You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Chris Arnold <ca...@electrichendrix.com> on 2013/03/29 00:24:55 UTC
Apache Accessing Tomcat Issue
Apache Tomcat/7.0.30 on SLES11 SP2. I am trying to configure access to a webapp using http://share.domain.com. This webapp uses port 8080 and works fine from inside the LAN. However, we have an apache2 server acting as a proxy and we want users to not have to type in a port number.
Now when accessing http://share.domain.com, the result is directories and files are listed, the jsp files are not running. Here is my complete setup:
jk.conf-
# simple configuration for apache (for AJP connector, modul mod_jk.so)
<IfModule mod_jk.c>
JkWorkersFile /opt/alfresco/tomcat/workers.properties
JkLogFile /var/log/alfresco/mod_jk.log
JkShmFile /var/log/alfresco/shm
# Log level to be used by mod_jk
JkLogLevel error
# The following line mounts all JSP files and the /servlet/ uri to tomcat
#JkMount /servlets-examples/servlet/* ajp13
JkMount /share/*.jsp ajp13
</IfModule>
virtualhost-
<VirtualHost *:80>
ServerName share.domain.com
#RewriteEngine On
#RewriteCond %{REQUEST_URI} !^/share/
#RewriteCond %{HTTPS} on
#RewriteRule ^/. http://share.paradixent.com/share/ [P]
#JkMount /share/* worker1
<IfModule mod_jk.c>
# The following line makes apache aware of the location of
# the /jsp-examples context
Alias /share "/opt/alfresco/tomcat/webapps/share"
<Directory "/opt/alfresco/tomcat/webapps/share">
Options Indexes FollowSymLinks
allow from all
</Directory>
# The following line mounts all JSP files and the /servlet/ uri to tomcat
#JkMount /servlets-examples/servlet/* ajp13
JkMount /share/*.jsp ajp13
# The following line prohibits users from directly accessing WEB-INF
<Location "/share/WEB-INF/">
#AllowOverride None
deny from all
</Location>
# if not specified, the global error log is used
ErrorLog /var/log/apache2domain.com-error_log
CustomLog /var/log/apache2/domain.com-access_log combined
</IfModule>
</VirtualHost>
httpd.conf-
# mod_jk
Include /opt/alfresco/tomcat/conf/jk.conf
Mod_jk is loaded:
web:~ # /usr/sbin/httpd2 -M
Loaded Modules:
.......
jk_module (shared)
perl_module (shared)
php5_module (shared)
Syntax OK
Here is the log from apache:
[Thu Mar 28 18:40:14 2013] [error] [client pub ip] proxy: Error reading from remote server returned by /error/HTTP_INTERNAL_SERVER_ERROR.html.var
[Thu Mar 28 18:40:28 2013] [error] [client pub ip] (70007)The timeout specified has expired: proxy: error reading status line from remote server share.paradixent.com
[Thu Mar 28 18:40:28 2013] [error] [client pub ip] proxy: Error reading from remote server returned by /error/HTTP_INTERNAL_SERVER_ERROR.html.var
Any ideas why the folder and files are being listed instead of running?
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Multiple domains accessing same Tomcat content
Posted by Chris Arnold <ca...@electrichendrix.com>.
I thought i would understand how to config a 2nd domain to access the same content after configuring for the first domain but that proved wrong. I have multiple domains that need to access the same content. For example, http://share.domain1.com should result in http://share.domain1.com/share and http://share.domain2.com should result in http://share.domain2.com/share. Thanks to Ranier, i have 1 working config accessing http://share.domain.com. Now, how do i add a 2nd domain so they will type http://share.domain2.com and get http://share.domain2.com/share?
Here is the workers.properties file configured for domain2:
worker.properties:
# Define two status worker:
# - jk-status for read-only use
# - jk-manager for read/write use
worker.list=jk-status
worker.jk-status.type=status
worker.jk-status.read_only=true
worker.list=jk-manager
worker.list=worker1
worker.list=worker2
worker.jk-manager.type=status
# We define a load balancer worker
# with name "balancer"
worker.list=balancer
worker.balancer.type=lb
# error_escalation_time: seconds, default = recover_time/2 (=30)
# Determines, how fast a detected error should switch from
# local error state to global error state
# Since: 1.2.28
#worker.balancer.error_escalation_time=0
# - max_reply_timeouts: number, default=0
# If there are to many reply timeouts, a worker
# is put into the error state, i.e. it will become
# unavailable for all sessions residing on the respective
# Tomcat. The number of tolerated reply timeouts is
# configured with max_reply_timeouts. The number of
# timeouts occuring is divided by 2 once a minute and the
# resulting counter is compared against max_reply_timeouts.
# If you set max_reply_timeouts to N and the errors are
# occuring equally distributed over time, you will
# tolerate N/2 errors per minute. If they occur in a burst
# you will tolerate N errors.
# Since: 1.2.24
worker.balancer.max_reply_timeouts=10
# Now we add members to the load balancer
# First member is "node1", most
# attributes are inherited from the
# template "worker.template".
worker.balancer.balance_workers=worker1
worker.worker1.reference=worker.template
worker.worker1.host=localhost
worker.worker1.port=8009
# Activation allows to configure
# whether this node should actually be used
# A: active (use node fully)
# D: disabled (only use, if sticky session needs this node)
# S: stopped (do not use)
# Since: 1.2.19
worker.worker1.activation=A
# Second member is "node2", most
# attributes are inherited from the
# template "worker.template".
worker.balancer.balance_workers=worker2
worker.worker2.reference=worker.template
worker.worker2.host=localhost
worker.worker2.port=8009
# Activation allows to configure
# whether this node should actually be used
# A: active (use node fully)
# D: disabled (only use, if sticky session needs this node)
# S: stopped (do not use)
# Since: 1.2.19
worker.worker2.activation=A
# Finally we put the parameters
# which should apply to all our ajp13
# workers into the referenced template
# - Type is ajp13
worker.template.type=ajp13
# - socket_connect_timeout: milliseconds, default=0
# Since: 1.2.27
#worker.template.socket_connect_timeout=5000//not supported in the version of mod_jk running 1.2.26
# - socket_keepalive: boolean, default=false
# Should we send TCP keepalive packets
# when connection is idle (socket option)?
worker.template.socket_keepalive=true
# - ping_mode: Character, default=none
# When should we use cping/cpong connection probing?
# C = directly after establishing a new connection
# P = directly before sending each request
# I = in regular intervals for idle connections
# using the watchdog thread
# A = all of the above
# Since: 1.2.27
#worker.template.ping_mode=A//not supported in the version of mod_jk running 1.2.26
# - ping_timeout: milliseconds, default=10000
# Wait timeout for cpong after cping
# Can be overwritten for modes C and P
# Using connect_timeout and prepost_timeout.
# Since: 1.2.27
#worker.template.ping_timeout=10000//not supported in the version of mod_jk running 1.2.26
# - connection_pool_minsize: number, default=connection_pool_size
# Lower pool size when shrinking pool due
# to idle connections
# We want all connections to be closed when
# idle for a long time in order to prevent
# firewall problems.
# Since: 1.2.16
worker.template.connection_pool_minsize=0
# - connection_pool_timeout: seconds, default=0
# Idle time, before a connection is eligible
# for being closed (pool shrinking).
# This should be the same value as connectionTimeout
# in the Tomcat AJP connector, but there it is
# milliseconds, here seconds.
worker.template.connection_pool_timeout=600
# - reply_timeout: milliseconds, default=0
# Any pause longer than this timeout during waiting
# for a part of the reply will abort handling the request
# in mod_jk. The request will proceed running in
# Tomcat, but the web server resources will be freed
# and an error is send to the client.
# For individual requests, the timeout can be overwritten
# by the Apache environment variable JK_REPLY_TIMEOUT.
# JK_REPLY_TIMEOUT since: 1.2.27
worker.template.reply_timeout=300000
# - recovery_options: number, default=0
# Bit mask to configure, if a request, which was send
# to a backend successfully, should be retried on another backend
# in case there's a problem with the response.
# Value "3" disables retries, whenever a part of the request was
# successfully send to the backend.
worker.template.recovery_options=3
Here is the configured virtualhost for domain2:
2nd virtualhost:
JkMount /share|/* worker2
RedirectMatch ^/$ http://share.domain2.com/share/
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Apache Accessing Tomcat Issue
Posted by Rainer Jung <ra...@kippdata.de>.
