You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Stephen Nelson-Smith <sa...@gmail.com> on 2008/08/12 09:45:34 UTC
AJP Proxying
I have a server running apache 2.2, configured to proxy to another
tomcat server, running 6.0.16. This works fine with the stock
server.xml, and the webapps, but when I move my own server.xml into
place, apache reports a 400, and I get no page.
Some background:
* The apache config works in production with Tomcat 6 when running on
the same machine as tomcat, with "tomcat1" substituted for the IP of
the virtual host.
* My server.xml was not originally written by me, and has been handed
down and modified over the ages. It was originally from Tomcat 4.1
* Tomcat works fine in standalone mode - the app works.
I have some questions:
1) How do I configure logging? I don't see any information such as
200s or 400s anywhere in the logs directory. I also don't see my
tomcat1 log file, although I suspect that is because Logger no longer
works in tomcat 6. I don't see how to troubleshoot without this
information
2) All I want to happen is for http://loadbalancer/login.jsp to be
passed to http://tomcat/login.jsp using ajp/1.3. What is the simplest
thing that could possibly work?
The configs are:
Apache:
<VirtualHost 192.168.0.1>
ProxyRequests Off
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
ProxyPass / ajp://tomcat1:8009/
ProxyPass /servlet ajp://tomcat1:8009/servlet
ProxyPass /piston ajp://tomcat1:8009/piston
ProxyPass /manager ajp://tomcat1:8009/manager
ProxyPass /link ajp://tomcat1:8009/link
ProxyPass /ajax ajp://tomcat1:8009/ajax
ProxyVia on
</VirtualHost>
Tomcat:
<?xml version='1.0' encoding='ISO-8859-1'?>
<Server port="8005" shutdown="SHUTDOWN">
<Listener className="org.apache.catalina.core.AprLifecycleListener"
SSLEngine="on" />
<Listener className="org.apache.catalina.core.JasperListener" />
<Listener className="org.apache.catalina.mbeans.ServerLifecycleListener" />
<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener"
/>
<GlobalNamingResources>
<Resource name="UserDatabase" auth="Container"
type="org.apache.catalina.UserDatabase"
description="User database that can be updated and saved"
factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
pathname="conf/tomcat-users.xml" />
</GlobalNamingResources>
<Service name="Catalina">
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443"
enableLookups="false"
connectionTimeout="0" disableUploadTimeout="false"
proxyName="tomcat1" proxyPort="80"
acceptCount="10" bufferSize="2048" compression="off"
connectionLinger="-1" connectionUploadTimeout="300000"
debug="0" maxKeepAliveRequests="100"
maxProcessors="500" minProcessors="5"
scheme="http" secure="false" serverSocketTimeout="0"
tcpNoDelay="true"
tomcatAuthentication="true"
useBodyEncodingForURI="true" useURIValidationHack="false"/>
<Engine name="Catalina" defaultHost="localhost">
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
resourceName="UserDatabase"/>
<Host appBase="/home/sites/home/web" liveDeploy="false"
autoDeploy="false" debug="4" name="tomcat1" >
<Alias>tomcat1</Alias>
<Context cachingAllowed="true" cookies="true"
crossContext="true" debug="0" docBase="" path="" privileged="false"
reloadable="true" >
<Logger className="org.apache.catalina.logger.FileLogger"
debug="0" directory="logs" prefix="tomcat1" suffix=".txt"
timestamp="true" verbosity="1"/>
</Context>
</Host>
</Engine>
</Service>
</Server>
Thanks,
S.
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: AJP Proxying
Posted by Stephen Nelson-Smith <sa...@gmail.com>.
Ok... just to be clear, after more testing:
On the same machine, using apache 2.2 mod_proxy_ajp:
1) set ProxyPass to localhost
2) use application server.xml
All works.
Move apache to a different machine.
1) Set ProxyPass to IP or DNS name of tomcat server
Apache gives a 400 and I get no content.
2) Move stock server.xml into place
I get content.
I have no idea what's going on there... any ideas / suggestions?
S.
