 initialized

You could try yum package links which is a command line browser.

Name: links
Arch: x86_64
Epoch   : 1
Version : 2.13
Release : 1.el7
Size: 2.8 M
Repo: epel/x86_64
Summary : Web browser running in both graphics and text mode
URL : http://links.twibright.com/
Licence : GPLv2+
Description : Links is a web browser capable of running in either

graphics

or text mode.
 : It provides a pull-down menu system, renders complex

pages,

has partial HTML
 : 4.0 support (including tables, frames and support for
multiple character sets
 : and UTF-8), supports color and monochrome terminals and
allows horizontal
 : scrolling.

On Sun, 25 Nov 2018 at 17:07, Lou Wallace 

wrote:



How can I do that from the command line shell? I tried it from

browser

and

it timed out using http://IP:8080/index.jsp


On Sun, Nov 25, 2018 at 11:54 AM Greg Huber 

wrote:



But my .jsp web page is still showing as plain text


With tomcat running does it show correctly ie
http://127.0.0.1:8080/../mypage.jsp

then try http://127.0.0.1/../mypage.jsp

##

tomcat server.xml using default port



On Sun, 25 Nov 2018 at 15:28, Lou Wallace 

wrote:



hmm this is weird

After adding

#Options Indexes FollowSymLinks
#No folders/files listed
Options -Indexes

Re: help installing mod_jk on Centos 7 on a Google Cloud server

2018-11-25 Thread Lou Wallace

How will selinux help? Not sure what you mean...

On Sun, Nov 25, 2018 at 3:16 PM Loai Abdallatif 
wrote:

> try  selinux to permissive mode using #setenforce 0 to exclude it from
> analyses
>
> On Sun, Nov 25, 2018 at 8:05 PM Lou Wallace 
> wrote:
>
> > hey Greg,
> >
> > No obvious errors in mod_jk log. Only has five lines
> >
> > [Sun Nov 25 15:22:11.637 2018] [14159:139840145266816] [info]
> > init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
> > [Sun Nov 25 15:22:11.657 2018] [14159:139840145266816] [info]
> > init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
> > [Sun Nov 25 15:37:01.930 2018] [15407:140260327409792] [info]
> > init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
> > [Sun Nov 25 15:37:01.951 2018] [15407:140260327409792] [info]
> > init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
> > [Sun Nov 25 18:00:36.252 2018] [26421:139699565041792] [info]
> > init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
> > [Sun Nov 25 18:00:36.276 2018] [26421:139699565041792] [info]
> > init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
> >
> > error_log
> >
> > [Sun Nov 25 18:00:36.250346 2018] [core:notice] [pid 26421] SELinux
> policy
> > enabled; httpd running as context system_u:system_r:httpd_t:s0
> > [Sun Nov 25 18:00:36.251392 2018] [suexec:notice] [pid 26421] AH01232:
> > suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
> > [Sun Nov 25 18:00:36.252380 2018] [jk:warn] [pid 26421] No JkLogFile
> > defined in httpd.conf. Using default /etc/httpd/logs/mod_jk.log
> > [Sun Nov 25 18:00:36.252466 2018] [jk:warn] [pid 26421] No JkShmFile
> > defined in httpd.conf. Using default /etc/httpd/logs/jk-runtime-status
> > [Sun Nov 25 18:00:36.273798 2018] [auth_digest:notice] [pid 26421]
> AH01757:
> > generating secret for digest authentication ...
> > [Sun Nov 25 18:00:36.275236 2018] [lbmethod_heartbeat:notice] [pid 26421]
> > AH02282: No slotmem from mod_heartmonitor
> > [Sun Nov 25 18:00:36.276120 2018] [jk:warn] [pid 26421] No JkLogFile
> > defined in httpd.conf. Using default /etc/httpd/logs/mod_jk.log
> > [Sun Nov 25 18:00:36.276179 2018] [jk:warn] [pid 26421] No JkShmFile
> > defined in httpd.conf. Using default /etc/httpd/logs/jk-runtime-status
> > [Sun Nov 25 18:00:36.280163 2018] [mpm_prefork:notice] [pid 26421]
> AH00163:
> > Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_jk/1.2.46 configured --
> > resuming normal operations
> > [Sun Nov 25 18:00:36.280201 2018] [core:notice] [pid 26421] AH00094:
> > Command line: '/usr/sbin/httpd -D FOREGROUND'
> >
> >
> >
> >
> >
> >
> > On Sun, Nov 25, 2018 at 12:42 PM Greg Huber  wrote:
> >
> > > OK, sorry, if you are remote then 8080 port may not be open.
> > >
> > > You need to check tomcat app actually shows the page correctly.
> > >
> > > If the page http://IP/index.jsp 
> > > just shows the jsp, have a look at the /var/log/httpd logs to see what
> > its
> > > doing,
> > >
> > > eg access.log
> > > xxx.xxx.xxx.xxx.xxx - - [25/Nov/2018:07:28:08 +] "GET /index.jsp
> > > HTTP/1.1" 200 27080 "
> > >
> > > also look in the error.log for errors
> > >
> > > mod_jk.log
> > > [Sun Nov 25 07:27:10 2018][1452:140132954712192] [info]
> init_jk::mod_jk.c
> > > (3591): mod_jk/1.2.46 initialized
> > >
> > > You could try yum package links which is a command line browser.
> > >
> > > Name: links
> > > Arch: x86_64
> > > Epoch   : 1
> > > Version : 2.13
> > > Release : 1.el7
> > > Size: 2.8 M
> > > Repo: epel/x86_64
> > > Summary : Web browser running in both graphics and text mode
> > > URL : http://links.twibright.com/
> > > Licence : GPLv2+
> > > Description : Links is a web browser capable of running in either
> > graphics
> > > or text mode.
> > > : It provides a pull-down menu system, renders complex
> pages,
> > > has partial HTML
> > > : 4.0 support (including tables, frames and support for
> > > multiple character sets
> > > : and UTF-8), supports color and monochrome terminals and
> > > allows horizontal
> > > : scrolling.
> > >
> > > On Sun, 25 Nov 2018 at 17:07, Lou Wallace 
> > wrote:
> > >
> > > > How can I do that from the command line shell? I tried it from
> browser
> > > and
> > > > it timed out using http://IP:8080/index.jsp
> > > >
> > > >
> > > > On Sun, Nov 25, 2018 at 11:54 AM Greg Huber 
> > wrote:
> > > >
> > > > > >>But my .jsp web page is still showing as plain text
> > > > >
> > > > > With tomcat running does it show correctly ie
> > > > > http://127.0.0.1:8080/../mypage.jsp
> > > > >
> > > > > then try http://127.0.0.1/../mypage.jsp
> > > > >
> > > > > ##
> > > > >
> > > > > tomcat server.xml using default port
> > > > >  > > > >connectionTimeout="2"
> > > > >redirectPort="8443" />
> > > > >
> > > > >
> > > > > On Sun, 25 Nov 2018 at 15:28, Lou Wallace 
> > > > wrote:
> > > > >
> > > > > > hmm this is weird
> > > > > >
> > > > > > After adding
> > > > > >
>

Re: help installing mod_jk on Centos 7 on a Google Cloud server

2018-11-25 Thread Loai Abdallatif

try  selinux to permissive mode using #setenforce 0 to exclude it from
analyses

On Sun, Nov 25, 2018 at 8:05 PM Lou Wallace  wrote:

> hey Greg,
>
> No obvious errors in mod_jk log. Only has five lines
>
> [Sun Nov 25 15:22:11.637 2018] [14159:139840145266816] [info]
> init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
> [Sun Nov 25 15:22:11.657 2018] [14159:139840145266816] [info]
> init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
> [Sun Nov 25 15:37:01.930 2018] [15407:140260327409792] [info]
> init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
> [Sun Nov 25 15:37:01.951 2018] [15407:140260327409792] [info]
> init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
> [Sun Nov 25 18:00:36.252 2018] [26421:139699565041792] [info]
> init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
> [Sun Nov 25 18:00:36.276 2018] [26421:139699565041792] [info]
> init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
>
> error_log
>
> [Sun Nov 25 18:00:36.250346 2018] [core:notice] [pid 26421] SELinux policy
> enabled; httpd running as context system_u:system_r:httpd_t:s0
> [Sun Nov 25 18:00:36.251392 2018] [suexec:notice] [pid 26421] AH01232:
> suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
> [Sun Nov 25 18:00:36.252380 2018] [jk:warn] [pid 26421] No JkLogFile
> defined in httpd.conf. Using default /etc/httpd/logs/mod_jk.log
> [Sun Nov 25 18:00:36.252466 2018] [jk:warn] [pid 26421] No JkShmFile
> defined in httpd.conf. Using default /etc/httpd/logs/jk-runtime-status
> [Sun Nov 25 18:00:36.273798 2018] [auth_digest:notice] [pid 26421] AH01757:
> generating secret for digest authentication ...
> [Sun Nov 25 18:00:36.275236 2018] [lbmethod_heartbeat:notice] [pid 26421]
> AH02282: No slotmem from mod_heartmonitor
> [Sun Nov 25 18:00:36.276120 2018] [jk:warn] [pid 26421] No JkLogFile
> defined in httpd.conf. Using default /etc/httpd/logs/mod_jk.log
> [Sun Nov 25 18:00:36.276179 2018] [jk:warn] [pid 26421] No JkShmFile
> defined in httpd.conf. Using default /etc/httpd/logs/jk-runtime-status
> [Sun Nov 25 18:00:36.280163 2018] [mpm_prefork:notice] [pid 26421] AH00163:
> Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_jk/1.2.46 configured --
> resuming normal operations
> [Sun Nov 25 18:00:36.280201 2018] [core:notice] [pid 26421] AH00094:
> Command line: '/usr/sbin/httpd -D FOREGROUND'
>
>
>
>
>
>
> On Sun, Nov 25, 2018 at 12:42 PM Greg Huber  wrote:
>
> > OK, sorry, if you are remote then 8080 port may not be open.
> >
> > You need to check tomcat app actually shows the page correctly.
> >
> > If the page http://IP/index.jsp 
> > just shows the jsp, have a look at the /var/log/httpd logs to see what
> its
> > doing,
> >
> > eg access.log
> > xxx.xxx.xxx.xxx.xxx - - [25/Nov/2018:07:28:08 +] "GET /index.jsp
> > HTTP/1.1" 200 27080 "
> >
> > also look in the error.log for errors
> >
> > mod_jk.log
> > [Sun Nov 25 07:27:10 2018][1452:140132954712192] [info] init_jk::mod_jk.c
> > (3591): mod_jk/1.2.46 initialized
> >
> > You could try yum package links which is a command line browser.
> >
> > Name: links
> > Arch: x86_64
> > Epoch   : 1
> > Version : 2.13
> > Release : 1.el7
> > Size: 2.8 M
> > Repo: epel/x86_64
> > Summary : Web browser running in both graphics and text mode
> > URL : http://links.twibright.com/
> > Licence : GPLv2+
> > Description : Links is a web browser capable of running in either
> graphics
> > or text mode.
> > : It provides a pull-down menu system, renders complex pages,
> > has partial HTML
> > : 4.0 support (including tables, frames and support for
> > multiple character sets
> > : and UTF-8), supports color and monochrome terminals and
> > allows horizontal
> > : scrolling.
> >
> > On Sun, 25 Nov 2018 at 17:07, Lou Wallace 
> wrote:
> >
> > > How can I do that from the command line shell? I tried it from browser
> > and
> > > it timed out using http://IP:8080/index.jsp
> > >
> > >
> > > On Sun, Nov 25, 2018 at 11:54 AM Greg Huber 
> wrote:
> > >
> > > > >>But my .jsp web page is still showing as plain text
> > > >
> > > > With tomcat running does it show correctly ie
> > > > http://127.0.0.1:8080/../mypage.jsp
> > > >
> > > > then try http://127.0.0.1/../mypage.jsp
> > > >
> > > > ##
> > > >
> > > > tomcat server.xml using default port
> > > >  > > >connectionTimeout="2"
> > > >redirectPort="8443" />
> > > >
> > > >
> > > > On Sun, 25 Nov 2018 at 15:28, Lou Wallace 
> > > wrote:
> > > >
> > > > > hmm this is weird
> > > > >
> > > > > After adding
> > > > >
> > > > > #Options Indexes FollowSymLinks
> > > > > #No folders/files listed
> > > > > Options -Indexes -FollowSymLinks
> > > > >
> > > > > I decided to allow httpd.conf to try and load mod_jk.so again so I
> > > added
> > > > > back LoadModule jk_module /etc/httpd/modules/mod_jk.so and
> restarted
> > > > httpd
> > > > >
> > > > > then when I do apachectl -M I see as last

Re: One tomcat server with different webapps on different ports?

2018-11-25 Thread Geraldo Netto

Hello Richard/Friends,

Maybe you could check 2 things
- the iptables to handle the incoming connections (eg: redirect
between ports and, block connections if the ip is accessing for a
specific port)
- httpd/nginx as reverse proxies for caching and other fancy stuff

Please note that I'm suggesting based on your info and once i'm not a
specialist, I might be saying some no sense
Maybe some more experienced might clarify/help
Digital Ocean has tons of interesting tutorials in that matter:
https://www.digitalocean.com/community/tutorials


Kind Regards,

Geraldo Netto
Sapere Aude => Non dvcor, dvco
http://exdev.sf.net/

On Sun, 25 Nov 2018 at 11:03,  wrote:
>
> On 2018-11-24 23:25, Geraldo Netto wrote:
> > Hello Richard/Friends,
> >
> > I might be wrong, but I guess the best approach would be to use apache
> > httpd or nginx as a reverse proxy and leave tomcat alone
> >
> >
> > Kind Regards,
> >
> > Geraldo Netto
> > Sapere Aude => Non dvcor, dvco
> > http://exdev.sf.net/
> >
> > On Sun, 25 Nov 2018 at 00:05,  wrote:
> >>
> >> Tomcat/9.0.13
> >>
> >>
> >> I'd like to have my webapps generally on 443, but the manager and
> >> host-manager on some other port, say 444.
> >>
> >> My reason for doing that would be that I could then use linux's
> >> iptables
> >> to restrict access to 444 to a few known addresses, but anyone could
> >> access 443.
> >>
> >> I would of course want to use the manager application on 444 to manage
> >> the applications visible on 443.
> >>
> >> Is this possible?
> >>
> >>
> >> Richard
> >>
> >> -
>
>
> Hi Geraldo.
>
> How would that help?
>
> Can I have different virtual hosts in Apache get their content from
> different webapps in Tomcat?
>
> Richard
>
>
>
>
>
> -
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
>

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: help installing mod_jk on Centos 7 on a Google Cloud server

2018-11-25 Thread Lou Wallace

hey Greg,

No obvious errors in mod_jk log. Only has five lines

[Sun Nov 25 15:22:11.637 2018] [14159:139840145266816] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 15:22:11.657 2018] [14159:139840145266816] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 15:37:01.930 2018] [15407:140260327409792] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 15:37:01.951 2018] [15407:140260327409792] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 18:00:36.252 2018] [26421:139699565041792] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized
[Sun Nov 25 18:00:36.276 2018] [26421:139699565041792] [info]
init_jk::mod_jk.c (3591): mod_jk/1.2.46 initialized

error_log

[Sun Nov 25 18:00:36.250346 2018] [core:notice] [pid 26421] SELinux policy
enabled; httpd running as context system_u:system_r:httpd_t:s0
[Sun Nov 25 18:00:36.251392 2018] [suexec:notice] [pid 26421] AH01232:
suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Sun Nov 25 18:00:36.252380 2018] [jk:warn] [pid 26421] No JkLogFile
defined in httpd.conf. Using default /etc/httpd/logs/mod_jk.log
[Sun Nov 25 18:00:36.252466 2018] [jk:warn] [pid 26421] No JkShmFile
defined in httpd.conf. Using default /etc/httpd/logs/jk-runtime-status
[Sun Nov 25 18:00:36.273798 2018] [auth_digest:notice] [pid 26421] AH01757:
generating secret for digest authentication ...
[Sun Nov 25 18:00:36.275236 2018] [lbmethod_heartbeat:notice] [pid 26421]
AH02282: No slotmem from mod_heartmonitor
[Sun Nov 25 18:00:36.276120 2018] [jk:warn] [pid 26421] No JkLogFile
defined in httpd.conf. Using default /etc/httpd/logs/mod_jk.log
[Sun Nov 25 18:00:36.276179 2018] [jk:warn] [pid 26421] No JkShmFile
defined in httpd.conf. Using default /etc/httpd/logs/jk-runtime-status
[Sun Nov 25 18:00:36.280163 2018] [mpm_prefork:notice] [pid 26421] AH00163:
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_jk/1.2.46 configured --
resuming normal operations
[Sun Nov 25 18:00:36.280201 2018] [core:notice] [pid 26421] AH00094:
Command line: '/usr/sbin/httpd -D FOREGROUND'