On 30.03.2013 21:53, Chris Arnold wrote:
> See above and ended up having to comment this out as it is not supported in the version of mod_jk i am using.
> Apache finally started after commenting those out and changing the port. And i can now access http://share.domain.com
> Ranier, thank you for your time and instruction. Shall i send you some paypal monies?
No, thanks for the offer. Have fun!
Rainer
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Apache Accessing Tomcat Issue
Posted by Chris Arnold <ca...@electrichendrix.com>.
On 30.03.2013 12:43, Chris Arnold wrote
>>The following param doesn't exist in your old version:
> # error_escalation_time: seconds, default = recover_time/2 (=30)
> # Determines, how fast a detected error should switch from
> # local error state to global error state
> # Since: 1.2.28
> worker.balancer.error_escalation_time=0
The following were not in the original post as i snipped these out in order to post only what i thought was important. They have always existed in the file since i downloaded the one you pointed me too.
>>That following port likely is wrong. you need to configure the AJP port
>>of Tomcat, something like 8009 or whataver you have chosen in
>>server.xml. Make sure the AJP port in server.xml is not commented out.
> worker.worker1.port=8080
Yes, i changed this to 8009 as stade in the server xml
>>The following param doesn't exist in your old version:
> # - socket_connect_timeout: milliseconds, default=0
> # Since: 1.2.27
> worker.template.socket_connect_timeout=5000
See above and ended up having to comment this out as it is not supported in the version of mod_jk i am using.
>>The following params don't exist in your old version:
> # - ping_mode: Character, default=none
> # When should we use cping/cpong connection probing?
> # C = directly after establishing a new connection
> # P = directly before sending each request
> # I = in regular intervals for idle connections
> # using the watchdog thread
> # A = all of the above
> # Since: 1.2.27
> worker.template.ping_mode=A
>
> # - ping_timeout: milliseconds, default=10000
> # Wait timeout for cpong after cping
> # Can be overwritten for modes C and P
> # Using connect_timeout and prepost_timeout.
> # Since: 1.2.27
> worker.template.ping_timeout=10000
See above and ended up having to comment this out as it is not supported in the version of mod_jk i am using.
>>The following param doesn't exist in your old version:
> # - reply_timeout: milliseconds, default=0
> # Any pause longer than this timeout during waiting
> # for a part of the reply will abort handling the request
> # in mod_jk. The request will proceed running in
> # Tomcat, but the web server resources will be freed
> # and an error is send to the client.
> # For individual requests, the timeout can be overwritten
> # by the Apache environment variable JK_REPLY_TIMEOUT.
> # JK_REPLY_TIMEOUT since: 1.2.27
> worker.template.reply_timeout=300000
See above and ended up having to comment this out as it is not supported in the version of mod_jk i am using.
Apache finally started after commenting those out and changing the port. And i can now access http://share.domain.com
Ranier, thank you for your time and instruction. Shall i send you some paypal monies?
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Apache Accessing Tomcat Issue
Posted by Rainer Jung <ra...@kippdata.de>.
On 30.03.2013 12:43, Chris Arnold wrote:
> Here is the modified virtualhost file:
> <VirtualHost *:80>
> ServerName share.domain.com
>
> #RewriteEngine On
> #RewriteCond %{REQUEST_URI} !^/share/
> #RewriteCond %{HTTPS} on
> #RewriteRule ^/. http://share.domain.com/share/ [P]
> JkMount /share|/* worker1
As mentioned I suggest to use "balancer" instead of "worker1" here.
> RedirectMatch ^/$ http://share.domain.com/share/
>
> ErrorLog /var/log/apache2/domain.com-error_log
> CustomLog /var/log/apache2/domain.com-access_log combined
>
> </VirtualHost>
>
>> OK, one thing I forgot, sorry:
>
>> this config uses a load balancer worker which even if there's only one
>> Tomcat instance involved allows a bit more of control. For this to work
>> you need to replace the name "worker1" in the above JkMount with "balancer":
>
>> JkMount /share|/* balancer
See above.
>> Give it a try (with!
>
> I dont understand the With! part. Is that part of the apache restart command to force?
Me neither, somehow part f the text got deleted. Probably just wanted to
say "with the above adjustments").
>> If it doesn't work, increase the JkLogLevel to debug and post the JK log
>> file contents (and the Apache error log and access log entries for your
>> test requests).
>
> Well, now apache does not start. Gives this error:
> error in reading worker properties from /opt/path to/worker.properties
Is the path in the error the correct one?
> Configuration failed
> Seems it doesn't like something about the worker.properties file. Due to that i will post the complete workers.properties file (it is writeable):
What's in the JK log?
The following param doesn't exist in your old version:
> # error_escalation_time: seconds, default = recover_time/2 (=30)
> # Determines, how fast a detected error should switch from
> # local error state to global error state
> # Since: 1.2.28
> worker.balancer.error_escalation_time=0
That following port likely is wrong. you need to configure the AJP port
of Tomcat, something like 8009 or whataver you have chosen in
server.xml. Make sure the AJP port in server.xml is not commented out.
> worker.worker1.port=8080
The following param doesn't exist in your old version:
> # - socket_connect_timeout: milliseconds, default=0
> # Since: 1.2.27
> worker.template.socket_connect_timeout=5000
The following params don't exist in your old version:
> # - ping_mode: Character, default=none
> # When should we use cping/cpong connection probing?
> # C = directly after establishing a new connection
> # P = directly before sending each request
> # I = in regular intervals for idle connections
> # using the watchdog thread
> # A = all of the above
> # Since: 1.2.27
> worker.template.ping_mode=A
>
> # - ping_timeout: milliseconds, default=10000
> # Wait timeout for cpong after cping
> # Can be overwritten for modes C and P
> # Using connect_timeout and prepost_timeout.
> # Since: 1.2.27
> worker.template.ping_timeout=10000
The following param doesn't exist in your old version:
> # - reply_timeout: milliseconds, default=0
> # Any pause longer than this timeout during waiting
> # for a part of the reply will abort handling the request
> # in mod_jk. The request will proceed running in
> # Tomcat, but the web server resources will be freed
> # and an error is send to the client.
> # For individual requests, the timeout can be overwritten
> # by the Apache environment variable JK_REPLY_TIMEOUT.
> # JK_REPLY_TIMEOUT since: 1.2.27
> worker.template.reply_timeout=300000
Regards,
Rainer
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Apache Accessing Tomcat Issue
Posted by Chris Arnold <ca...@electrichendrix.com>.
On 29.03.2013 18:02, Chris Arnold wrote:
>http://share.domain.com and get the required results (which is http://share.domain.com/share)
>>Let's stick to mod_jk for the moment. I think you are close.
OK
Here is the modified virtualhost file:
<VirtualHost *:80>
ServerName share.domain.com
#RewriteEngine On
#RewriteCond %{REQUEST_URI} !^/share/
#RewriteCond %{HTTPS} on
#RewriteRule ^/. http://share.domain.com/share/ [P]
JkMount /share|/* worker1
RedirectMatch ^/$ http://share.domain.com/share/
ErrorLog /var/log/apache2/domain.com-error_log
CustomLog /var/log/apache2/domain.com-access_log combined
</VirtualHost>
>OK, one thing I forgot, sorry:
>this config uses a load balancer worker which even if there's only one
>Tomcat instance involved allows a bit more of control. For this to work
>you need to replace the name "worker1" in the above JkMount with "balancer":
>JkMount /share|/* balancer
>because that's the name of the load balancer worker in your
>workers.properties.
