Hi, That'll be done too, but those docs only get updated when we do a new release, and I didn't want to wait to post the content.
Yoav Shapira Millennium Research Informatics >-----Original Message----- >From: Parsons Technical Services [mailto:[EMAIL PROTECTED] >Sent: Thursday, May 27, 2004 11:00 AM >To: Tomcat Users List >Subject: Re: standalone production? > >If this is the case, then why not fix the >http://jakarta.apache.org/tomcat/tomcat-5.0-doc/setup.html >page to show the correct(updated) information? > >Doug > >----- Original Message ----- >From: "Shapira, Yoav" <[EMAIL PROTECTED]> >To: "Tomcat Users List" <[EMAIL PROTECTED]> >Sent: Thursday, May 27, 2004 9:19 AM >Subject: RE: standalone production? > > > >Hi, >Good post. I've added it to the FAQ: >http://jakarta.apache.org/tomcat/faq/security.html#jsvcExample. > >Yoav Shapira >Millennium Research Informatics > > >>-----Original Message----- >>From: RJ [mailto:[EMAIL PROTECTED] >>Sent: Thursday, May 27, 2004 8:17 AM >>To: Tomcat Users List >>Subject: RE: standalone production? >> >>The http://jakarta.apache.org/tomcat/tomcat-5.0-doc/setup.html >>isn't the way for doing jsvc that I used (it didn't work >>right). >> >>You should already have jsvc.tar.gz in the bin dir >>for tomcat; unpack it, and follow the instructions >>in INSTALL.txt for building jsvc. There's a page for >>it at http://jakarta.apache.org/commons/daemon/jsvc.html >>as well. >> >>Then, you use the tomcat/bin/jsvc-src/native/Tomcat5.sh >>script to start and stop it, after first editing that >>script to get the values in there right. Mine is >>as follows (that $DAEMON_HOME/jsvc-src/jsvc \ one >>was important, since it defaulted to a different >>directory structure than the one that was created by >>my jsvc and tomcat unpacking). >> >>Then I did chown on the files in the tomcat directory >>to be my non-root 'tomcat' user, fixed the server.xml >>to have non-SSL Coyote HTTP/1.1 Connector on port 80 >>and SSL Coyote HTTP/1.1 Connector on port 443 >>and it seems to be working like a champ. >> >>I also got the logging running by un-commenting the >>AccessLogValve at the end of server.xml, and changed >>the pattern=common to pattern=combined >>so I could get apache-type logs like I had before. >> >>MUCH nicer than fooling with those connectors. >> >>Now, if I can only figure out why the 'referer' is >>always blank when somebody first hits my site, I'll >>be very happy... >> >>rj >> >>#!/bin/sh >>###################################################################### # >#### >>### >># >># Copyright 2004 The Apache Software Foundation. >># >># Licensed under the Apache License, Version 2.0 (the "License"); >># you may not use this file except in compliance with the License. >># You may obtain a copy of the License at >># >># http://www.apache.org/licenses/LICENSE-2.0 >># >># Unless required by applicable law or agreed to in writing, software >># distributed under the License is distributed on an "AS IS" BASIS, >># WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or >>implied. >># See the License for the specific language governing permissions and >># limitations under the License. >>###################################################################### # >#### >>### >># >># Small shell script to show how to start/stop Tomcat using jsvc >># If you want to have Tomcat running on port 80 please modify the >>server.xml >># file: >># >># <!-- Define a non-SSL HTTP/1.1 Connector on port 80 --> >># <Connector >>className="org.apache.catalina.connector.http.HttpConnector" >># port="80" minProcessors="5" maxProcessors="75" >># enableLookups="true" redirectPort="8443" >># acceptCount="10" debug="0" connectionTimeout="60000"/> >># >># That is for Tomcat-5.0.x (Apache Tomcat/5.0) >># >># Adapt the following lines to your configuration >>JAVA_HOME=/usr/java/j2sdk1.4.2_03 >>CATALINA_HOME=/usr/local/tomcat5 >>DAEMON_HOME=/usr/local/tomcat5/bin >>TOMCAT_USER=tomcat >>TMP_DIR=/var/tmp >>CATALINA_OPTS="-Xms64m -Xmx200m" >>CLASSPATH=\ >>$JAVA_HOME/lib/tools.jar:\ >>$CATALINA_HOME/bin/commons-daemon.jar:\ >>$CATALINA_HOME/bin/bootstrap.jar >> >>case "$1" in >> start) >> # >> # Start Tomcat >> # >> $DAEMON_HOME/jsvc-src/jsvc \ >> -user $TOMCAT_USER \ >> -home $JAVA_HOME \ >> -Dcatalina.home=$CATALINA_HOME \ >> -Djava.io.tmpdir=$TMP_DIR \ >> -outfile $CATALINA_HOME/logs/catalina.out \ >> -errfile '&1' \ >> $CATALINA_OPTS \ >> -cp $CLASSPATH \ >> org.apache.catalina.startup.Bootstrap >> # >> # To get a verbose JVM >> #-verbose \ >> # To get a debug of jsvc. >> #-debug \ >> ;; >> >> stop) >> # >> # Stop Tomcat >> # >> PID=`cat /var/run/jsvc.pid` >> kill $PID >> ;; >> >> *) >> echo "Usage tomcat.sh start/stop" >> exit 1;; >>esac >> >> >> >>At 03:19 AM 5/27/2004, Justin Jaynes wrote: >>>I am intending to run in a fully internet exposed >>>environment and I only have ONE physical machine to >>>use for deployment. It will be directly connected to >>>the internet at co-location service provider. So ... >>> >>>In a conversation from yesterday, it appears another >>>user had a similar question. How to run on port 80, >>>securly. >>> >>>Is it possible to run tomcat with a non-priviliged >>>user? What is this JSVC approach they referred to, >>>and what is the solution that was given? Where can I >>>go to read more? >>> >>> >>>--------------------------------------------------------------------- >>>To unsubscribe, e-mail: [EMAIL PROTECTED] >>>For additional commands, e-mail: [EMAIL PROTECTED] > > > >This e-mail, including any attachments, is a confidential business >communication, and may contain information that is confidential, >proprietary >and/or privileged. This e-mail is intended only for the individual(s) to >whom it is addressed, and may not be saved, copied, printed, disclosed or >used by anyone else. If you are not the(an) intended recipient, please >immediately delete this e-mail from your computer system and notify the >sender. Thank you. > > >--------------------------------------------------------------------- >To unsubscribe, e-mail: [EMAIL PROTECTED] >For additional commands, e-mail: [EMAIL PROTECTED] > > > > >--------------------------------------------------------------------- >To unsubscribe, e-mail: [EMAIL PROTECTED] >For additional commands, e-mail: [EMAIL PROTECTED] This e-mail, including any attachments, is a confidential business communication, and may contain information that is confidential, proprietary and/or privileged. This e-mail is intended only for the individual(s) to whom it is addressed, and may not be saved, copied, printed, disclosed or used by anyone else. If you are not the(an) intended recipient, please immediately delete this e-mail from your computer system and notify the sender. Thank you. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
