nal wrote:
I have tried the mod_jk method that has not been successful and was quite complicated for me anyway.
mod_jk isn't for the faint of heart. :-) There are of course pros and cons to everything, but I've found for my needs that using mod_proxy is much simpler and more flexible.
You are suggesting mod_proxy.
I'm not sure I'm suggesting it so much as pointing out that I've found it to be a simple solution to use when you want to (or need to) have Apache in front of OpenBD. If you *don't* want or need to use Apache, then using Tomcat or Jetty natively to act as your web server eliminates one more moving part from your setup and will be simpler to deal with, as you'll see through the rest of my explanation. ;-)
Would you have any litle generic example would be great event with dummy path specifically for openbd
Sure, I'll do my best and we'll start putting together some how-tos for the wiki since I'm sure this will be something many people will have questions about.
I use Apache 2.2.x on my development boxes but on my VPS I'm on Apache 2.0.52 (suppose I should upgrade at some point!) so the configuration is slightly different, but the principles are the same.
At a high level, what you do is create a virtual host in the Apache configuration file that simply passes traffic to and from Apache to a vitrual host on Tomcat, which is running OpenBD as a web application. So the client hits Apache, Apache proxies out to Tomcat to serve that request (which is processed by OpenBD), and Tomcat then returns the response to Apache which then passes the response to the client.
To give a concrete example, my web site is mattwoodward.com and it's running OpenBD on Tomcat with Apache as the front-end web server. My virtual host in Apache looks like this:
<VirtualHost *:80> ServerName mattwoodward.com ServerAlias www.mattwoodward.com ProxyPass /blog http://mattwoodward.com:8080/machblog ProxyPassReverse /blog http://mattwoodward.com:8080/machblog ProxyPass / http://mattwoodward.com:8080/ ProxyPassReverse / http://mattwoodward.com:8080/ </VirtualHost>This actually isn't the simplest example in the world but since it had a bit of a wrinkle to it that you might need, I thought I'd use it.
What's happening here is that when a request comes in for mattwoodward.com (on port 80), it hits this virtual host in Apache. Rather than servicing the request itself (note the lack of DocumentRoot in this virtual host), Apache proxies out to a URL on port 8080 (i.e. to Tomcat) to service the request. Since I'm also having /blog on my URL go to /machblog on Tomcat/OpenBD, that's why the additional ProxyPass/Reverse is in there. If my blog was running under /blog on port 8080 I wouldn't need that since the names are the same.
OK, so how does Tomcat know which site is mattwoodward.com on its end? It uses virtual hosts as well, and you do have to configure them in a Tomcat configuration file in addition to configuring them in Apache's configuration file because in essence Tomcat is running as a web server (and application server) as well, just on a different port.
So on the Tomcat side, you go into its server.xml file and configure virtual hosts there. Mine for mattwoodward.com looks like this:
<Host name="mattwoodward.com"> <Context path="" docBase="/path/to/my/webapp/files"/> </Host>That's all there is to it. With that host configured in Tomcat, when Apache proxies out to http://mattwoodward.com:8080, it hits the appropriate virtual host on Tomcat.
As an aside, note that you can hit my blog using either of these URLs: http://mattwoodward.com/blog http://mattwoodward.com:8080/machblogWhen you hit the first URL, that hits Apache which proxies out to Tomcat. When you hit the second URL, you're hitting Tomcat directly.
Note that to get this working through Apache you need to enable mod_proxy. I'll cover that next.
I have direct access to the apache conf files but am also unsure of which to use. I am on apache2 and there are a few (apache2.conf /sites-enabled/ mysite.com conf.d/vhost/mysite.com/httpd.conf and some more) My understanding is that they all get loaded is a particular order and I am not sure which file to modify.
Let's cover mod_proxy first. Note that mod_proxy *can* be a dangerous beast if you enable too much, so be careful what you allow to proxy.
On Apache 2.0.52, in httpd.conf, make sure LoadModule proxy_module modules/mod_proxy.so is uncommented. (I'm pretty sure it's commented out by default.) There may be other proxy modules you need to uncomment but it's been a while since I set this server up. On mine, all the modules that start with proxy_ are enabled.
Next, find <IfModule mod_proxy.c> and--THIS IS IMPORTANT--make sure ProxyRequests is set to Off. With that turned on depending on how else you have things set, anyone could proxy any request through your box and that can get dangerous.
Next you should see a block that starts with <Proxy *> and you need to set it thusly:
Order allow,deny Allow from allSince you don't know which IP someone's coming from you need to allow from all, but again since you have ProxyRequests set to off, this is safe. (As I said before I'm by no means an expert in any of this, but that's my understanding.)
That's all on Apache 2.0.52. On Apache 2.2 you need to create a symlink for proxy.conf, proxy_http.load, and proxy.load in mods-enabled that points to the files of the same names in mods-available. Then in mods-available do the proxy configuration outlined above in the proxy.conf file. Whenever you make changes to any config files, you'll have to bounce Apache.
Concerning virtual hosts on Apache 2.2, all of the host stuff above applies, and the simplest way to handle this is to add your VirtualHost information to your default file under sites-available. You can do a file per site, then create a symlink from sites-enabled to files in sites-available, but I just use the one file since it suits my needs even for multiple sites. (There's probably a best practice out there and the way I'm doing things may not be it!)
Phew--so I think that covers it. The much easier way to do this? Don't use Apache if you don't have to. ;-)I'm sure you can now imagine that just using Tomcat or Jetty and running it on port 80 is much easier. Change the port, set up your virtual hosts in one place instead of two, no worries about mod_proxy, mod_jk etc. So I'm basically outlining this if people NEED to use Apache for some reason, and there are certainly plenty of reasons to do so, e.g. you have PHP sites on the same server you need to serve, you're familiar with Apache, you have a hosting panel you like that works well with Apache, etc. It's not that Apache's bad, it's just a lot more work if you don't need it.
So if you have a choice and don't care whether or not you're running Apache, shut down anything else that may be running on port 80 and use Tomcat or Jetty as your web server as well.
I will keep you posted of my progresses anyway.
Please do! You're definitely not the only one with these questions. Let us know how things go.
-- Matt Woodward [EMAIL PROTECTED] http://www.mattwoodward.com/blog Please do not send me proprietary file formats such as Word, PowerPoint, etc. as attachments. http://www.gnu.org/philosophy/no-word-attachments.html
smime.p7s
Description: S/MIME Cryptographic Signature