>If you don't want to use the balancer, then add to workers.properties
>the line
>worker.list=worker1
>and optionally remove all lines that start with
>worker.balancer
>and the line
>worker.list=balancer
>But you can also keep them if you later want to test the load balancer
>worker.
Here is the new workers.properties file:
..........
# the final value for y will be value\something
# Define two status worker:
# - jk-status for read-only use
# - jk-manager for read/write use
worker.list=jk-status
worker.list=jk-status.type=status
worker.jk-status.read_only=true
worker.list=jk-manager
worker.list=worker1
worker.jk-manager.type=status
>Not that good, but probably will work nevertheless ;)
>Give it a try (with!
I dont understand the With! part. Is that part of the apache restart command to force?
>If it doesn't work, increase the JkLogLevel to debug and post the JK log
>file contents (and the Apache error log and access log entries for your
>test requests).
Well, now apache does not start. Gives this error:
error in reading worker properties from /opt/path to/worker.properties
Configuration failed
Seems it doesn't like something about the worker.properties file. Due to that i will post the complete workers.properties file (it is writeable):
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Note that the distributed version of this file requires modification
# before it is usable.
#
# Reference documentation: http://tomcat.apache.org/connectors-doc/reference/workers.html
#
# As a general note, the characters $( and ) are used internally to define
# macros. Do not use them in your own configuration!!!
#
# Whenever you see a set of lines such as:
# x=value
# y=$(x)\something
#
# the final value for y will be value\something
# Define two status worker:
# - jk-status for read-only use
# - jk-manager for read/write use
worker.list=jk-status
worker.jk-status.type=status
worker.jk-status.read_only=true
worker.list=jk-manager
worker.list=worker1
worker.jk-manager.type=status
# We define a load balancer worker
# with name "balancer"
worker.list=balancer
worker.balancer.type=lb
# error_escalation_time: seconds, default = recover_time/2 (=30)
# Determines, how fast a detected error should switch from
# local error state to global error state
# Since: 1.2.28
worker.balancer.error_escalation_time=0
# - max_reply_timeouts: number, default=0
# If there are to many reply timeouts, a worker
# is put into the error state, i.e. it will become
# unavailable for all sessions residing on the respective
# Tomcat. The number of tolerated reply timeouts is
# configured with max_reply_timeouts. The number of
# timeouts occuring is divided by 2 once a minute and the
# resulting counter is compared against max_reply_timeouts.
# If you set max_reply_timeouts to N and the errors are
# occuring equally distributed over time, you will
# tolerate N/2 errors per minute. If they occur in a burst
# you will tolerate N errors.
# Since: 1.2.24
worker.balancer.max_reply_timeouts=10
# Now we add members to the load balancer
# First member is "node1", most
# attributes are inherited from the
# template "worker.template".
worker.balancer.balance_workers=worker1
worker.worker1.reference=worker.template
worker.worker1.host=localhost
worker.worker1.port=8080
# Activation allows to configure
# whether this node should actually be used
# A: active (use node fully)
# D: disabled (only use, if sticky session needs this node)
# S: stopped (do not use)
# Since: 1.2.19
worker.worker1.activation=A
# Second member is "node2", most
# attributes are inherited from the
# template "worker.template".
#worker.balancer.balance_workers=node2
#worker.node2.reference=worker.template
#worker.node2.host=localhost
#worker.node2.port=8209
# Activation allows to configure
# whether this node should actually be used
# A: active (use node fully)
# D: disabled (only use, if sticky session needs this node)
# S: stopped (do not use)
# Since: 1.2.19
#worker.node2.activation=A
# Finally we put the parameters
# which should apply to all our ajp13
# workers into the referenced template
# - Type is ajp13
worker.template.type=ajp13
# - socket_connect_timeout: milliseconds, default=0
# Since: 1.2.27
worker.template.socket_connect_timeout=5000
# - socket_keepalive: boolean, default=false
# Should we send TCP keepalive packets
# when connection is idle (socket option)?
worker.template.socket_keepalive=true
# - ping_mode: Character, default=none
# When should we use cping/cpong connection probing?
# C = directly after establishing a new connection
# P = directly before sending each request
# I = in regular intervals for idle connections
# using the watchdog thread
# A = all of the above
# Since: 1.2.27
worker.template.ping_mode=A
# - ping_timeout: milliseconds, default=10000
# Wait timeout for cpong after cping
# Can be overwritten for modes C and P
# Using connect_timeout and prepost_timeout.
# Since: 1.2.27
worker.template.ping_timeout=10000
# - connection_pool_minsize: number, default=connection_pool_size
# Lower pool size when shrinking pool due
# to idle connections
# We want all connections to be closed when
# idle for a long time in order to prevent
# firewall problems.
# Since: 1.2.16
worker.template.connection_pool_minsize=0
# - connection_pool_timeout: seconds, default=0
# Idle time, before a connection is eligible
# for being closed (pool shrinking).
# This should be the same value as connectionTimeout
# in the Tomcat AJP connector, but there it is
# milliseconds, here seconds.
worker.template.connection_pool_timeout=600
# - reply_timeout: milliseconds, default=0
# Any pause longer than this timeout during waiting
# for a part of the reply will abort handling the request
# in mod_jk. The request will proceed running in
# Tomcat, but the web server resources will be freed
# and an error is send to the client.
# For individual requests, the timeout can be overwritten
# by the Apache environment variable JK_REPLY_TIMEOUT.
# JK_REPLY_TIMEOUT since: 1.2.27
worker.template.reply_timeout=300000
# - recovery_options: number, default=0
# Bit mask to configure, if a request, which was send
# to a backend successfully, should be retried on another backend
# in case there's a problem with the response.
# Value "3" disables retries, whenever a part of the request was
# successfully send to the backend.
worker.template.recovery_options=3
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Apache Accessing Tomcat Issue
Posted by Rainer Jung <ra...@kippdata.de>.
On 29.03.2013 18:02, Chris Arnold wrote:
> This thread is getting kinda messy so i am going to snip a bunch of stuff and answer your latest info.
Good.
>> So mod_proxy is loaded but you don't want to use it to access alfresco,
>> instead just mod_jk, right? Then don't use any ReWriteRule with the [P}
>> flag or any Proxy... directive.
>
> No, if this can be done with mod_proxy, i would prefer to do that. I have been unable to get mod_proxy working so users type http://share.domain.com and get the required results (which is http://share.domain.com/share)
Let's stick to mod_jk for the moment. I think you are close.
> Here is the modified virtualhost file:
> <VirtualHost *:80>
> ServerName share.domain.com
>
> #RewriteEngine On
> #RewriteCond %{REQUEST_URI} !^/share/
> #RewriteCond %{HTTPS} on
> #RewriteRule ^/. http://share.domain.com/share/ [P]
> JkMount /share|/* worker1
> RedirectMatch ^/$ http://share.domain.com/share/
>
> <IfModule mod_jk.c>
>
> # The following line makes apache aware of the location of
> # the /jsp-examples context
> #Alias /share "/opt/alfresco/tomcat/webapps/share"
> #<Directory "/opt/alfresco/tomcat/webapps/share">
> #Options Indexes FollowSymLinks
> #allow from all
> #</Directory>
>
> # The following line mounts all JSP files and the /servlet/ uri to tomcat
> #JkMount /servlets-examples/servlet/* ajp13
> #JkMount /share/*.jsp ajp13
>
> # The following line prohibits users from directly accessing WEB-INF
> #<Location "/share/WEB-INF/">
> #AllowOverride None
> #deny from all
> #</Location>
>
> # if not specified, the global error log is used
> ErrorLog /var/log/apache2/domain.com-error_log
> CustomLog /var/log/apache2/domain.com-access_log combined
>
> </IfModule>
>
> </VirtualHost>
Looks good to me, you can remove the IfModule tags. They don't contain
anything mod_jk specific any more and in fact if mod_jk is not loaded
you'd want the whole thing to bomb at startup and not just ignore mod_jk
config.
