diff options
author | kstranacher <kstranacher@d688527b-c9ab-4aba-bd8d-4036d912da1d> | 2009-08-13 11:43:41 +0000 |
---|---|---|
committer | kstranacher <kstranacher@d688527b-c9ab-4aba-bd8d-4036d912da1d> | 2009-08-13 11:43:41 +0000 |
commit | a5b9107deaed46f7f1bb9e3e29c2ff627ea367cb (patch) | |
tree | 38f828de45559bbba3f8741d4828bb69ae7a5db8 /id/server/data/deploy/tomcat | |
parent | 79d13d2a1f058b3962f3d6cd9042944f46614cda (diff) | |
parent | 6e9eb88d441cd0a75bb54858e47f36d01a14cfc8 (diff) | |
download | moa-id-spss-a5b9107deaed46f7f1bb9e3e29c2ff627ea367cb.tar.gz moa-id-spss-a5b9107deaed46f7f1bb9e3e29c2ff627ea367cb.tar.bz2 moa-id-spss-a5b9107deaed46f7f1bb9e3e29c2ff627ea367cb.zip |
git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/tags/1.4.5@1131 d688527b-c9ab-4aba-bd8d-4036d912da1d
Diffstat (limited to 'id/server/data/deploy/tomcat')
-rw-r--r-- | id/server/data/deploy/tomcat/catalina.policy | 244 | ||||
-rw-r--r-- | id/server/data/deploy/tomcat/tomcat-4.1.x/server.mod_jk.xml | 162 | ||||
-rw-r--r-- | id/server/data/deploy/tomcat/tomcat-4.1.x/server.xml | 171 | ||||
-rw-r--r-- | id/server/data/deploy/tomcat/tomcat-5.0.x/server.mod_jk.xml | 386 | ||||
-rw-r--r-- | id/server/data/deploy/tomcat/tomcat-5.0.x/server.xml | 388 | ||||
-rw-r--r-- | id/server/data/deploy/tomcat/tomcat-util-4.1.27-patched/tomcat-util.jar | bin | 0 -> 178544 bytes | |||
-rw-r--r-- | id/server/data/deploy/tomcat/unix/tomcat-start.sh | 28 | ||||
-rw-r--r-- | id/server/data/deploy/tomcat/unix/tomcat-stop.sh | 7 | ||||
-rw-r--r-- | id/server/data/deploy/tomcat/uriworkermap.properties | 9 | ||||
-rw-r--r-- | id/server/data/deploy/tomcat/win32/startTomcat.bat | 26 | ||||
-rw-r--r-- | id/server/data/deploy/tomcat/win32/stopTomcat.bat | 13 | ||||
-rw-r--r-- | id/server/data/deploy/tomcat/workers.properties | 6 |
12 files changed, 1440 insertions, 0 deletions
diff --git a/id/server/data/deploy/tomcat/catalina.policy b/id/server/data/deploy/tomcat/catalina.policy new file mode 100644 index 000000000..3df83157d --- /dev/null +++ b/id/server/data/deploy/tomcat/catalina.policy @@ -0,0 +1,244 @@ +// Licensed to the Apache Software Foundation (ASF) under one or more
+// contributor license agreements. See the NOTICE file distributed with
+// this work for additional information regarding copyright ownership.