On Sun, Nov 25, 2018 at 12:42 PM Greg Huber  wrote:

> OK, sorry, if you are remote then 8080 port may not be open.
>
> You need to check tomcat app actually shows the page correctly.
>
> If the page http://IP/index.jsp 
> just shows the jsp, have a look at the /var/log/httpd logs to see what its
> doing,
>
> eg access.log
> xxx.xxx.xxx.xxx.xxx - - [25/Nov/2018:07:28:08 +] "GET /index.jsp
> HTTP/1.1" 200 27080 "
>
> also look in the error.log for errors
>
> mod_jk.log
> [Sun Nov 25 07:27:10 2018][1452:140132954712192] [info] init_jk::mod_jk.c
> (3591): mod_jk/1.2.46 initialized
>
> You could try yum package links which is a command line browser.
>
> Name: links
> Arch: x86_64
> Epoch   : 1
> Version : 2.13
> Release : 1.el7
> Size: 2.8 M
> Repo: epel/x86_64
> Summary : Web browser running in both graphics and text mode
> URL : http://links.twibright.com/
> Licence : GPLv2+
> Description : Links is a web browser capable of running in either graphics
> or text mode.
> : It provides a pull-down menu system, renders complex pages,
> has partial HTML
> : 4.0 support (including tables, frames and support for
> multiple character sets
> : and UTF-8), supports color and monochrome terminals and
> allows horizontal
> : scrolling.
>
> On Sun, 25 Nov 2018 at 17:07, Lou Wallace  wrote:
>
> > How can I do that from the command line shell? I tried it from browser
> and
> > it timed out using http://IP:8080/index.jsp
> >
> >
> > On Sun, Nov 25, 2018 at 11:54 AM Greg Huber  wrote:
> >
> > > >>But my .jsp web page is still showing as plain text
> > >
> > > With tomcat running does it show correctly ie
> > > http://127.0.0.1:8080/../mypage.jsp
> > >
> > > then try http://127.0.0.1/../mypage.jsp
> > >
> > > ##
> > >
> > > tomcat server.xml using default port
> > >  > >connectionTimeout="2"
> > >redirectPort="8443" />
> > >
> > >
> > > On Sun, 25 Nov 2018 at 15:28, Lou Wallace 
> > wrote:
> > >
> > > > hmm this is weird
> > > >
> > > > After adding
> > > >
> > > > #Options Indexes FollowSymLinks
> > > > #No folders/files listed
> > > > Options -Indexes -FollowSymLinks
> > > >
> > > > I decided to allow httpd.conf to try and load mod_jk.so again so I
> > added
> > > > back LoadModule jk_module /etc/httpd/modules/mod_jk.so and restarted
> > > httpd
> > > >
> > > > then when I do apachectl -M I see as last entry in the list
> > > >
> > > > Loaded Modules:
> > > >  core_module (static)
> > > >  so_module (static)
> > > >  http_module (static)
> > > >  access_compat_module (shared)
> > > >  actions_module (shared)
> > > >  alias_module (shared)
> > > >  allowmethods_module (shared)
> > > >  auth_basic_module (shared)
> > > >  auth_digest_module (shared)
> > > >  authn_anon_module (shared)
> >

Re: help installing mod_jk on Centos 7 on a Google Cloud server

2018-11-25 Thread Greg Huber

OK, sorry, if you are remote then 8080 port may not be open.

You need to check tomcat app actually shows the page correctly.

If the page http://IP/index.jsp 
just shows the jsp, have a look at the /var/log/httpd logs to see what its
doing,

eg access.log
xxx.xxx.xxx.xxx.xxx - - [25/Nov/2018:07:28:08 +] "GET /index.jsp
HTTP/1.1" 200 27080 "

also look in the error.log for errors

mod_jk.log
[Sun Nov 25 07:27:10 2018][1452:140132954712192] [info] init_jk::mod_jk.c
(3591): mod_jk/1.2.46 initialized

You could try yum package links which is a command line browser.

Name: links
Arch: x86_64
Epoch   : 1
Version : 2.13
Release : 1.el7
Size: 2.8 M
Repo: epel/x86_64
Summary : Web browser running in both graphics and text mode
URL : http://links.twibright.com/
Licence : GPLv2+
Description : Links is a web browser capable of running in either graphics
or text mode.
: It provides a pull-down menu system, renders complex pages,
has partial HTML
: 4.0 support (including tables, frames and support for
multiple character sets
: and UTF-8), supports color and monochrome terminals and
allows horizontal
: scrolling.

On Sun, 25 Nov 2018 at 17:07, Lou Wallace  wrote:

> How can I do that from the command line shell? I tried it from browser and
> it timed out using http://IP:8080/index.jsp
>
>
> On Sun, Nov 25, 2018 at 11:54 AM Greg Huber  wrote:
>
> > >>But my .jsp web page is still showing as plain text
> >
> > With tomcat running does it show correctly ie
> > http://127.0.0.1:8080/../mypage.jsp
> >
> > then try http://127.0.0.1/../mypage.jsp
> >
> > ##
> >
> > tomcat server.xml using default port
> >  >connectionTimeout="2"
> >redirectPort="8443" />
> >
> >
> > On Sun, 25 Nov 2018 at 15:28, Lou Wallace 
> wrote:
> >
> > > hmm this is weird
> > >
> > > After adding
> > >
> > > #Options Indexes FollowSymLinks
> > > #No folders/files listed
> > > Options -Indexes -FollowSymLinks
> > >
> > > I decided to allow httpd.conf to try and load mod_jk.so again so I
> added
> > > back LoadModule jk_module /etc/httpd/modules/mod_jk.so and restarted
> > httpd
> > >
> > > then when I do apachectl -M I see as last entry in the list
> > >
> > > Loaded Modules:
> > >  core_module (static)
> > >  so_module (static)
> > >  http_module (static)
> > >  access_compat_module (shared)
> > >  actions_module (shared)
> > >  alias_module (shared)
> > >  allowmethods_module (shared)
> > >  auth_basic_module (shared)
> > >  auth_digest_module (shared)
> > >  authn_anon_module (shared)
> > >  authn_core_module (shared)
> > >  authn_dbd_module (shared)
> > >  authn_dbm_module (shared)
> > >  authn_file_module (shared)
> > >  authn_socache_module (shared)
> > >  authz_core_module (shared)
> > >  authz_dbd_module (shared)
> > >  authz_dbm_module (shared)
> > >  authz_groupfile_module (shared)
> > >  authz_host_module (shared)
> > >  authz_owner_module (shared)
> > >  authz_user_module (shared)
> > >  autoindex_module (shared)
> > >  cache_module (shared)
> > >  cache_disk_module (shared)
> > >  data_module (shared)
> > >  dbd_module (shared)
> > >  deflate_module (shared)
> > >  dir_module (shared)
> > >  dumpio_module (shared)
> > >  echo_module (shared)
> > >  env_module (shared)
> > >  expires_module (shared)
> > >  ext_filter_module (shared)
> > >  filter_module (shared)
> > >  headers_module (shared)
> > >  include_module (shared)
> > >  info_module (shared)
> > >  log_config_module (shared)
> > >  logio_module (shared)
> > >  mime_magic_module (shared)
> > >  mime_module (shared)
> > >  negotiation_module (shared)
> > >  remoteip_module (shared)
> > >  reqtimeout_module (shared)
> > >  rewrite_module (shared)
> > >  setenvif_module (shared)
> > >  slotmem_plain_module (shared)
> > >  slotmem_shm_module (shared)
> > >  socache_dbm_module (shared)
> > >  socache_memcache_module (shared)
> > >  socache_shmcb_module (shared)
> > >  status_module (shared)
> > >  substitute_module (shared)
> > >  suexec_module (shared)
> > >  unique_id_module (shared)
> > >  unixd_module (shared)
> > >  userdir_module (shared)
> > >  version_module (shared)
> > >  vhost_alias_module (shared)
> > >  dav_module (shared)
> > >  dav_fs_module (shared)
> > >  dav_lock_module (shared)
> > >  lua_module (shared)
> > >  mpm_prefork_module (shared)
> > >  proxy_module (shared)
> > >  lbmethod_bybusyness_module (shared)
> > >  lbmethod_byrequests_module (shared)
> > >  lbmethod_bytraffic_module (shared)
> > >  lbmethod_heartbeat_module (shared)
> > >  proxy_ajp_module (shared)
> > >  proxy_balancer_module (shared)
> > > proxy_connect_module (shared)
> > >  proxy_express_module (shared)
> > >  proxy_fcgi_module (shared)
> > >  proxy_fdpass_module (shared)
> > >  proxy_ftp_module (shared)
> > >  proxy_http_module (shared)
> > >  proxy_scgi_module (shared)
> > >  proxy_wstunnel_module (shared)
> > >