You've chosen the worker name worker1. Fine.
>> At this step:
>
>> - do not try to serve static content from Apache, first get this to work
>> before adding the additional complexity.
>
>> - do not try to make the webapp /share/ directly available under the top
>> level directory. It is OK to redirect the a request for
>> http://share.domain.com/ to http://share.domain.com/share/ and proceed
>>from there as above, but it is harder to remove the "share" URI path
>> component from each request. If you really need to do this, then use
>> mod_proxy, not mod_jk.
>
> Doing the above, does that take care of what you stated here?
Looks good to me.
> Here is the new workers.properties file:
> ..........
> # the final value for y will be value\something
>
> # Define two status worker:
> # - jk-status for read-only use
> # - jk-manager for read/write use
> worker.list=jk-status
> worker.jk-status.type=status
> worker.jk-status.read_only=true
>
> worker.list=jk-manager
> worker.jk-manager.type=status
>
> # We define a load balancer worker
> # with name "balancer"
> worker.list=balancer
> worker.balancer.type=lb
> # error_escalation_time: seconds, default = recover_time/2 (=30)
> # Determines, how fast a detected error should switch from
> # local error state to global error state
> # Since: 1.2.28
> worker.balancer.error_escalation_time=0
>
> # - max_reply_timeouts: number, default=0
> # If there are to many reply timeouts, a worker
> # is put into the error state, i.e. it will become
> # unavailable for all sessions residing on the respective
> # Tomcat. The number of tolerated reply timeouts is
> # configured with max_reply_timeouts. The number of
> # timeouts occuring is divided by 2 once a minute and the
> # resulting counter is compared against max_reply_timeouts.
> # If you set max_reply_timeouts to N and the errors are
> # occuring equally distributed over time, you will
> # tolerate N/2 errors per minute. If they occur in a burst
> # you will tolerate N errors.
> # Since: 1.2.24
> worker.balancer.max_reply_timeouts=10
>
>
>
> # Now we add members to the load balancer
> # First member is "node1", most
> # attributes are inherited from the
> # template "worker.template".
> worker.balancer.balance_workers=worker1
> worker.worker1.reference=worker.template
> worker.worker1.host=localhost
> worker.worker1.port=8080
> # Activation allows to configure
> # whether this node should actually be used
> # A: active (use node fully)
> # D: disabled (only use, if sticky session needs this node)
> # S: stopped (do not use)
> # Since: 1.2.19
> worker.worker1.activation=A
>
> # Second member is "node2", most
> # attributes are inherited from the
> # template "worker.template".
> #worker.balancer.balance_workers=node2
> #worker.node2.reference=worker.template
> #worker.node2.host=localhost
> #worker.node2.port=8209
> # Activation allows to configure
> # whether this node should actually be used
> # A: active (use node fully)
> # D: disabled (only use, if sticky session needs this node)
> # S: stopped (do not use)
> # Since: 1.2.19
> #worker.node2.activation=A
>
> # Finally we put the parameters
> # which should apply to all our ajp13
> # workers into the referenced template
> # - Type is ajp13
> worker.template.type=ajp13
>
> # - socket_connect_timeout: milliseconds, default=0
> # Since: 1.2.27
> worker.template.socket_connect_timeout=5000
>
> # - socket_keepalive: boolean, default=false
> # Should we send TCP keepalive packets
> # when connection is idle (socket option)?
> worker.template.socket_keepalive=true
>
> # - ping_mode: Character, default=none
> # When should we use cping/cpong connection probing?
> # C = directly after establishing a new connection
> # P = directly before sending each request
> # I = in regular intervals for idle connections
> # using the watchdog thread
> # A = all of the above
> # Since: 1.2.27
> worker.template.ping_mode=A
>
> # - ping_timeout: milliseconds, default=10000
> # Wait timeout for cpong after cping
> # Can be overwritten for modes C and P
> # Using connect_timeout and prepost_timeout.
> # Since: 1.2.27
> worker.template.ping_timeout=10000
>
> # - connection_pool_minsize: number, default=connection_pool_size
> # Lower pool size when shrinking pool due
> # to idle connections
> # We want all connections to be closed when
> # idle for a long time in order to prevent
> # firewall problems.
> # Since: 1.2.16
> worker.template.connection_pool_minsize=0
>
> # - connection_pool_timeout: seconds, default=0
> # Idle time, before a connection is eligible
> # for being closed (pool shrinking).
> # This should be the same value as connectionTimeout
> # in the Tomcat AJP connector, but there it is
> # milliseconds, here seconds.
> worker.template.connection_pool_timeout=600
>
> # - reply_timeout: milliseconds, default=0
> # Any pause longer than this timeout during waiting
> # for a part of the reply will abort handling the request
> # in mod_jk. The request will proceed running in
> # Tomcat, but the web server resources will be freed
> # and an error is send to the client.
> # For individual requests, the timeout can be overwritten
> # by the Apache environment variable JK_REPLY_TIMEOUT.
> # JK_REPLY_TIMEOUT since: 1.2.27
> worker.template.reply_timeout=300000
>
> # - recovery_options: number, default=0
> # Bit mask to configure, if a request, which was send
> # to a backend successfully, should be retried on another backend
> # in case there's a problem with the response.
> # Value "3" disables retries, whenever a part of the request was
> # successfully send to the backend.
> worker.template.recovery_options=3
OK, one thing I forgot, sorry:
this config uses a load balancer worker which even if there's only one
Tomcat instance involved allows a bit more of control. For this to work
you need to replace the name "worker1" in the above JkMount with "balancer":
JkMount /share|/* balancer
because that's the name of the load balancer worker in your
workers.properties.
If you don't want to use the balancer, then add to workers.properties
the line
worker.list=worker1
and optionally remove all lines that start with
worker.balancer
and the line
worker.list=balancer
But you can also keep them if you later want to test the load balancer
worker.
>> JkShmFile /var/log/alfresco/shm
>
>> has not worked. Check whether the directory /var/log/alfresco exists and
>> is writable.
>
> Does exist and is writeable. Those errors were from the veru beginning and have not had any errors since then
OK
>> Are you using a relatively recent version of mod_jk (1.2.37)? Which
>> version of Apache are you using?
>
> 1.2.26 which came with the SLES11 distribution
Not that good, but probably will work nevertheless ;)
Give it a try (with!
If it doesn't work, increase the JkLogLevel to debug and post the JK log
file contents (and the Apache error log and access log entries for your
test requests).
Regards,
Rainer
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Apache Accessing Tomcat Issue
Posted by Chris Arnold <ca...@electrichendrix.com>.
This thread is getting kinda messy so i am going to snip a bunch of stuff and answer your latest info.
>So mod_proxy is loaded but you don't want to use it to access alfresco,
>instead just mod_jk, right? Then don't use any ReWriteRule with the [P}
>flag or any Proxy... directive.
No, if this can be done with mod_proxy, i would prefer to do that. I have been unable to get mod_proxy working so users type http://share.domain.com and get the required results (which is http://share.domain.com/share)
>Assume all static images, css, js are in some /path/to/my/folder/static
>and there's nothing else underneath it, that folder would be a place to
>publish directly via Alias in Apache.
OK
>I'm guessing here: what you want is that the request for
>http://share.domain.com should be forwarded to the Tomcat web
>application names "share".
Exactly
>For that I would put the following directives into the Apache
>VirtualHost that actually serves the request.
>- Add a redirect for the URI / to /share/ to the Apache config:
>RedirectMatch ^/$ http://share.domain.com/share/
>- Forward all requests that point below /share to Tomcat and let them be
>served by the webapp:
>JkMount /share|/* myworker
>- Remove other JkMount, Alias etc.