On Tue, Aug 12, 2008 at 8:45 AM, Stephen Nelson-Smith
<sa...@gmail.com> wrote:
> I have a server running apache 2.2, configured to proxy to another
> tomcat server, running 6.0.16. This works fine with the stock
> server.xml, and the webapps, but when I move my own server.xml into
> place, apache reports a 400, and I get no page.
>
> Some background:
>
> * The apache config works in production with Tomcat 6 when running on
> the same machine as tomcat, with "tomcat1" substituted for the IP of
> the virtual host.
> * My server.xml was not originally written by me, and has been handed
> down and modified over the ages. It was originally from Tomcat 4.1
> * Tomcat works fine in standalone mode - the app works.
>
> I have some questions:
>
> 1) How do I configure logging? I don't see any information such as
> 200s or 400s anywhere in the logs directory. I also don't see my
> tomcat1 log file, although I suspect that is because Logger no longer
> works in tomcat 6. I don't see how to troubleshoot without this
> information
> 2) All I want to happen is for http://loadbalancer/login.jsp to be
> passed to http://tomcat/login.jsp using ajp/1.3. What is the simplest
> thing that could possibly work?
>
> The configs are:
>
> Apache:
>
> <VirtualHost 192.168.0.1>
> ProxyRequests Off
> <Proxy *>
> Order deny,allow
> Allow from all
> </Proxy>
> ProxyPass / ajp://tomcat1:8009/
> ProxyPass /servlet ajp://tomcat1:8009/servlet
> ProxyPass /piston ajp://tomcat1:8009/piston
> ProxyPass /manager ajp://tomcat1:8009/manager
> ProxyPass /link ajp://tomcat1:8009/link
> ProxyPass /ajax ajp://tomcat1:8009/ajax
> ProxyVia on
> </VirtualHost>
>
> Tomcat:
>
> <?xml version='1.0' encoding='ISO-8859-1'?>
> <Server port="8005" shutdown="SHUTDOWN">
> <Listener className="org.apache.catalina.core.AprLifecycleListener"
> SSLEngine="on" />
> <Listener className="org.apache.catalina.core.JasperListener" />
> <Listener className="org.apache.catalina.mbeans.ServerLifecycleListener" />
> <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener"
> />
> <GlobalNamingResources>
> <Resource name="UserDatabase" auth="Container"
> type="org.apache.catalina.UserDatabase"
> description="User database that can be updated and saved"
> factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
> pathname="conf/tomcat-users.xml" />
> </GlobalNamingResources>
> <Service name="Catalina">
> <Connector port="8080" protocol="HTTP/1.1"
> connectionTimeout="20000"
> redirectPort="8443" />
> <Connector port="8009" protocol="AJP/1.3" redirectPort="8443"
> enableLookups="false"
> connectionTimeout="0" disableUploadTimeout="false"
> proxyName="tomcat1" proxyPort="80"
> acceptCount="10" bufferSize="2048" compression="off"
> connectionLinger="-1" connectionUploadTimeout="300000"
> debug="0" maxKeepAliveRequests="100"
> maxProcessors="500" minProcessors="5"
> scheme="http" secure="false" serverSocketTimeout="0"
> tcpNoDelay="true"
> tomcatAuthentication="true"
> useBodyEncodingForURI="true" useURIValidationHack="false"/>
> <Engine name="Catalina" defaultHost="localhost">
> <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
> resourceName="UserDatabase"/>
> <Host appBase="/home/sites/home/web" liveDeploy="false"
> autoDeploy="false" debug="4" name="tomcat1" >
> <Alias>tomcat1</Alias>
> <Context cachingAllowed="true" cookies="true"
> crossContext="true" debug="0" docBase="" path="" privileged="false"
> reloadable="true" >
> <Logger className="org.apache.catalina.logger.FileLogger"
> debug="0" directory="logs" prefix="tomcat1" suffix=".txt"
> timestamp="true" verbosity="1"/>
> </Context>
> </Host>
> </Engine>
> </Service>
> </Server>
>
>
> Thanks,
>
> S.
>
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: AJP Proxying
Posted by Stephen Nelson-Smith <sa...@gmail.com>.
