I just set this config up with Tomcat 5.5.15 and Magnolia 2.1.3, but
Tomcat doesn't come up all the way.
The logs are empty. There's a message on shutdown like it doesn't know
the JVM.
This release of Apache Tomcat was packaged to run on J2SE 5.0
or later. It can be run on earlier JVMs by downloading and
installing a compatibility package from the Apache Tomcat
binary download page.
Should I delete Tomcats original 'ROOT' directory first?
I have these ports & appBase:
Server 8025
Service mgnlAuthor
HTTP 8110
AJP 8039
Engine mgnlAuthor
Host appBase mgnlAuthorApps
Service Catalina
HTTP 8100
AJP 8029
Engine Catalina
Host appBase webapps
I commented out the 'mgnlAuthor' service to try with just 'Catalina',
but no improvement.
I removed the default 'ROOT' directory, but no improvement.
Seems like I need to put 'JAVA_HOME' in one of the start up scripts?
-----Original Message-----
From: [email protected] [mailto:[EMAIL PROTECTED]
Sent: Thursday, December 15, 2005 12:15 PM
To: [email protected]
Subject: Re: [magnolia-user] SSL with Magnolia
Will they both be on the same running tomcat server or on separate
servers?
Here's a quick and abbreviated example server.xml setup for both on the
same server. The config is very careful to be sure magnoliaAuthor is
only available through the localhost interface and a SSL encrypted
connector. Just configure magnoliaAuthor to activate through the
localhost connections:
<Server port="8005" shutdown="SHUTDOWN">
<!-- Global resource definitions here -->
<Service name="MgnlAuthor">
<!-- Place magnoliaAuthor.war in a new directory named mgnlAuthorApps
which resides just
inside of tomcat along side the webapps folder. The context
definition will show up at
conf/MgnlAuthor/localhost/magnoliaAuthor.xml. Authors will
access this via
https://www.yourdomainnamehere.com/magnoliaAuthor/
Activation in /subscribers/SubscriberConfig/0001 of Config
would be as follows:
active: true
address: 127.0.0.1:8081
senderURL: http://127.0.0.1:8080/magnoliaAuthor
protocol: http
requestConfirmation: false
-->
<!-- SSL connector configured with your certificate -->
<Connector port="443" maxHttpHeaderSize="8192" address="[public ip
here]"
maxThreads="150" minSpareThreads="25"
maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" />
<!-- Unencrypted connection bound to the localhost interface -->
<Connector port="8080" address="127.0.0.1" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25"
maxSpareThreads="75"
enableLookups="false" acceptCount="100"
connectionTimeout="20000"
disableUploadTimeout="true" />
<Engine name="MgnlAuthor" defaultHost="localhost">
<!-- This is configured to use a new webapps directory,
mgnlAuthorApps in
the tomcat directory -->
<Host name="localhost" appBase="mgnlAuthorApps"
unpackWARs="true" autoDeploy="true"
xmlValidation="false" xmlNamespaceAware="false">
</Host>
</Engine>
</Service>
<Service name="Catalina">
<!-- Name your magnolia public war file ROOT.war and place it in the
webapps folder
for deployment. Your context definition will be in
conf/Catalina/localhost/ROOT.xml
The public view the site via http://www.yourdomainhere.com/
-->
<!-- Unencrypted connection bound to the localhost interface for
content activation -->
<!-- Be careful not to use the same port as above -->
<Connector port="8081" address="127.0.0.1" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25"
maxSpareThreads="75"
enableLookups="false" acceptCount="100"
connectionTimeout="20000"
disableUploadTimeout="true" />
<!-- Public port 80 for general consumption -- bound to a public IP
-->
<Connector port="80" address="[public server ip here]"
maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25"
maxSpareThreads="75"
enableLookups="false" acceptCount="100"
connectionTimeout="20000"
disableUploadTimeout="true" />
<Engine name="Catalina" defaultHost="localhost">
<!-- This is configured to use the default webapps directory -->
<Host name="localhost" appBase="webapps"
unpackWARs="true" autoDeploy="true"
xmlValidation="false" xmlNamespaceAware="false">
</Host>
</Engine>
</Service>
</Server>
--David
(FTP) wrote:
>I only want to have the Author instance SSL enabled. The rest can
remain as it is. How can you distinguish that?
>
>Also, the user identification dialog should also go via SSL>
>
>Thanks
>
>On Thu, Dec 15, 2005 at 09:39:15AM -0500, David Smith wrote:
>
>
>>Good question. I believe the answer is yes with some caveates. The
>>author and public instance can talk to the client with SSL no problem.
>>I haven't looked at the activation code in a while, but believe author
>>and public can't talk to each other over SSL. There will have to be
>>an unencrypted connector in tomcat on author and public for that.
>>Tunneling might be an answer if you need that encrypted as well.
>>
>>I've done the setup with author and public on the same machine. One
>>connector is SSL enabled for the clients and the other is a standard
>>HTTP connector with the attribute address="127.0.0.1". That forces
>>the connector to bind to the localhost interface where the public
>>can't access it. Setup activation on author and public to use the
>>unencrypted
>>127.0.0.1 address.
>>
>>--David
>>
>>(FTP) wrote:
>>
>>
>>
>>>Hi,
>>>
>>>I was looking in the archives as well but couldn't really find
>>>aworking solution how to install/operate Magnolia 2.1.3 when SSL is
>>>switched on in the latest Tomcat version.
>>>
>>>Is any info on this?
>>>
>>>Thank you
>>>
>>>George
>>>
>>>
>>>----------------------------------------------------------------
>>>for list details see
>>>http://www.magnolia.info/en/magnolia/developer.html
>>>----------------------------------------------------------------
>>>
>>>
>>>
>>>
>>----------------------------------------------------------------
>>for list details see
>>http://www.magnolia.info/en/magnolia/developer.html
>>----------------------------------------------------------------
>>
>>
>
>----------------------------------------------------------------
>for list details see
>http://www.magnolia.info/en/magnolia/developer.html
>----------------------------------------------------------------
>
>
----------------------------------------------------------------
for list details see
http://www.magnolia.info/en/magnolia/developer.html
----------------------------------------------------------------
----------------------------------------------------------------
for list details see
http://www.magnolia.info/en/magnolia/developer.html
----------------------------------------------------------------