Here is the modified virtualhost file:
<VirtualHost *:80>
ServerName share.domain.com
#RewriteEngine On
#RewriteCond %{REQUEST_URI} !^/share/
#RewriteCond %{HTTPS} on
#RewriteRule ^/. http://share.domain.com/share/ [P]
JkMount /share|/* worker1
RedirectMatch ^/$ http://share.domain.com/share/
<IfModule mod_jk.c>
# The following line makes apache aware of the location of
# the /jsp-examples context
#Alias /share "/opt/alfresco/tomcat/webapps/share"
#<Directory "/opt/alfresco/tomcat/webapps/share">
#Options Indexes FollowSymLinks
#allow from all
#</Directory>
# The following line mounts all JSP files and the /servlet/ uri to tomcat
#JkMount /servlets-examples/servlet/* ajp13
#JkMount /share/*.jsp ajp13
# The following line prohibits users from directly accessing WEB-INF
#<Location "/share/WEB-INF/">
#AllowOverride None
#deny from all
#</Location>
# if not specified, the global error log is used
ErrorLog /var/log/apache2/domain.com-error_log
CustomLog /var/log/apache2/domain.com-access_log combined
</IfModule>
</VirtualHost>
>At this step:
>- do not try to serve static content from Apache, first get this to work
>before adding the additional complexity.
>- do not try to make the webapp /share/ directly available under the top
>level directory. It is OK to redirect the a request for
>http://share.domain.com/ to http://share.domain.com/share/ and proceed
>from there as above, but it is harder to remove the "share" URI path
>component from each request. If you really need to do this, then use
>mod_proxy, not mod_jk.
Doing the above, does that take care of what you stated here?
>Don't use this configuration. It is garbage.
>Download a mod_jk source distribution (recent is version 1.2.37) which
>contains a nive default workers.properties file. You can also get it here:
>http://svn.apache.org/viewvc/tomcat/jk/trunk/conf/workers.properties?view=co
>In that file, remove all lines referring to "node2" and replace "node1"
>by whatever worker name you have chosen in JkMount (myworker or whatever).
>Finally set "host" and "port" of that worker to whatever port and server
>name your Tomcat listens to.
Here is the new workers.properties file:
..........
# the final value for y will be value\something
# Define two status worker:
# - jk-status for read-only use
# - jk-manager for read/write use
worker.list=jk-status
worker.jk-status.type=status
worker.jk-status.read_only=true
worker.list=jk-manager
worker.jk-manager.type=status
# We define a load balancer worker
# with name "balancer"
worker.list=balancer
worker.balancer.type=lb
# error_escalation_time: seconds, default = recover_time/2 (=30)
# Determines, how fast a detected error should switch from
# local error state to global error state
# Since: 1.2.28
worker.balancer.error_escalation_time=0
# - max_reply_timeouts: number, default=0
# If there are to many reply timeouts, a worker
# is put into the error state, i.e. it will become
# unavailable for all sessions residing on the respective
# Tomcat. The number of tolerated reply timeouts is
# configured with max_reply_timeouts. The number of
# timeouts occuring is divided by 2 once a minute and the
# resulting counter is compared against max_reply_timeouts.
# If you set max_reply_timeouts to N and the errors are
# occuring equally distributed over time, you will
# tolerate N/2 errors per minute. If they occur in a burst
# you will tolerate N errors.
# Since: 1.2.24
worker.balancer.max_reply_timeouts=10
# Now we add members to the load balancer
# First member is "node1", most
# attributes are inherited from the
# template "worker.template".
worker.balancer.balance_workers=worker1
worker.worker1.reference=worker.template
worker.worker1.host=localhost
worker.worker1.port=8080
# Activation allows to configure
# whether this node should actually be used
# A: active (use node fully)
# D: disabled (only use, if sticky session needs this node)
# S: stopped (do not use)
# Since: 1.2.19
worker.worker1.activation=A
# Second member is "node2", most
# attributes are inherited from the
# template "worker.template".
#worker.balancer.balance_workers=node2
#worker.node2.reference=worker.template
#worker.node2.host=localhost
#worker.node2.port=8209
# Activation allows to configure
# whether this node should actually be used
# A: active (use node fully)
# D: disabled (only use, if sticky session needs this node)
# S: stopped (do not use)
# Since: 1.2.19
#worker.node2.activation=A
# Finally we put the parameters
# which should apply to all our ajp13
# workers into the referenced template
# - Type is ajp13
worker.template.type=ajp13
# - socket_connect_timeout: milliseconds, default=0
# Since: 1.2.27
worker.template.socket_connect_timeout=5000
# - socket_keepalive: boolean, default=false
# Should we send TCP keepalive packets
# when connection is idle (socket option)?
worker.template.socket_keepalive=true
# - ping_mode: Character, default=none
# When should we use cping/cpong connection probing?
# C = directly after establishing a new connection
# P = directly before sending each request
# I = in regular intervals for idle connections
# using the watchdog thread
# A = all of the above
# Since: 1.2.27
worker.template.ping_mode=A
# - ping_timeout: milliseconds, default=10000
# Wait timeout for cpong after cping
# Can be overwritten for modes C and P
# Using connect_timeout and prepost_timeout.
# Since: 1.2.27
worker.template.ping_timeout=10000
# - connection_pool_minsize: number, default=connection_pool_size
# Lower pool size when shrinking pool due
# to idle connections
# We want all connections to be closed when
# idle for a long time in order to prevent
# firewall problems.
# Since: 1.2.16
worker.template.connection_pool_minsize=0
# - connection_pool_timeout: seconds, default=0
# Idle time, before a connection is eligible
# for being closed (pool shrinking).
# This should be the same value as connectionTimeout
# in the Tomcat AJP connector, but there it is
# milliseconds, here seconds.
worker.template.connection_pool_timeout=600
# - reply_timeout: milliseconds, default=0
# Any pause longer than this timeout during waiting
# for a part of the reply will abort handling the request
# in mod_jk. The request will proceed running in
# Tomcat, but the web server resources will be freed
# and an error is send to the client.
# For individual requests, the timeout can be overwritten
# by the Apache environment variable JK_REPLY_TIMEOUT.
# JK_REPLY_TIMEOUT since: 1.2.27
worker.template.reply_timeout=300000
# - recovery_options: number, default=0
# Bit mask to configure, if a request, which was send
# to a backend successfully, should be retried on another backend
# in case there's a problem with the response.
# Value "3" disables retries, whenever a part of the request was
# successfully send to the backend.
worker.template.recovery_options=3
>JkShmFile /var/log/alfresco/shm
>has not worked. Check whether the directory /var/log/alfresco exists and
>is writable.
Does exist and is writeable. Those errors were from the veru beginning and have not had any errors since then
>Are you using a relatively recent version of mod_jk (1.2.37)? Which
>version of Apache are you using?
1.2.26 which came with the SLES11 distribution
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Apache Accessing Tomcat Issue
Posted by Rainer Jung <ra...@kippdata.de>.
On 29.03.2013 13:10, Chris Arnold wrote:
> On 29.03.2013 00:24, Chris Arnold wrote:
>>
>> # The following line mounts all JSP files and the /servlet/ uri to tomcat
>> #JkMount /servlets-examples/servlet/* ajp13
>> JkMount /share/*.jsp ajp13
>
>>> Note that you only forward JSP-Requests here. might be OK, depending on
>>> the application.
>
> The application, just for reference, is alfresco
>
>> #RewriteEngine On
>> #RewriteCond %{REQUEST_URI} !^/share/
>> #RewriteCond %{HTTPS} on
>> #RewriteRule ^/. http://share.paradixent.com/share/ [P]
>> #JkMount /share/* worker1
>
>>> Although the proxy rewrite rules are commented out here, later down the
>>> log indicates you are still somewhere using mod_proxy instead of mod_jk.