Re: help installing mod_jk on Centos 7 on a Google Cloud server

2018-11-25 Thread Greg Huber

>Question 1: Are 10-my.conf and my.conf supposed to automatically be used by
>the system if they are in conf directory or do they need to be called from
>somewhere like httpd.conf?

Looking at httpd.conf
...
#
# Dynamic Shared Object (DSO) Support
#
Include conf.modules.d/*.conf
...
# Supplemental configuration
#
# Load config files in the "/etc/httpd/conf.d" directory, if any.
IncludeOptional conf.d/*.conf
...

Does all the loading, from conf.modules.d and conf.dfolders.  So don't need
to do anything extra.

If you are running standard centos 7 there are should be no modules loaded
in httpd.conf?
rpm -q httpd
httpd-2.4.6-80.el7.centos.1.x86_64

>Question 2: Is there some other config file I need to edit to
>allow LoadModule jk_module /etc/httpd/modules/mod_jk.so to work when
>loaded?
>Because if I just add
>LoadModule jk_module /etc/httpd/modules/mod_jk.so
>to httpd I get the Apache shared memory error when I systemctl restart
>httpd and Apache fails to load

Maybe the shared memory error is because its loading in the incorrect
order?  If you just add the LoadModule to the end of httpd.conf it will be
in the wrong place.  Place it just after

Include conf.modules.d/*.conf

and see if it works.  But its best to use the /etc/httpd/conf.modules.d
folder!!





On Sun, 25 Nov 2018 at 15:28, Lou Wallace  wrote:

> It's there in  /etc/httpd/modules
> its file size is 1556784
>
> ls -l /etc/httpd/modules/mod_jk.so  shows
> -rwxr-xr-x. 1 root root 1556784
>
> apachectl -M  shows no mod_jk.so loaded
>
> Question 1: Are 10-my.conf and my.conf supposed to automatically be used by
> the system if they are in conf directory or do they need to be called from
> somewhere like httpd.conf? Because if I just add
> LoadModule jk_module /etc/httpd/modules/mod_jk.so
> to httpd I get the Apache shared memory error when I systemctl restart
> httpd and Apache fails to load
>
> Question 2: Is there some other config file I need to edit to
> allow LoadModule jk_module /etc/httpd/modules/mod_jk.so to work when
> loaded?
>
> And I just added
>
> #Options Indexes FollowSymLinks
> #No folders/files listed
> Options -Indexes -FollowSymLinks
>
> to httpd.conf
>
> Thanks for the continued help!!
>
>  Lou
>
>
> On Sun, Nov 25, 2018 at 5:28 AM Greg Huber  wrote:
>
> > There's the problem, make sure you have copied mod_jk.so to
> > /etc/httpd/modules/mod_jk.so
> >
> > My file size 1,556,816 bytes permission owner root and execute
> >
> > ls -l /etc/httpd/modules/mod_jk.so
> > -rwxrwxr-x 1 root root
> >
> > also check the x executable
> >
> > And apachectl -M (sorry not -S)
> > ...
> > jk_module (shared)
> > ...
> >
> > 10-my.conf and my.conf are preferred as when yum updates httpd it also
> > updates /etc/httpd/conf/httpd.conf.  If you change httpd.conf you then
> have
> > to merge the httpd.conf.rpmnew as it won't overwrite config.
> >
> > The only change I make in httpd.conf is to make sure there is no browsing
> >
> > #Options Indexes FollowSymLinks
> > #No folders/files listed
> > Options -Indexes -FollowSymLinks
> >
> >  Cheers Greg
> >
> >
> >
> > On Sat, 24 Nov 2018 at 22:02, Lou Wallace 
> wrote:
> >
> > > Here is what I see
> > >
> > > Loaded Modules:
> > >  core_module (static)
> > >  so_module (static)
> > >  http_module (static)
> > >  access_compat_module (shared)
> > >  actions_module (shared)
> > >  alias_module (shared)
> > >  allowmethods_module (shared)
> > >  auth_basic_module (shared)
> > >  auth_digest_module (shared)
> > >  authn_anon_module (shared)
> > >  authn_core_module (shared)
> > >  authn_dbd_module (shared)
> > >  authn_dbm_module (shared)
> > >  authn_file_module (shared)
> > >  authn_socache_module (shared)
> > >  authz_core_module (shared)
> > >  authz_dbd_module (shared)
> > >  authz_dbm_module (shared)
> > >  authz_groupfile_module (shared)
> > >  authz_host_module (shared)
> > >  authz_owner_module (shared)
> > >  authz_user_module (shared)
> > >  autoindex_module (shared)
> > >  cache_module (shared)
> > >  cache_disk_module (shared)
> > >  data_module (shared)
> > >  dbd_module (shared)
> > >  deflate_module (shared)
> > >  dir_module (shared)
> > >  dumpio_module (shared)
> > >  echo_module (shared)
> > >  env_module (shared)
> > >  expires_module (shared)
> > >  ext_filter_module (shared)
> > >  filter_module (shared)
> > >  headers_module (shared)
> > >  include_module (shared)
> > >  info_module (shared)
> > >  log_config_module (shared)
> > >  logio_module (shared)
> > >  mime_magic_module (shared)
> > >  mime_module (shared)
> > >  negotiation_module (shared)
> > >  remoteip_module (shared)
> > >  reqtimeout_module (shared)
> > >  rewrite_module (shared)
> > >  setenvif_module (shared)
> > >  slotmem_plain_module (shared)
> > >  slotmem_shm_module (shared)
> > >  socache_dbm_module (shared)
> > >  socache_memcache_module (shared)
> > >  socache_shmcb_module (shared)
> > >  status_module (shared)
> > >  substitute_module (shared)
> > > suexec_module (shared)
> > >  unique_id_module (shared)
> > >

Re: help installing mod_jk on Centos 7 on a Google Cloud server

2018-11-25 Thread Lou Wallace

How can I do that from the command line shell? I tried it from browser and
it timed out using http://IP:8080/index.jsp


On Sun, Nov 25, 2018 at 11:54 AM Greg Huber  wrote:

> >>But my .jsp web page is still showing as plain text
>
> With tomcat running does it show correctly ie
> http://127.0.0.1:8080/../mypage.jsp
>
> then try http://127.0.0.1/../mypage.jsp
>
> ##
>
> tomcat server.xml using default port
> connectionTimeout="2"
>redirectPort="8443" />
>
>
> On Sun, 25 Nov 2018 at 15:28, Lou Wallace  wrote:
>
> > hmm this is weird
> >
> > After adding
> >
> > #Options Indexes FollowSymLinks
> > #No folders/files listed
> > Options -Indexes -FollowSymLinks
> >
> > I decided to allow httpd.conf to try and load mod_jk.so again so I added
> > back LoadModule jk_module /etc/httpd/modules/mod_jk.so and restarted
> httpd
> >
> > then when I do apachectl -M I see as last entry in the list
> >
> > Loaded Modules:
> >  core_module (static)
> >  so_module (static)
> >  http_module (static)
> >  access_compat_module (shared)
> >  actions_module (shared)
> >  alias_module (shared)
> >  allowmethods_module (shared)
> >  auth_basic_module (shared)
> >  auth_digest_module (shared)
> >  authn_anon_module (shared)
> >  authn_core_module (shared)
> >  authn_dbd_module (shared)
> >  authn_dbm_module (shared)
> >  authn_file_module (shared)
> >  authn_socache_module (shared)
> >  authz_core_module (shared)
> >  authz_dbd_module (shared)
> >  authz_dbm_module (shared)
> >  authz_groupfile_module (shared)
> >  authz_host_module (shared)
> >  authz_owner_module (shared)
> >  authz_user_module (shared)
> >  autoindex_module (shared)
> >  cache_module (shared)
> >  cache_disk_module (shared)
> >  data_module (shared)
> >  dbd_module (shared)
> >  deflate_module (shared)
> >  dir_module (shared)
> >  dumpio_module (shared)
> >  echo_module (shared)
> >  env_module (shared)
> >  expires_module (shared)
> >  ext_filter_module (shared)
> >  filter_module (shared)
> >  headers_module (shared)
> >  include_module (shared)
> >  info_module (shared)
> >  log_config_module (shared)
> >  logio_module (shared)
> >  mime_magic_module (shared)
> >  mime_module (shared)
> >  negotiation_module (shared)
> >  remoteip_module (shared)
> >  reqtimeout_module (shared)
> >  rewrite_module (shared)
> >  setenvif_module (shared)
> >  slotmem_plain_module (shared)
> >  slotmem_shm_module (shared)
> >  socache_dbm_module (shared)
> >  socache_memcache_module (shared)
> >  socache_shmcb_module (shared)
> >  status_module (shared)
> >  substitute_module (shared)
> >  suexec_module (shared)
> >  unique_id_module (shared)
> >  unixd_module (shared)
> >  userdir_module (shared)
> >  version_module (shared)
> >  vhost_alias_module (shared)
> >  dav_module (shared)
> >  dav_fs_module (shared)
> >  dav_lock_module (shared)
> >  lua_module (shared)
> >  mpm_prefork_module (shared)
> >  proxy_module (shared)
> >  lbmethod_bybusyness_module (shared)
> >  lbmethod_byrequests_module (shared)
> >  lbmethod_bytraffic_module (shared)
> >  lbmethod_heartbeat_module (shared)
> >  proxy_ajp_module (shared)
> >  proxy_balancer_module (shared)
> > proxy_connect_module (shared)
> >  proxy_express_module (shared)
> >  proxy_fcgi_module (shared)
> >  proxy_fdpass_module (shared)
> >  proxy_ftp_module (shared)
> >  proxy_http_module (shared)
> >  proxy_scgi_module (shared)
> >  proxy_wstunnel_module (shared)
> >  ssl_module (shared)
> >  systemd_module (shared)
> >  cgi_module (shared)
> >  jk_module (shared)
> >
> > So it says mod_jk is loaded
> >
> > But my .jsp web page is still showing as plain text
> >
> >
> >
> >
> > On Sun, Nov 25, 2018 at 5:28 AM Greg Huber  wrote:
> >
> > > There's the problem, make sure you have copied mod_jk.so to
> > > /etc/httpd/modules/mod_jk.so
> > >
> > > My file size 1,556,816 bytes permission owner root and execute
> > >
> > > ls -l /etc/httpd/modules/mod_jk.so
> > > -rwxrwxr-x 1 root root
> > >
> > > also check the x executable
> > >
> > > And apachectl -M (sorry not -S)
> > > ...
> > > jk_module (shared)
> > > ...
> > >
> > > 10-my.conf and my.conf are preferred as when yum updates httpd it also
> > > updates /etc/httpd/conf/httpd.conf.  If you change httpd.conf you then
> > have
> > > to merge the httpd.conf.rpmnew as it won't overwrite config.
> > >
> > > The only change I make in httpd.conf is to make sure there is no
> browsing
> > >
> > > #Options Indexes FollowSymLinks
> > > #No folders/files listed
> > > Options -Indexes -FollowSymLinks
> > >
> > >  Cheers Greg
> > >
> > >
> > >
> > > On Sat, 24 Nov 2018 at 22:02, Lou Wallace 
> > wrote:
> > >
> > > > Here is what I see
> > > >
> > > > Loaded Modules:
> > > >  core_module (static)
> > > >  so_module (static)
> > > >  http_module (static)
> > > >  access_compat_module (shared)
> > > >  actions_module (shared)
> > > >  alias_module (shared)
> > > >  allowmethods_module (shared)
> > > >  auth_basic_module (shared)
> > > >  auth_digest_module

Re: help installing mod_jk on Centos 7 on a Google Cloud server

2018-11-25 Thread Greg Huber

>>But my .jsp web page is still showing as plain text

With tomcat running does it show correctly ie
http://127.0.0.1:8080/../mypage.jsp

then try http://127.0.0.1/../mypage.jsp

##

tomcat server.xml using default port



On Sun, 25 Nov 2018 at 15:28, Lou Wallace  wrote:

> hmm this is weird
>
> After adding
>
> #Options Indexes FollowSymLinks
> #No folders/files listed
> Options -Indexes -FollowSymLinks
>
> I decided to allow httpd.conf to try and load mod_jk.so again so I added
> back LoadModule jk_module /etc/httpd/modules/mod_jk.so and restarted httpd
>
> then when I do apachectl -M I see as last entry in the list
>
> Loaded Modules:
>  core_module (static)
>  so_module (static)
>  http_module (static)
>  access_compat_module (shared)
>  actions_module (shared)
>  alias_module (shared)
>  allowmethods_module (shared)
>  auth_basic_module (shared)
>  auth_digest_module (shared)
>  authn_anon_module (shared)
>  authn_core_module (shared)
>  authn_dbd_module (shared)
>  authn_dbm_module (shared)
>  authn_file_module (shared)
>  authn_socache_module (shared)
>  authz_core_module (shared)
>  authz_dbd_module (shared)
>  authz_dbm_module (shared)
>  authz_groupfile_module (shared)
>  authz_host_module (shared)
>  authz_owner_module (shared)
>  authz_user_module (shared)
>  autoindex_module (shared)
>  cache_module (shared)
>  cache_disk_module (shared)
>  data_module (shared)
>  dbd_module (shared)
>  deflate_module (shared)
>  dir_module (shared)
>  dumpio_module (shared)
>  echo_module (shared)
>  env_module (shared)
>  expires_module (shared)
>  ext_filter_module (shared)
>  filter_module (shared)
>  headers_module (shared)
>  include_module (shared)
>  info_module (shared)
>  log_config_module (shared)
>  logio_module (shared)
>  mime_magic_module (shared)
>  mime_module (shared)
>  negotiation_module (shared)
>  remoteip_module (shared)
>  reqtimeout_module (shared)
>  rewrite_module (shared)
>  setenvif_module (shared)
>  slotmem_plain_module (shared)
>  slotmem_shm_module (shared)
>  socache_dbm_module (shared)
>  socache_memcache_module (shared)
>  socache_shmcb_module (shared)
>  status_module (shared)
>  substitute_module (shared)
>  suexec_module (shared)
>  unique_id_module (shared)
>  unixd_module (shared)
>  userdir_module (shared)
>  version_module (shared)
>  vhost_alias_module (shared)
>  dav_module (shared)
>  dav_fs_module (shared)
>  dav_lock_module (shared)
>  lua_module (shared)
>  mpm_prefork_module (shared)
>  proxy_module (shared)
>  lbmethod_bybusyness_module (shared)
>  lbmethod_byrequests_module (shared)
>  lbmethod_bytraffic_module (shared)
>  lbmethod_heartbeat_module (shared)
>  proxy_ajp_module (shared)
>  proxy_balancer_module (shared)
> proxy_connect_module (shared)
>  proxy_express_module (shared)
>  proxy_fcgi_module (shared)
>  proxy_fdpass_module (shared)
>  proxy_ftp_module (shared)
>  proxy_http_module (shared)
>  proxy_scgi_module (shared)
>  proxy_wstunnel_module (shared)
>  ssl_module (shared)
>  systemd_module (shared)
>  cgi_module (shared)
>  jk_module (shared)
>
> So it says mod_jk is loaded
>
> But my .jsp web page is still showing as plain text
>
>
>
>
> On Sun, Nov 25, 2018 at 5:28 AM Greg Huber  wrote:
>
> > There's the problem, make sure you have copied mod_jk.so to
> > /etc/httpd/modules/mod_jk.so
> >
> > My file size 1,556,816 bytes permission owner root and execute
> >
> > ls -l /etc/httpd/modules/mod_jk.so
> > -rwxrwxr-x 1 root root
> >
> > also check the x executable
> >
> > And apachectl -M (sorry not -S)
> > ...
> > jk_module (shared)
> > ...
> >
> > 10-my.conf and my.conf are preferred as when yum updates httpd it also
> > updates /etc/httpd/conf/httpd.conf.  If you change httpd.conf you then
> have
> > to merge the httpd.conf.rpmnew as it won't overwrite config.
> >
> > The only change I make in httpd.conf is to make sure there is no browsing
> >
> > #Options Indexes FollowSymLinks
> > #No folders/files listed
> > Options -Indexes -FollowSymLinks
> >
> >  Cheers Greg
> >
> >
> >
> > On Sat, 24 Nov 2018 at 22:02, Lou Wallace 
> wrote:
> >
> > > Here is what I see
> > >
> > > Loaded Modules:
> > >  core_module (static)
> > >  so_module (static)
> > >  http_module (static)
> > >  access_compat_module (shared)
> > >  actions_module (shared)
> > >  alias_module (shared)
> > >  allowmethods_module (shared)
> > >  auth_basic_module (shared)
> > >  auth_digest_module (shared)
> > >  authn_anon_module (shared)
> > >  authn_core_module (shared)
> > >  authn_dbd_module (shared)
> > >  authn_dbm_module (shared)
> > >  authn_file_module (shared)
> > >  authn_socache_module (shared)
> > >  authz_core_module (shared)
> > >  authz_dbd_module (shared)
> > >  authz_dbm_module (shared)
> > >  authz_groupfile_module (shared)
> > >  authz_host_module (shared)
> > >  authz_owner_module (shared)
> > >  authz_user_module (shared)
> > >  autoindex_module (shared)
> > >  cache_module (shared)
> > >  cache_disk_module (shared)
> > >  data_module (shared)
> > >

Re: help installing mod_jk on Centos 7 on a Google Cloud server

2018-11-25 Thread Lou Wallace

It's there in  /etc/httpd/modules
its file size is 1556784

ls -l /etc/httpd/modules/mod_jk.so  shows
-rwxr-xr-x. 1 root root 1556784

apachectl -M  shows no mod_jk.so loaded

Question 1: Are 10-my.conf and my.conf supposed to automatically be used by
the system if they are in conf directory or do they need to be called from
somewhere like httpd.conf? Because if I just add
LoadModule jk_module /etc/httpd/modules/mod_jk.so
to httpd I get the Apache shared memory error when I systemctl restart
httpd and Apache fails to load

Question 2: Is there some other config file I need to edit to
allow LoadModule jk_module /etc/httpd/modules/mod_jk.so to work when
loaded?

And I just added

#Options Indexes FollowSymLinks
#No folders/files listed
Options -Indexes -FollowSymLinks

to httpd.conf

Thanks for the continued help!!

 Lou


On Sun, Nov 25, 2018 at 5:28 AM Greg Huber  wrote:

> There's the problem, make sure you have copied mod_jk.so to
> /etc/httpd/modules/mod_jk.so
>
> My file size 1,556,816 bytes permission owner root and execute
>
> ls -l /etc/httpd/modules/mod_jk.so
> -rwxrwxr-x 1 root root
>
> also check the x executable
>
> And apachectl -M (sorry not -S)
> ...
> jk_module (shared)
> ...
>
> 10-my.conf and my.conf are preferred as when yum updates httpd it also
> updates /etc/httpd/conf/httpd.conf.  If you change httpd.conf you then have
> to merge the httpd.conf.rpmnew as it won't overwrite config.
>
> The only change I make in httpd.conf is to make sure there is no browsing
>
> #Options Indexes FollowSymLinks
> #No folders/files listed
> Options -Indexes -FollowSymLinks
>
>  Cheers Greg
>
>
>
> On Sat, 24 Nov 2018 at 22:02, Lou Wallace  wrote:
>
> > Here is what I see
> >
> > Loaded Modules:
> >  core_module (static)
> >  so_module (static)
> >  http_module (static)
> >  access_compat_module (shared)
> >  actions_module (shared)
> >  alias_module (shared)
> >  allowmethods_module (shared)
> >  auth_basic_module (shared)
> >  auth_digest_module (shared)
> >  authn_anon_module (shared)
> >  authn_core_module (shared)
> >  authn_dbd_module (shared)
> >  authn_dbm_module (shared)
> >  authn_file_module (shared)
> >  authn_socache_module (shared)
> >  authz_core_module (shared)
> >  authz_dbd_module (shared)
> >  authz_dbm_module (shared)
> >  authz_groupfile_module (shared)
> >  authz_host_module (shared)
> >  authz_owner_module (shared)
> >  authz_user_module (shared)
> >  autoindex_module (shared)
> >  cache_module (shared)
> >  cache_disk_module (shared)
> >  data_module (shared)
> >  dbd_module (shared)
> >  deflate_module (shared)
> >  dir_module (shared)
> >  dumpio_module (shared)
> >  echo_module (shared)
> >  env_module (shared)
> >  expires_module (shared)
> >  ext_filter_module (shared)
> >  filter_module (shared)
> >  headers_module (shared)
> >  include_module (shared)
> >  info_module (shared)
> >  log_config_module (shared)
> >  logio_module (shared)
> >  mime_magic_module (shared)
> >  mime_module (shared)
> >  negotiation_module (shared)
> >  remoteip_module (shared)
> >  reqtimeout_module (shared)
> >  rewrite_module (shared)
> >  setenvif_module (shared)
> >  slotmem_plain_module (shared)
> >  slotmem_shm_module (shared)
> >  socache_dbm_module (shared)
> >  socache_memcache_module (shared)
> >  socache_shmcb_module (shared)
> >  status_module (shared)
> >  substitute_module (shared)
> > suexec_module (shared)
> >  unique_id_module (shared)
> >  unixd_module (shared)
> >  userdir_module (shared)
> >  version_module (shared)
> >  vhost_alias_module (shared)
> >  dav_module (shared)
> >  dav_fs_module (shared)
> >  dav_lock_module (shared)
> >  lua_module (shared)
> >  mpm_prefork_module (shared)
> >  proxy_module (shared)
> >  lbmethod_bybusyness_module (shared)
> >  lbmethod_byrequests_module (shared)
> >  lbmethod_bytraffic_module (shared)
> >  lbmethod_heartbeat_module (shared)
> >  proxy_ajp_module (shared)
> >  proxy_balancer_module (shared)
> >  proxy_connect_module (shared)
> >  proxy_express_module (shared)
> >  proxy_fcgi_module (shared)
> >  proxy_fdpass_module (shared)
> >  proxy_ftp_module (shared)
> >  proxy_http_module (shared)
> >  proxy_scgi_module (shared)
> >  proxy_wstunnel_module (shared)
> >  ssl_module (shared)
> >  systemd_module (shared)
> >  cgi_module (shared)
> >
> > No mod_jk
> >
> > On Sat, Nov 24, 2018 at 4:23 PM Christopher Schultz <
> > ch...@christopherschultz.net> wrote:
> >
> > > -BEGIN PGP SIGNED MESSAGE-
> > > Hash: SHA256
> > >
> > > Lou,
> > >
> > > On 11/24/18 12:19, Lou Wallace wrote:
> > > > Hi Greg,
> > > >
> > > > I did this and restarted HTTPD. No error but no change.
> > > >
> > > > Not sure how 10-my.conf and my.conf are called, but I did create
> > > > them as described.
> > > >
> > > > Also when I checked configtest
> > > >
> > > > [root@server2 conf]# apachectl configtest Syntax OK
> > > >
> > > > and apachectl -S
> > > >
> > > > [root@server2 conf]# apachectl -S VirtualHost configuration: *:443
> > > >