On Tue, Aug 12, 2008 at 9:40 PM, Caldarale, Charles R
<Ch...@unisys.com> wrote:
>> Stephen Nelson-Smith wrote:
>>
>> My server.xml was not originally written by me, and
>> has been handed down and modified over the ages. It
>> was originally from Tomcat 4.1
>
> This is generally a really bad idea.
I thought it might be... I just had the sense that this was a rather
nasty stone under which some nasty things might be hiding.
> You need to take the standard server.xml that comes with the particular Tomcat release you're using and modify it with whatever you need for your environment, such as <Resource> elements. Blindly adding all the junk from older levels will bite you.
Yep - I will do just this. The guideline in the definitive guide (2nd
ed) seem helpful, but I do find some of the terminology confusing.
Will sing out if I get really stuck.
S.
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: AJP Proxying
Posted by "Caldarale, Charles R" <Ch...@unisys.com>.
> Stephen Nelson-Smith wrote:
>
> My server.xml was not originally written by me, and
> has been handed down and modified over the ages. It
> was originally from Tomcat 4.1
This is generally a really bad idea. Due to changes in the syntax and semantics of server.xml over the years, you cannot get reliable behavior by continuing to use older versions of server.xml. You need to take the standard server.xml that comes with the particular Tomcat release you're using and modify it with whatever you need for your environment, such as <Resource> elements. Blindly adding all the junk from older levels will bite you.
> <Host appBase="/home/sites/home/web" liveDeploy="false"
For example, there is no liveDeploy attribute in current Tomcat versions.
- Chuck
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers.
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: AJP Proxying
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Stephen,
Stephen Nelson-Smith wrote:
|> Note that name="tomcat1" plus <Alias>tomcat1</Alias> doesn't get you
|> anything ;)
|
| Do you mean that the alias is redundant?
Yeah. Name='foo' plus alias='foo' is the same as leaving the alias off.
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkijBMAACgkQ9CaO5/Lv0PB75QCgj95eqHMypf0o9lAbLXy5n65u
aWgAnjGEiMrTRlmKXzMoL8idaXyvxL7t
=Djwc
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: AJP Proxying
Posted by Stephen Nelson-Smith <sa...@gmail.com>.
Hi,
> When you move Tomcat to another machine, no <Host> matches and you get a
> 400 error.
The problem was that I was hitting the loadbalancer with name lb1 or
www.mysite.com. This was being proxied to machines called tomcat1,
tomcat2 etc. Changing the alias to www.mysite.com seems to have fixed
this.
> Note that name="tomcat1" plus <Alias>tomcat1</Alias> doesn't get you
> anything ;)
Do you mean that the alias is redundant?
S.
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: AJP Proxying
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Stephen,
Stephen Nelson-Smith wrote:
| * My server.xml was not originally written by me, and has been handed
| down and modified over the ages. It was originally from Tomcat 4.1
| * Tomcat works fine in standalone mode - the app works.
Your server.xml looks inconsistent:
| <Engine name="Catalina" defaultHost="localhost">
| [snip]
| <Host appBase="/home/sites/home/web" liveDeploy="false"
| autoDeploy="false" debug="4" name="tomcat1" >
You have only one <Host> and it's name is "tomcat1", but your
defaultHost is "localhost". I suspect that "tomcat1" is the DNS name of
your working configuration, so it works.
When you move Tomcat to another machine, no <Host> matches and you get a
400 error.
You have two options:
1. Change 'name="tomcat1"' to reflect the actual name of the server
~ where TC is running.
2. Change 'name="tomcat1"' to 'name="localhost"'.
I like option 2 because it will work if you then move the configuration
to a third (or 90th) machine.
Note that name="tomcat1" plus <Alias>tomcat1</Alias> doesn't get you
anything ;)
Oh, and you're right: <Logger> is gone in TC 5.5. You need to configure
logging differently. Check the TC 5.5. logging documentation once you
get this issue resolved.
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkih5poACgkQ9CaO5/Lv0PD28gCeM6kcO25et8DIJjviCOEw2t6q
0VUAn0m6mgg1xQJN8+clQfMm7vu9+AgU
=pZdB
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org