>
> mod_proxy is used on this installation of apache. I am told i need to use mod_jk in this instance. I need users to access this application like so: http://share.domain.com and using mod_jk is the easiest way to do this (thats what i am told)
So mod_proxy is loaded but you don't want to use it to access alfresco,
instead just mod_jk, right? Then don't use any ReWriteRule with the [P}
flag or any Proxy... directive.
OK as above, since commented, so not active.
>> <IfModule mod_jk.c>
>>
>>
>> # The following line makes apache aware of the location of
>> # the /jsp-examples context
>> Alias /share "/opt/alfresco/tomcat/webapps/share"
>> <Directory "/opt/alfresco/tomcat/webapps/share">
>> Options Indexes FollowSymLinks
>> allow from all
>> </Directory>
>
>>> You can let Apache serve static content directly from an exploded
>>> webapp, but it is generally not recommended, because you then also open
>>> up stuff that's not expected to be made public to requests from outside.
>
> I understand this
>
>>> If below "share" there's anything that's not meant to be served by
>>> Apache, then it would be beter to copy the stuff that Apache should
>> serve to a separate directory, which would then be the one to put into
>>> the Alias.
>
> but wouldn't this still have stuff below /share open?
Assume all static images, css, js are in some /path/to/my/folder/static
and there's nothing else underneath it, that folder would be a place to
publish directly via Alias in Apache.
>> # The following line mounts all JSP files and the /servlet/ uri to tomcat
>> #JkMount /servlets-examples/servlet/* ajp13
>> JkMount /share/*.jsp ajp13
>>
>> # The following line prohibits users from directly accessing WEB-INF
>> <Location "/share/WEB-INF/">
>> #AllowOverride None
>> deny from all
>> </Location>
>
>>> That's one exampe for stuff you don't want to be served, META-INF as
>>> well (if existing), there could be other stuff as well.
>
>
>> # if not specified, the global error log is used
>> ErrorLog /var/log/apache2domain.com-error_log
>> CustomLog /var/log/apache2/domain.com-access_log combined
>>
>> </IfModule>
>>
>> </VirtualHost>
>>
>>
>> httpd.conf-
>>
>> # mod_jk
>> Include /opt/alfresco/tomcat/conf/jk.conf
>>
>>
>> Mod_jk is loaded:
>>
>> web:~ # /usr/sbin/httpd2 -M
>> Loaded Modules:
>> .......
>> jk_module (shared)
>> perl_module (shared)
>> php5_module (shared)
>> Syntax OK
>>
>>
>>
>>
>> Here is the log from apache:
>>
>> [Thu Mar 28 18:40:14 2013] [error] [client pub ip] proxy: Error reading from remote server returned by /error/HTTP_INTERNAL_SERVER_ERROR.html.var
>> [Thu Mar 28 18:40:28 2013] [error] [client pub ip] (70007)The timeout specified has expired: proxy: error reading status line from remote server share.paradixent.com
>> [Thu Mar 28 18:40:28 2013] [error] [client pub ip] proxy: Error reading from remote server returned by /error/HTTP_INTERNAL_SERVER_ERROR.html.var
>
>>> What's the request you send?
> i assume you are asking for the link? Which is http://share.domain.com
I'm guessing here: what you want is that the request for
http://share.domain.com should be forwarded to the Tomcat web
application names "share".
For that I would put the following directives into the Apache
VirtualHost that actually serves the request.
- Add a redirect for the URI / to /share/ to the Apache config:
RedirectMatch ^/$ http://share.domain.com/share/
- Forward all requests that point below /share to Tomcat and let them be
served by the webapp:
JkMount /share|/* myworker
You can choose any name for "myworker", but see below for
workers.properties.
- Remove other JkMount, Alias etc.
At this step:
- do not try to serve static content from Apache, first get this to work
before adding the additional complexity.
- do not try to make the webapp /share/ directly available under the top
level directory. It is OK to redirect the a request for
http://share.domain.com/ to http://share.domain.com/share/ and proceed
from there as above, but it is harder to remove the "share" URI path
component from each request. If you really need to do this, then use
mod_proxy, not mod_jk.
>>> What's the expected response
> a login page
>
>>> and what's the actual response?
> depending on whether i have the rewrite rules commented out or not, uncommented is a directory listing. Commented out is eventually a 503 Bad Gateway.
>
>>> The above log snippet tells us that somewhere in your config you have
>>> mod_proxy active, which is an alternative way to connect to a backend.
>>> You should get your idea straight, for which URLs you are using
>>> mod_proxy and for which mod_jk. I would suggest to stick with one.
>
> If it possible to use mod_proxy and have users access http://share.domain.com, thats what i would like to do. I have been unable to accomplish this result and therefore have tried mod_jk.
>
>>> You didn't show us your worker.properties file.
> workers.properties-
Don't use this configuration. It is garbage.
Download a mod_jk source distribution (recent is version 1.2.37) which
contains a nive default workers.properties file. You can also get it here:
http://svn.apache.org/viewvc/tomcat/jk/trunk/conf/workers.properties?view=co
In that file, remove all lines referring to "node2" and replace "node1"
by whatever worker name you have chosen in JkMount (myworker or whatever).
Finally set "host" and "port" of that worker to whatever port and server
name your Tomcat listens to.
>>> You didn't show us your mod_jk log file.
>
> [Thu Mar 28 10:00:12.913 2013] [4351:1530722048] [error] init_jk::mod_jk.c (2781): Initializing shm:/srv/www/logs/jk-runtime-status.4351 errno=2. Load balancing workers will not function properly.
> [Thu Mar 28 10:00:12.974 2013] [4353:1530722048] [error] init_jk::mod_jk.c (2781): Initializing shm:/srv/www/logs/jk-runtime-status.4353 errno=2. Load balancing workers will not function properly.
Your config directive
JkShmFile /var/log/alfresco/shm
has not worked. Check whether the directory /var/log/alfresco exists and
is writable.
If you can't solve this, you can set JkLogLevel to debug, which will
produce lots of startup and request handling output we can look at.
Are you using a relatively recent version of mod_jk (1.2.37)? Which
version of Apache are you using?
Regards,
Rainer
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Apache Accessing Tomcat Issue
Posted by Chris Arnold <ca...@electrichendrix.com>.
>>What's the request you send?
i assume you are asking for the link? Which is http://share.domain.com
>>What's the expected response
a login page
>>and what's the actual response?
Now, it is a 403:
[Fri Mar 29 08:15:24 2013] [error] [client pub ip] Directory index forbidden by Options directive: /srv/www/htdocs/
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Apache Accessing Tomcat Issue
Posted by Chris Arnold <ca...@electrichendrix.com>.
On 29.03.2013 00:24, Chris Arnold wrote:
>
> # The following line mounts all JSP files and the /servlet/ uri to tomcat
> #JkMount /servlets-examples/servlet/* ajp13
> JkMount /share/*.jsp ajp13
>>Note that you only forward JSP-Requests here. might be OK, depending on
>>the application.
The application, just for reference, is alfresco
> #RewriteEngine On
> #RewriteCond %{REQUEST_URI} !^/share/
> #RewriteCond %{HTTPS} on
> #RewriteRule ^/. http://share.paradixent.com/share/ [P]
> #JkMount /share/* worker1
>>Although the proxy rewrite rules are commented out here, later down the
>>log indicates you are still somewhere using mod_proxy instead of mod_jk.
mod_proxy is used on this installation of apache. I am told i need to use mod_jk in this instance. I need users to access this application like so: http://share.domain.com and using mod_jk is the easiest way to do this (thats what i am told)
> <IfModule mod_jk.c>
>
>
> # The following line makes apache aware of the location of
> # the /jsp-examples context
> Alias /share "/opt/alfresco/tomcat/webapps/share"
> <Directory "/opt/alfresco/tomcat/webapps/share">
> Options Indexes FollowSymLinks
> allow from all
> </Directory>
>>You can let Apache serve static content directly from an exploded
>>webapp, but it is generally not recommended, because you then also open
>>up stuff that's not expected to be made public to requests from outside.