Re: help installing mod_jk on Centos 7 on a Google Cloud server

2018-11-25 Thread Lou Wallace

hmm this is weird

After adding

#Options Indexes FollowSymLinks
#No folders/files listed
Options -Indexes -FollowSymLinks

I decided to allow httpd.conf to try and load mod_jk.so again so I added
back LoadModule jk_module /etc/httpd/modules/mod_jk.so and restarted httpd

then when I do apachectl -M I see as last entry in the list

Loaded Modules:
 core_module (static)
 so_module (static)
 http_module (static)
 access_compat_module (shared)
 actions_module (shared)
 alias_module (shared)
 allowmethods_module (shared)
 auth_basic_module (shared)
 auth_digest_module (shared)
 authn_anon_module (shared)
 authn_core_module (shared)
 authn_dbd_module (shared)
 authn_dbm_module (shared)
 authn_file_module (shared)
 authn_socache_module (shared)
 authz_core_module (shared)
 authz_dbd_module (shared)
 authz_dbm_module (shared)
 authz_groupfile_module (shared)
 authz_host_module (shared)
 authz_owner_module (shared)
 authz_user_module (shared)
 autoindex_module (shared)
 cache_module (shared)
 cache_disk_module (shared)
 data_module (shared)
 dbd_module (shared)
 deflate_module (shared)
 dir_module (shared)
 dumpio_module (shared)
 echo_module (shared)
 env_module (shared)
 expires_module (shared)
 ext_filter_module (shared)
 filter_module (shared)
 headers_module (shared)
 include_module (shared)
 info_module (shared)
 log_config_module (shared)
 logio_module (shared)
 mime_magic_module (shared)
 mime_module (shared)
 negotiation_module (shared)
 remoteip_module (shared)
 reqtimeout_module (shared)
 rewrite_module (shared)
 setenvif_module (shared)
 slotmem_plain_module (shared)
 slotmem_shm_module (shared)
 socache_dbm_module (shared)
 socache_memcache_module (shared)
 socache_shmcb_module (shared)
 status_module (shared)
 substitute_module (shared)
 suexec_module (shared)
 unique_id_module (shared)
 unixd_module (shared)
 userdir_module (shared)
 version_module (shared)
 vhost_alias_module (shared)
 dav_module (shared)
 dav_fs_module (shared)
 dav_lock_module (shared)
 lua_module (shared)
 mpm_prefork_module (shared)
 proxy_module (shared)
 lbmethod_bybusyness_module (shared)
 lbmethod_byrequests_module (shared)
 lbmethod_bytraffic_module (shared)
 lbmethod_heartbeat_module (shared)
 proxy_ajp_module (shared)
 proxy_balancer_module (shared)
proxy_connect_module (shared)
 proxy_express_module (shared)
 proxy_fcgi_module (shared)
 proxy_fdpass_module (shared)
 proxy_ftp_module (shared)
 proxy_http_module (shared)
 proxy_scgi_module (shared)
 proxy_wstunnel_module (shared)
 ssl_module (shared)
 systemd_module (shared)
 cgi_module (shared)
 jk_module (shared)

So it says mod_jk is loaded

But my .jsp web page is still showing as plain text




On Sun, Nov 25, 2018 at 5:28 AM Greg Huber  wrote:

> There's the problem, make sure you have copied mod_jk.so to
> /etc/httpd/modules/mod_jk.so
>
> My file size 1,556,816 bytes permission owner root and execute
>
> ls -l /etc/httpd/modules/mod_jk.so
> -rwxrwxr-x 1 root root
>
> also check the x executable
>
> And apachectl -M (sorry not -S)
> ...
> jk_module (shared)
> ...
>
> 10-my.conf and my.conf are preferred as when yum updates httpd it also
> updates /etc/httpd/conf/httpd.conf.  If you change httpd.conf you then have
> to merge the httpd.conf.rpmnew as it won't overwrite config.
>
> The only change I make in httpd.conf is to make sure there is no browsing
>
> #Options Indexes FollowSymLinks
> #No folders/files listed
> Options -Indexes -FollowSymLinks
>
>  Cheers Greg
>
>
>
> On Sat, 24 Nov 2018 at 22:02, Lou Wallace  wrote:
>
> > Here is what I see
> >
> > Loaded Modules:
> >  core_module (static)
> >  so_module (static)
> >  http_module (static)
> >  access_compat_module (shared)
> >  actions_module (shared)
> >  alias_module (shared)
> >  allowmethods_module (shared)
> >  auth_basic_module (shared)
> >  auth_digest_module (shared)
> >  authn_anon_module (shared)
> >  authn_core_module (shared)
> >  authn_dbd_module (shared)
> >  authn_dbm_module (shared)
> >  authn_file_module (shared)
> >  authn_socache_module (shared)
> >  authz_core_module (shared)
> >  authz_dbd_module (shared)
> >  authz_dbm_module (shared)
> >  authz_groupfile_module (shared)
> >  authz_host_module (shared)
> >  authz_owner_module (shared)
> >  authz_user_module (shared)
> >  autoindex_module (shared)
> >  cache_module (shared)
> >  cache_disk_module (shared)
> >  data_module (shared)
> >  dbd_module (shared)
> >  deflate_module (shared)
> >  dir_module (shared)
> >  dumpio_module (shared)
> >  echo_module (shared)
> >  env_module (shared)
> >  expires_module (shared)
> >  ext_filter_module (shared)
> >  filter_module (shared)
> >  headers_module (shared)
> >  include_module (shared)
> >  info_module (shared)
> >  log_config_module (shared)
> >  logio_module (shared)
> >  mime_magic_module (shared)
> >  mime_module (shared)
> >  negotiation_module (shared)
> >  remoteip_module (shared)
> >  reqtimeout_module (shared)
> >  rewrite_module (shared)
> >  setenvif_module (shared)
> >

Re: help installing mod_jk on Centos 7 on a Google Cloud server

2018-11-25 Thread Greg Huber

There's the problem, make sure you have copied mod_jk.so to
/etc/httpd/modules/mod_jk.so

My file size 1,556,816 bytes permission owner root and execute

ls -l /etc/httpd/modules/mod_jk.so
-rwxrwxr-x 1 root root

also check the x executable

And apachectl -M (sorry not -S)
...
jk_module (shared)
...

10-my.conf and my.conf are preferred as when yum updates httpd it also
updates /etc/httpd/conf/httpd.conf.  If you change httpd.conf you then have
to merge the httpd.conf.rpmnew as it won't overwrite config.