+// The ASF licenses this file to You under the Apache License, Version 2.0
+// (the "License"); you may not use this file except in compliance with
+// the License. You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+// ============================================================================
+// catalina.corepolicy - Security Policy Permissions for Tomcat 5
+//
+// This file contains a default set of security policies to be enforced (by the
+// JVM) when Catalina is executed with the "-security" option. In addition
+// to the permissions granted here, the following additional permissions are
+// granted to the codebase specific to each web application:
+//
+// * Read access to the document root directory
+//
+// $Id: catalina.policy 609451 2008-01-06 22:38:14Z markt $
+// ============================================================================
+
+
+// ========== SYSTEM CODE PERMISSIONS =========================================
+
+
+// These permissions apply to javac
+grant codeBase "file:${java.home}/lib/-" {
+ permission java.security.AllPermission;
+};
+
+// These permissions apply to all shared system extensions
+grant codeBase "file:${java.home}/jre/lib/ext/-" {
+ permission java.security.AllPermission;
+};
+
+// These permissions apply to javac when ${java.home] points at $JAVA_HOME/jre
+grant codeBase "file:${java.home}/../lib/-" {
+ permission java.security.AllPermission;
+};
+
+// These permissions apply to all shared system extensions when
+// ${java.home} points at $JAVA_HOME/jre
+grant codeBase "file:${java.home}/lib/ext/-" {
+ permission java.security.AllPermission;
+};
+
+
+// ========== CATALINA CODE PERMISSIONS =======================================
+
+
+// These permissions apply to the launcher code
+grant codeBase "file:${catalina.home}/bin/commons-launcher.jar" {
+ permission java.security.AllPermission;
+};
+
+// These permissions apply to the daemon code
+grant codeBase "file:${catalina.home}/bin/commons-daemon.jar" {
+ permission java.security.AllPermission;
+};
+
+// These permissions apply to the commons-logging API
+grant codeBase "file:${catalina.home}/bin/commons-logging-api-1.1.1.jar" {
+ permission java.security.AllPermission;
+ permission java.io.FilePermission "<<ALL FILES>>", "read,write,execute,delete";
+};
+
+// These permissions apply to the server startup code
+grant codeBase "file:${catalina.home}/bin/bootstrap.jar" {
+ permission java.security.AllPermission;
+};
+
+// These permissions apply to the JMX server
+grant codeBase "file:${catalina.home}/bin/jmx.jar" {
+ permission java.security.AllPermission;
+};
+
+// These permissions apply to JULI
+grant codeBase "file:${catalina.home}/bin/tomcat-juli.jar" {
+ permission java.security.AllPermission;
+
+ permission java.util.PropertyPermission "java.util.logging.config.class", "read";
+ permission java.util.PropertyPermission "java.util.logging.config.file", "read";
+ permission java.lang.RuntimePermission "shutdownHooks";
+ permission java.io.FilePermission "${catalina.base}${file.separator}conf${file.separator}logging.properties", "read";
+ permission java.util.PropertyPermission "catalina.base", "read";
+ permission java.util.logging.LoggingPermission "control";
+ permission java.io.FilePermission "${catalina.base}${file.separator}logs", "read, write";
+ permission java.io.FilePermission "${catalina.base}${file.separator}logs${file.separator}*", "read, write";
+
+ permission java.io.FilePermission "<<ALL FILES>>", "read,write,execute,delete";
+
+ permission java.lang.RuntimePermission "getClassLoader";
+ // To enable per context logging configuration, permit read access to the appropriate file.
+ // Be sure that the logging configuration is secure before enabling such access
+ // eg for the examples web application:
+ // permission java.io.FilePermission "${catalina.base}${file.separator}webapps${file.separator}examples${file.separator}WEB-INF${file.separator}classes${file.separator}logging.properties", "read";
+};
+
+// These permissions apply to the servlet API classes
+// and those that are shared across all class loaders
+// located in the "common" directory
+grant codeBase "file:${catalina.home}/common/-" {
+ permission java.security.AllPermission;
+};
+
+// These permissions apply to the container's core code, plus any additional
+// libraries installed in the "server" directory
+grant codeBase "file:${catalina.home}/server/-" {
+ permission java.security.AllPermission;
+};
+
+// The permissions granted to the balancer WEB-INF/classes and WEB-INF/lib directory
+grant codeBase "file:${catalina.home}/webapps/balancer/-" {
+ permission java.lang.RuntimePermission "accessClassInPackage.org.apache.tomcat.util.digester";
+ permission java.lang.RuntimePermission "accessClassInPackage.org.apache.tomcat.util.digester.*";
+};
+// ========== WEB APPLICATION PERMISSIONS =====================================
+
+
+// grant codeBase "jar:file:${catalina.home}/webapps/moa-spss/WEB-INF/lib/moa-common-1.4.4.jar!/-" {
+// permission java.lang.FilePermission
+
+//}
+
+// These permissions are granted by default to all web applications
+// In addition, a web application will be given a read FilePermission
+// and JndiPermission for all files and directories in its document root.