I understand this
>>If below "share" there's anything that's not meant to be served by
>>Apache, then it would be beter to copy the stuff that Apache should
>serve to a separate directory, which would then be the one to put into
>>the Alias.
but wouldn't this still have stuff below /share open?
> # The following line mounts all JSP files and the /servlet/ uri to tomcat
> #JkMount /servlets-examples/servlet/* ajp13
> JkMount /share/*.jsp ajp13
>
> # The following line prohibits users from directly accessing WEB-INF
> <Location "/share/WEB-INF/">
> #AllowOverride None
> deny from all
> </Location>
>>That's one exampe for stuff you don't want to be served, META-INF as
>>well (if existing), there could be other stuff as well.
> # if not specified, the global error log is used
> ErrorLog /var/log/apache2domain.com-error_log
> CustomLog /var/log/apache2/domain.com-access_log combined
>
> </IfModule>
>
> </VirtualHost>
>
>
> httpd.conf-
>
> # mod_jk
> Include /opt/alfresco/tomcat/conf/jk.conf
>
>
> Mod_jk is loaded:
>
> web:~ # /usr/sbin/httpd2 -M
> Loaded Modules:
> .......
> jk_module (shared)
> perl_module (shared)
> php5_module (shared)
> Syntax OK
>
>
>
>
> Here is the log from apache:
>
> [Thu Mar 28 18:40:14 2013] [error] [client pub ip] proxy: Error reading from remote server returned by /error/HTTP_INTERNAL_SERVER_ERROR.html.var
> [Thu Mar 28 18:40:28 2013] [error] [client pub ip] (70007)The timeout specified has expired: proxy: error reading status line from remote server share.paradixent.com
> [Thu Mar 28 18:40:28 2013] [error] [client pub ip] proxy: Error reading from remote server returned by /error/HTTP_INTERNAL_SERVER_ERROR.html.var
>>What's the request you send?
i assume you are asking for the link? Which is http://share.domain.com
>>What's the expected response
a login page
>>and what's the actual response?
depending on whether i have the rewrite rules commented out or not, uncommented is a directory listing. Commented out is eventually a 503 Bad Gateway.
>>The above log snippet tells us that somewhere in your config you have
>>mod_proxy active, which is an alternative way to connect to a backend.
>>You should get your idea straight, for which URLs you are using
>>mod_proxy and for which mod_jk. I would suggest to stick with one.
If it possible to use mod_proxy and have users access http://share.domain.com, thats what i would like to do. I have been unable to accomplish this result and therefore have tried mod_jk.
>>You didn't show us your worker.properties file.
workers.properties-
# OPTIONS ( very important for jni mode )
#
# workers.tomcat_home should point to the location where you
# installed tomcat. This is where you have your conf, webapps and lib
# directories.
#
workers.tomcat_home=/opt/alfresco/tomcat
#
# workers.java_home should point to your Java installation. Normally
# you should have a bin and lib directories beneath it.
#
workers.java_home=/opt/IBMJava2-13
#
# You should configure your environment slash... ps=\ on NT and / on UNIX
# and maybe something different elsewhere.
#
ps=/
#
#------ ADVANCED MODE ------------------------------------------------
#---------------------------------------------------------------------
#
#
#------ DEFAULT worker list ------------------------------------------
#---------------------------------------------------------------------
#
#
# The workers that your plugins should create and work with
#
# Add 'inprocess' if you want JNI connector
worker.list=ajp12, ajp13
# , inprocess
#
#------ DEFAULT ajp12 WORKER DEFINITION ------------------------------
#---------------------------------------------------------------------
#
#
# Defining a worker named ajp12 and of type ajp12
# Note that the name and the type do not have to match.
#
worker.ajp12.port=8007
worker.ajp12.host=localhost
worker.ajp12.type=ajp12
#
# Specifies the load balance factor when used with
# a load balancing worker.
# Note:
# ----> lbfactor must be > 0
# ----> Low lbfactor means less work done by the worker.
worker.ajp12.lbfactor=1
#
#------ DEFAULT ajp13 WORKER DEFINITION ------------------------------
#---------------------------------------------------------------------
#
#
# Defining a worker named ajp13 and of type ajp13
# Note that the name and the type do not have to match.
#
worker.ajp13.port=8009
worker.ajp13.host=localhost
worker.ajp13.type=ajp13
#
# Specifies the load balance factor when used with
# a load balancing worker.
# Note:
# ----> lbfactor must be > 0
# ----> Low lbfactor means less work done by the worker.
worker.ajp13.lbfactor=1
#
# Specify the size of the open connection pool.
#worker.ajp13.connection_pool_size
#
#------ DEFAULT LOAD BALANCER WORKER DEFINITION ----------------------
#---------------------------------------------------------------------
#
#
# The loadbalancer (type lb) workers perform wighted round-robin
# load balancing with sticky sessions.
# Note:
# ----> If a worker dies, the load balancer will check its state
# once in a while. Until then all work is redirected to peer
# workers.
worker.loadbalancer.type=lb
worker.loadbalancer.balance_workers=ajp12, ajp13
#
#------ DEFAULT JNI WORKER DEFINITION---------------------------------
#---------------------------------------------------------------------
#
#
# Defining a worker named inprocess and of type jni
# Note that the name and the type do not have to match.
#
worker.inprocess.type=jni
#
#------ CLASSPATH DEFINITION -----------------------------------------
#---------------------------------------------------------------------
#
#
# Additional class path components.
#
worker.inprocess.class_path=$(workers.tomcat_home)$(ps)lib$(ps)tomcat.jar
#
# Setting the command line for tomcat.
# Note: The cmd_line string may not contain spaces.
#
worker.inprocess.cmd_line=start
# Not needed, but can be customized.
#worker.inprocess.cmd_line=-config
#worker.inprocess.cmd_line=$(workers.tomcat_home)$(ps)conf$(ps)server.xml
#worker.inprocess.cmd_line=-home
#worker.inprocess.cmd_line=$(workers.tomcat_home)
#
# The JVM that we are about to use
#
# This is for Java2
#
# Windows
worker.inprocess.jvm_lib=$(workers.java_home)$(ps)jre$(ps)bin$(ps)classic$(ps)jvm.dll
# IBM JDK1.3
#worker.inprocess.jvm_lib=$(workers.java_home)$(ps)jre$(ps)bin$(ps)classic$(ps)libjvm.so
# Unix - Sun VM or blackdown
#worker.inprocess.jvm_lib=$(workers.java_home)$(ps)jre$(ps)lib$(ps)i386$(ps)classic$(ps)libjvm.so
#
# And this is for jdk1.1.X
#
#worker.inprocess.jvm_lib=$(workers.java_home)$(ps)bin$(ps)javai.dll
#
# Setting the place for the stdout and stderr of tomcat
#
worker.inprocess.stdout=$(workers.tomcat_home)$(ps)logs$(ps)inprocess.stdout
worker.inprocess.stderr=$(workers.tomcat_home)$(ps)logs$(ps)inprocess.stderr
#
# Setting the tomcat.home Java property
#
#worker.inprocess.sysprops=tomcat.home=$(workers.tomcat_home)
#
# Java system properties
#
# worker.inprocess.sysprops=java.compiler=NONE
# worker.inprocess.sysprops=myprop=mypropvalue
#
# Additional path components.
#
# worker.inprocess.ld_path=d:$(ps)SQLLIB$(ps)bin
#
>>You didn't show us your mod_jk log file.
[Thu Mar 28 10:00:12.913 2013] [4351:1530722048] [error] init_jk::mod_jk.c (2781): Initializing shm:/srv/www/logs/jk-runtime-status.4351 errno=2. Load balancing workers will not function properly.