The only change I make in httpd.conf is to make sure there is no browsing

#Options Indexes FollowSymLinks
#No folders/files listed
Options -Indexes -FollowSymLinks

 Cheers Greg



On Sat, 24 Nov 2018 at 22:02, Lou Wallace  wrote:

> Here is what I see
>
> Loaded Modules:
>  core_module (static)
>  so_module (static)
>  http_module (static)
>  access_compat_module (shared)
>  actions_module (shared)
>  alias_module (shared)
>  allowmethods_module (shared)
>  auth_basic_module (shared)
>  auth_digest_module (shared)
>  authn_anon_module (shared)
>  authn_core_module (shared)
>  authn_dbd_module (shared)
>  authn_dbm_module (shared)
>  authn_file_module (shared)
>  authn_socache_module (shared)
>  authz_core_module (shared)
>  authz_dbd_module (shared)
>  authz_dbm_module (shared)
>  authz_groupfile_module (shared)
>  authz_host_module (shared)
>  authz_owner_module (shared)
>  authz_user_module (shared)
>  autoindex_module (shared)
>  cache_module (shared)
>  cache_disk_module (shared)
>  data_module (shared)
>  dbd_module (shared)
>  deflate_module (shared)
>  dir_module (shared)
>  dumpio_module (shared)
>  echo_module (shared)
>  env_module (shared)
>  expires_module (shared)
>  ext_filter_module (shared)
>  filter_module (shared)
>  headers_module (shared)
>  include_module (shared)
>  info_module (shared)
>  log_config_module (shared)
>  logio_module (shared)
>  mime_magic_module (shared)
>  mime_module (shared)
>  negotiation_module (shared)
>  remoteip_module (shared)
>  reqtimeout_module (shared)
>  rewrite_module (shared)
>  setenvif_module (shared)
>  slotmem_plain_module (shared)
>  slotmem_shm_module (shared)
>  socache_dbm_module (shared)
>  socache_memcache_module (shared)
>  socache_shmcb_module (shared)
>  status_module (shared)
>  substitute_module (shared)
> suexec_module (shared)
>  unique_id_module (shared)
>  unixd_module (shared)
>  userdir_module (shared)
>  version_module (shared)
>  vhost_alias_module (shared)
>  dav_module (shared)
>  dav_fs_module (shared)
>  dav_lock_module (shared)
>  lua_module (shared)
>  mpm_prefork_module (shared)
>  proxy_module (shared)
>  lbmethod_bybusyness_module (shared)
>  lbmethod_byrequests_module (shared)
>  lbmethod_bytraffic_module (shared)
>  lbmethod_heartbeat_module (shared)
>  proxy_ajp_module (shared)
>  proxy_balancer_module (shared)
>  proxy_connect_module (shared)
>  proxy_express_module (shared)
>  proxy_fcgi_module (shared)
>  proxy_fdpass_module (shared)
>  proxy_ftp_module (shared)
>  proxy_http_module (shared)
>  proxy_scgi_module (shared)
>  proxy_wstunnel_module (shared)
>  ssl_module (shared)
>  systemd_module (shared)
>  cgi_module (shared)
>
> No mod_jk
>
> On Sat, Nov 24, 2018 at 4:23 PM Christopher Schultz <
> ch...@christopherschultz.net> wrote:
>
> > -BEGIN PGP SIGNED MESSAGE-
> > Hash: SHA256
> >
> > Lou,
> >
> > On 11/24/18 12:19, Lou Wallace wrote:
> > > Hi Greg,
> > >
> > > I did this and restarted HTTPD. No error but no change.
> > >
> > > Not sure how 10-my.conf and my.conf are called, but I did create
> > > them as described.
> > >
> > > Also when I checked configtest
> > >
> > > [root@server2 conf]# apachectl configtest Syntax OK
> > >
> > > and apachectl -S
> > >
> > > [root@server2 conf]# apachectl -S VirtualHost configuration: *:443
> > > server2.us-west2-a.c.helpful-kingdom-220815.internal
> > > (/etc/httpd/conf.d/ssl.conf:56) ServerRoot: "/etc/httpd" Main
> > > DocumentRoot: "/var/www/html" Main ErrorLog:
> > > "/etc/httpd/logs/error_log" Mutex mpm-accept: using_defaults Mutex
> > > authdigest-opaque: using_defaults Mutex proxy-balancer-shm:
> > > using_defaults Mutex rewrite-map: using_defaults Mutex
> > > authdigest-client: using_defaults Mutex ssl-stapling:
> > > using_defaults Mutex proxy: using_defaults Mutex authn-socache:
> > > using_defaults Mutex ssl-cache: using_defaults Mutex default:
> > > dir="/run/httpd/" mechanism=default PidFile:
> > > "/run/httpd/httpd.pid" Define: _RH_HAS_HTTPPROTOCOLOPTIONS Define:
> > > DUMP_VHOSTS Define: DUMP_RUN_CFG User: name="apache" id=48 Group:
> > > name="apache" id=48
> > >
> > > Looking forward to your thoughts.
> >
> > Try:
> >
> > $ apachectl -M
> >
> > I get something like this:
> >
> > Loaded Modules:
> >  core_module (static)
> >  log_config_module (static)
> >  logio_module (static)
> >  version_module (static)
> >  mpm_prefork_module (static)
> >  http_module (static)
> >  so_module (static)
> >  alias_module (shared)
> >  auth_basic_module

Re: One tomcat server with different webapps on different ports?

2018-11-25 Thread richard


On 2018-11-24 23:25, Geraldo Netto wrote:

Hello Richard/Friends,

I might be wrong, but I guess the best approach would be to use apache
httpd or nginx as a reverse proxy and leave tomcat alone


Kind Regards,

Geraldo Netto
Sapere Aude => Non dvcor, dvco
http://exdev.sf.net/

On Sun, 25 Nov 2018 at 00:05,  wrote:


Tomcat/9.0.13


I'd like to have my webapps generally on 443, but the manager and
host-manager on some other port, say 444.

My reason for doing that would be that I could then use linux's 
iptables

to restrict access to 444 to a few known addresses, but anyone could
access 443.

I would of course want to use the manager application on 444 to manage
the applications visible on 443.

Is this possible?


Richard

-



Hi Geraldo.

How would that help?

Can I have different virtual hosts in Apache get their content from 
different webapps in Tomcat?


Richard





-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: One tomcat server with different webapps on different ports?

2018-11-25 Thread Mark Thomas

On November 24, 2018 11:05:33 PM UTC, rich...@xentu.com wrote:
>Tomcat/9.0.13
>
>
>I'd like to have my webapps generally on 443, but the manager and 
>host-manager on some other port, say 444.
>
>My reason for doing that would be that I could then use linux's
>iptables 
>to restrict access to 444 to a few known addresses, but anyone could 
>access 443.
>
>I would of course want to use the manager application on 444 to manage 
>the applications visible on 443.
>
>Is this possible?

Not with Tomcat alone.

However, there is an alternative solution available. You could use the 
RemoteAddrValve to limit access. Tomcat comes with this configured to limit 
access to localhost.

Mark

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: help installing mod_jk on Centos 7 on a Google Cloud server

Re: help installing mod_jk on Centos 7 on a Google Cloud server

Re: help installing mod_jk on Centos 7 on a Google Cloud server

Re: help installing mod_jk on Centos 7 on a Google Cloud server

Re: help installing mod_jk on Centos 7 on a Google Cloud server

Re: help installing mod_jk on Centos 7 on a Google Cloud server

Re: help installing mod_jk on Centos 7 on a Google Cloud server

Re: One tomcat server with different webapps on different ports?

Re: help installing mod_jk on Centos 7 on a Google Cloud server

Re: help installing mod_jk on Centos 7 on a Google Cloud server

Re: help installing mod_jk on Centos 7 on a Google Cloud server

Re: help installing mod_jk on Centos 7 on a Google Cloud server

Re: help installing mod_jk on Centos 7 on a Google Cloud server

Re: help installing mod_jk on Centos 7 on a Google Cloud server

Re: help installing mod_jk on Centos 7 on a Google Cloud server

Re: help installing mod_jk on Centos 7 on a Google Cloud server

Re: One tomcat server with different webapps on different ports?

Re: One tomcat server with different webapps on different ports?

18 matches

Site Navigation

Mail list logo

Footer information