Hello Charlie, > -----Ursprüngliche Nachricht----- > Von: Charlie DiDonato <cdido...@nycap.rr.com> > Gesendet: Sonntag, 13. August 2023 18:08 > An: users@tomcat.apache.org > Betreff: Java Connector help needed > > Hi All, > I am migrating from tomcat 8.5x to 9.0.78 > > Below is my server .xml > > I don't have Apache webserver fronting this yet on my local machine > (Windows 10). > > It is a Java app. > > > > Here is the part that I feel is relevant, but the full config is listed below > that.- > > I order to see that tomcat is working without Apache WS, do I need to also > create an HTTP1.1 connector in addition to AJP connector?
The browser only speaks HTTP protocol. So yes, if you want to bypass Apache Frontend-server you need an http connector on tomcat side. > > And what should happen when I define a redirectPort ? The redirect Port is only used, when Tomcat needs to redirect HTTP to HTTPS. If you only use HTTP or only HTTPS, this attribute is not used. > And finally, how do I access tomcat URL to hit tomcat and bypass Apache WS? This depends on your infrastructure. You can use a separate http(s) port. E.g. 80/443 is used by Apache and 8080 is used by Tomcat. Then you can used http://<servername>:8080/<path> to access Tomcat directly. Of course, firewall etc. must allow this traffic. > Thanks > > Charlie DiDonato > > > > > > <!-- Define an AJP 1.3 Connector on port 8009 --> > > > > <Connector protocol="org.apache.coyote.ajp.AjpAprProtocol" > > address="192.168.0.28" > > port="8009" > > redirectPort="8020" > > secretRequired="false" > > maxParameterCount="1000" > > /> > > > > > > > > > > > > > > <?xml version="1.0" encoding="UTF-8"?> > > <!-- > > Licensed to the Apache Software Foundation (ASF) under one or more > > contributor license agreements. See the NOTICE file distributed with > > this work for additional information regarding copyright ownership. > > The ASF licenses this file to You under the Apache License, Version 2.0 > > (the "License"); you may not use this file except in compliance with > > the License. You may obtain a copy of the License at > > > > http://www.apache.org/licenses/LICENSE-2.0 > > > > Unless required by applicable law or agreed to in writing, software > > distributed under the License is distributed on an "AS IS" BASIS, > > WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or > implied. > > See the License for the specific language governing permissions and > > limitations under the License. > > --> > > <!-- Note: A "Server" is not itself a "Container", so you may not > > define subcomponents such as "Valves" at this level. > > Documentation at /docs/config/server.html > > --> > > <Server port="8005" shutdown="SHUTDOWN"> > > <Listener className="org.apache.catalina.startup.VersionLoggerListener" > /> > > <!-- Security listener. Documentation at /docs/config/listeners.html > > <Listener className="org.apache.catalina.security.SecurityListener" /> > > --> > > <!-- APR library loader. Documentation at /docs/apr.html --> > > <Listener className="org.apache.catalina.core.AprLifecycleListener" > SSLEngine="on" /> > > <!-- Prevent memory leaks due to use of particular java/javax APIs--> > > <Listener > className="org.apache.catalina.core.JreMemoryLeakPreventionListener" > /> > > <Listener > className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" > /> > > <Listener > className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" > /> > > > > <!-- Global JNDI resources > > Documentation at /docs/jndi-resources-howto.html > > --> > > <GlobalNamingResources> > > <!-- Editable user database that can also be used by > > UserDatabaseRealm to authenticate users > > --> > > <Resource name="UserDatabase" auth="Container" > > type="org.apache.catalina.UserDatabase" > > description="User database that can be updated and saved" > > factory="org.apache.catalina.users.MemoryUserDatabaseFactory" > > pathname="conf/tomcat-users.xml" /> > > </GlobalNamingResources> > > > > <!-- A "Service" is a collection of one or more "Connectors" that share > > a single "Container" Note: A "Service" is not itself a "Container", > > so you may not define subcomponents such as "Valves" at this level. > > Documentation at /docs/config/service.html > > --> > > <Service name="Catalina"> > > > > <!--The connectors can use a shared executor, you can define one or more > named thread pools--> > > <!-- > > <Executor name="tomcatThreadPool" namePrefix="catalina-exec-" > > maxThreads="150" minSpareThreads="4"/> > > --> > > > > > > <!