[Thu Mar 28 10:00:12.974 2013] [4353:1530722048] [error] init_jk::mod_jk.c (2781): Initializing shm:/srv/www/logs/jk-runtime-status.4353 errno=2. Load balancing workers will not function properly.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Apache Accessing Tomcat Issue
Posted by Rainer Jung <ra...@kippdata.de>.
On 29.03.2013 00:24, Chris Arnold wrote:
> Apache Tomcat/7.0.30 on SLES11 SP2. I am trying to configure access to a webapp using http://share.domain.com. This webapp uses port 8080 and works fine from inside the LAN. However, we have an apache2 server acting as a proxy and we want users to not have to type in a port number.
>
> Now when accessing http://share.domain.com, the result is directories and files are listed, the jsp files are not running. Here is my complete setup:
>
> jk.conf-
>
> # simple configuration for apache (for AJP connector, modul mod_jk.so)
>
> <IfModule mod_jk.c>
>
> JkWorkersFile /opt/alfresco/tomcat/workers.properties
> JkLogFile /var/log/alfresco/mod_jk.log
> JkShmFile /var/log/alfresco/shm
>
> # Log level to be used by mod_jk
> JkLogLevel error
>
> # The following line mounts all JSP files and the /servlet/ uri to tomcat
> #JkMount /servlets-examples/servlet/* ajp13
> JkMount /share/*.jsp ajp13
Note that you only forward JSP-Requests here. might be OK, depending on
the application.
> </IfModule>
>
>
> virtualhost-
>
> <VirtualHost *:80>
> ServerName share.domain.com
>
> #RewriteEngine On
> #RewriteCond %{REQUEST_URI} !^/share/
> #RewriteCond %{HTTPS} on
> #RewriteRule ^/. http://share.paradixent.com/share/ [P]
> #JkMount /share/* worker1
Although the proxy rewrite rules are commented out here, later down the
log indicates you are still somewhere using mod_proxy instead of mod_jk.
> <IfModule mod_jk.c>
>
>
> # The following line makes apache aware of the location of
> # the /jsp-examples context
> Alias /share "/opt/alfresco/tomcat/webapps/share"
> <Directory "/opt/alfresco/tomcat/webapps/share">
> Options Indexes FollowSymLinks
> allow from all
> </Directory>
You can let Apache serve static content directly from an exploded
webapp, but it is generally not recommended, because you then also open
up stuff that's not expected to be made public to requests from outside.
If below "share" there's anything that's not meant to be served by
Apache, then it would be beter to copy the stuff that Apache should
serve to a separate directory, which would then be the one to put into
the Alias.
> # The following line mounts all JSP files and the /servlet/ uri to tomcat
> #JkMount /servlets-examples/servlet/* ajp13
> JkMount /share/*.jsp ajp13
>
> # The following line prohibits users from directly accessing WEB-INF
> <Location "/share/WEB-INF/">
> #AllowOverride None
> deny from all
> </Location>
That's one exampe for stuff you don't want to be served, META-INF as
well (if existing), there could be other stuff as well.
> # if not specified, the global error log is used
> ErrorLog /var/log/apache2domain.com-error_log
> CustomLog /var/log/apache2/domain.com-access_log combined
>
> </IfModule>
>
> </VirtualHost>
>
>
> httpd.conf-
>
> # mod_jk
> Include /opt/alfresco/tomcat/conf/jk.conf
>
>
> Mod_jk is loaded:
>
> web:~ # /usr/sbin/httpd2 -M
> Loaded Modules:
> .......
> jk_module (shared)
> perl_module (shared)
> php5_module (shared)
> Syntax OK
>
>
>
>
> Here is the log from apache:
>
> [Thu Mar 28 18:40:14 2013] [error] [client pub ip] proxy: Error reading from remote server returned by /error/HTTP_INTERNAL_SERVER_ERROR.html.var
> [Thu Mar 28 18:40:28 2013] [error] [client pub ip] (70007)The timeout specified has expired: proxy: error reading status line from remote server share.paradixent.com
> [Thu Mar 28 18:40:28 2013] [error] [client pub ip] proxy: Error reading from remote server returned by /error/HTTP_INTERNAL_SERVER_ERROR.html.var
What's the request you send? What's the expected response and what's the
actual response?
The above log snippet tells us that somewhere in your config you have
mod_proxy active, which is an alternative way to connect to a backend.
You should get your idea straight, for which URLs you are using
mod_proxy and for which mod_jk. I would suggest to stick with one.
You didn't show us your worker.properties file.
You didn't show us your mod_jk log file.
Regards,
Rainer
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Apache Accessing Tomcat Issue
Posted by Igor Cicimov <ic...@gmail.com>.
On 29/03/2013 10:29 AM, "Chris Arnold" <ca...@electrichendrix.com> wrote:
>
> Apache Tomcat/7.0.30 on SLES11 SP2. I am trying to configure access to a
webapp using http://share.domain.com. This webapp uses port 8080 and works
fine from inside the LAN. However, we have an apache2 server acting as a
proxy and we want users to not have to type in a port number.
>
> Now when accessing http://share.domain.com, the result is directories and
files are listed, the jsp files are not running. Here is my complete setup:
>
You cant overlap apache and tomcat file system
> jk.conf-
>
> # simple configuration for apache (for AJP connector, modul mod_jk.so)
>
> <IfModule mod_jk.c>
>
> JkWorkersFile /opt/alfresco/tomcat/workers.properties
> JkLogFile /var/log/alfresco/mod_jk.log
> JkShmFile /var/log/alfresco/shm
>
> # Log level to be used by mod_jk
> JkLogLevel error
>
> # The following line mounts all JSP files and the /servlet/ uri to
tomcat
> #JkMount /servlets-examples/servlet/* ajp13
> JkMount /share/*.jsp ajp13
>
> </IfModule>
>
>
> virtualhost-
>
> <VirtualHost *:80>
> ServerName share.domain.com
>
> #RewriteEngine On
> #RewriteCond %{REQUEST_URI} !^/share/
> #RewriteCond %{HTTPS} on
> #RewriteRule ^/. http://share.paradixent.com/share/ [P]
> #JkMount /share/* worker1
>
> <IfModule mod_jk.c>
>
>
> # The following line makes apache aware of the location of
> # the /jsp-examples context
> Alias /share "/opt/alfresco/tomcat/webapps/share"
> <Directory "/opt/alfresco/tomcat/webapps/share">
> Options Indexes FollowSymLinks
> allow from all
> </Directory>
>
> # The following line mounts all JSP files and the /servlet/ uri to
tomcat
> #JkMount /servlets-examples/servlet/* ajp13
> JkMount /share/*.jsp ajp13
>
> # The following line prohibits users from directly accessing WEB-INF
> <Location "/share/WEB-INF/">
> #AllowOverride None
> deny from all
> </Location>
>
> # if not specified, the global error log is used
> ErrorLog /var/log/apache2domain.com-error_log
> CustomLog /var/log/apache2/domain.com-access_log combined
>
> </IfModule>
>
> </VirtualHost>
>
>
> httpd.conf-
>
> # mod_jk
> Include /opt/alfresco/tomcat/conf/jk.conf
>
>
> Mod_jk is loaded:
>
> web:~ # /usr/sbin/httpd2 -M
> Loaded Modules:
> .......
> jk_module (shared)
> perl_module (shared)
> php5_module (shared)
> Syntax OK
>
>
>
>
> Here is the log from apache:
>
> [Thu Mar 28 18:40:14 2013] [error] [client pub ip] proxy: Error reading
from remote server returned by /error/HTTP_INTERNAL_SERVER_ERROR.html.var
> [Thu Mar 28 18:40:28 2013] [error] [client pub ip] (70007)The timeout
specified has expired: proxy: error reading status line from remote server
share.paradixent.com
> [Thu Mar 28 18:40:28 2013] [error] [client pub ip] proxy: Error reading
from remote server returned by /error/HTTP_INTERNAL_SERVER_ERROR.html.var
>
>
> Any ideas why the folder and files are being listed instead of running?
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>