-- A "Connector" represents an endpoint by which requests are received > > and responses are returned. Documentation at : > > Java HTTP Connector: /docs/config/http.html > > Java AJP Connector: /docs/config/ajp.html > > APR (HTTP/AJP) Connector: /docs/apr.html > > Define a non-SSL/TLS HTTP/1.1 Connector on port 8010 > > > > <Connector port="8010" protocol="HTTP/1.1" > > connectionTimeout="20000" > > redirectPort="8443" > > maxParameterCount="1000" > > /> > > --> > > <!-- A "Connector" using the shared thread pool--> > > <!-- > > <Connector executor="tomcatThreadPool" > > port="8010" protocol="HTTP/1.1" > > connectionTimeout="20000" > > redirectPort="8443" > > maxParameterCount="1000" > > /> > > --> > > <!-- Define an SSL/TLS HTTP/1.1 Connector on port 8443 > > This connector uses the NIO implementation. The default > > SSLImplementation will depend on the presence of the APR/native > > library and the useOpenSSL attribute of the AprLifecycleListener. > > Either JSSE or OpenSSL style configuration may be used regardless of > > the SSLImplementation selected. JSSE style configuration is used > below. > > --> > > <!-- > > <Connector port="8443" > protocol="org.apache.coyote.http11.Http11NioProtocol" > > maxThreads="150" SSLEnabled="true" > > maxParameterCount="1000" > > > > > <SSLHostConfig> > > <Certificate certificateKeystoreFile="conf/localhost-rsa.jks" > > type="RSA" /> > > </SSLHostConfig> > > </Connector> > > --> > > <!-- Define an SSL/TLS HTTP/1.1 Connector on port 8443 with HTTP/2 > > This connector uses the APR/native implementation which always uses > > OpenSSL for TLS. > > Either JSSE or OpenSSL style configuration may be used. OpenSSL style > > configuration is used below. > > --> > > <!-- > > <Connector port="8443" > protocol="org.apache.coyote.http11.Http11AprProtocol" > > maxThreads="150" SSLEnabled="true" > > maxParameterCount="1000" > > > > > <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" > /> > > <SSLHostConfig> > > <Certificate certificateKeyFile="conf/localhost-rsa-key.pem" > > certificateFile="conf/localhost-rsa-cert.pem" > > certificateChainFile="conf/localhost-rsa-chain.pem" > > type="RSA" /> > > </SSLHostConfig> > > </Connector> > > --> > > > > <!-- Define an AJP 1.3 Connector on port 8009 --> > > > > <Connector protocol="org.apache.coyote.ajp.AjpAprProtocol" > > address="192.168.0.28" > > port="8009" > > redirectPort="8020" > > secretRequired="false" > > maxParameterCount="1000" > > /> > > > > > > <!-- An Engine represents the entry point (within Catalina) that processes > > every request. The Engine implementation for Tomcat stand alone > > analyzes the HTTP headers included with the request, and passes them > > on to the appropriate Host (virtual host). > > Documentation at /docs/config/engine.html --> > > > > <!-- You should set jvmRoute to support load-balancing via AJP ie :--> > > <Engine name="Catalina" defaultHost="localhost" jvmRoute="jvm1"> > > > > <!--For clustering, please take a look at documentation at: > > /docs/cluster-howto.html (simple how to) > > /docs/config/cluster.html (reference documentation) --> > > > > <Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/> > > > > > > <!-- Use the LockOutRealm to prevent attempts to guess user passwords > > via a brute-force attack --> > > <Realm className="org.apache.catalina.realm.LockOutRealm"> > > <!-- This Realm uses the UserDatabase configured in the global JNDI > > resources under the key "UserDatabase". Any edits > > that are performed against this UserDatabase are immediately > > available for use by the Realm. --> > > <Realm className="org.apache.catalina.realm.UserDatabaseRealm" > > resourceName="UserDatabase"/> > > </Realm> > > > > <Host name="localhost" appBase="webapps" > > unpackWARs="true" autoDeploy="true"> > > > > <!-- SingleSignOn valve, share authentication between web applications > > Documentation at: /docs/config/valve.html --> > > <!-- > > <Valve className="org.apache.catalina.authenticator.SingleSignOn" /> > > --> > > > > <!-- Access log processes all example. > > Documentation at: /docs/config/valve.html > > Note: The pattern used is equivalent to using pattern="common" > --> > > <Valve className="org.apache.catalina.valves.AccessLogValve" > directory="logs" > > prefix="localhost_access_log" suffix=".txt" > > pattern="%h %l %u %t "%r" %s %b" /> > > > > </Host> > > </Engine> > > </Service> > > </Server> --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