+grant {
+ // Required for JNDI lookup of named JDBC DataSource's and
+ // javamail named MimePart DataSource used to send mail
+ permission java.util.PropertyPermission "java.home", "read";
+ permission java.util.PropertyPermission "java. .*", "read";
+ permission java.util.PropertyPermission "javax.sql.*", "read";
+
+ // OS Specific properties to allow read access
+ permission java.util.PropertyPermission "os.name", "read";
+ permission java.util.PropertyPermission "os.version", "read";
+ permission java.util.PropertyPermission "os.arch", "read";
+ permission java.util.PropertyPermission "file.separator", "read";
+ permission java.util.PropertyPermission "path.separator", "read";
+ permission java.util.PropertyPermission "line.separator", "read";
+
+ // JVM properties to allow read access
+ permission java.util.PropertyPermission "java.version", "read";
+ permission java.util.PropertyPermission "java.vendor", "read";
+ permission java.util.PropertyPermission "java.vendor.url", "read";
+ permission java.util.PropertyPermission "java.class.version", "read";
+ permission java.util.PropertyPermission "java.specification.version", "read";
+ permission java.util.PropertyPermission "java.specification.vendor", "read";
+ permission java.util.PropertyPermission "java.specification.name", "read";
+
+ permission java.util.PropertyPermission "java.vm.specification.version", "read";
+ permission java.util.PropertyPermission "java.vm.specification.vendor", "read";
+ permission java.util.PropertyPermission "java.vm.specification.name", "read";
+ permission java.util.PropertyPermission "java.vm.version", "read";
+ permission java.util.PropertyPermission "java.vm.vendor", "read";
+ permission java.util.PropertyPermission "java.vm.name", "read";
+
+ // required for moa id/spss
+ permission java.util.PropertyPermission "*", "read, write";
+
+ // make this finer, directory listing attack is possible, do not permit logging from here
+
+// permission java.io.FilePermission "${catalina.home}/temp/-", "read,write";
+// permission java.io.FilePermission "${catalina.home}/temp", "read,write";
+
+ permission java.io.FilePermission "${catalina.home}/conf/moa-id", "read,write";
+ permission java.io.FilePermission "${catalina.home}/conf/moa-id/-", "read,write";
+ permission java.io.FilePermission "${catalina.home}/conf/moa-spss", "read,write";
+ permission java.io.FilePermission "${catalina.home}/conf/moa-spss/-", "read,write";
+ permission java.io.FilePermission "${catalina.home}/conf/log4j.properties", "read";
+ permission java.io.FilePermission "${catalina.base}${file.separator}conf${file.separator}logging.properties", "read";
+ permission java.util.logging.LoggingPermission "control";
+ permission java.io.FilePermission "${catalina.base}${file.separator}logs", "read, write";
+ permission java.io.FilePermission "${catalina.base}${file.separator}logs${file.separator}*", "read, write";
+
+ permission java.security.SecurityPermission "*";
+
+ permission java.lang.RuntimePermission "*";
+
+ permission java.io.FilePermission "${catalina.home}/webapps/moa-spss/WEB-INF/server-config.wsdd", "read,write";
+ permission java.io.FilePermission "${catalina.home}/webapps/moa-id-auth/WEB-INF/server-config.wsdd", "read,write";
+ permission java.io.FilePermission "client-config.wsdd", "read,write";
+
+ permission java.net.NetPermission "specifyStreamHandler";
+
+ permission java.net.SocketPermission "*", "connect,accept,listen,resolve";
+
+
+
+ // Required for OpenJMX
+ permission java.lang.RuntimePermission "getAttribute";
+
+ // Allow read of JAXP compliant XML parser debug
+ permission java.util.PropertyPermission "jaxp.debug", "read";
+
+ // Precompiled JSPs need access to this package.
+ permission java.lang.RuntimePermission "accessClassInPackage.org.apache.jasper.runtime";
+ permission java.lang.RuntimePermission "accessClassInPackage.org.apache.jasper.runtime.*";
+
+ // Precompiled JSPs need access to this system property.
+ permission java.util.PropertyPermission "org.apache.jasper.runtime.BodyContentImpl.LIMIT_BUFFER", "read";
+};
+
+
+// You can assign additional permissions to particular web applications by
+// adding additional "grant" entries here, based on the code base for that
+// application, /WEB-INF/classes/, or /WEB-INF/lib/ jar files.
+//
+// Different permissions can be granted to JSP pages, classes loaded from
+// the /WEB-INF/classes/ directory, all jar files in the /WEB-INF/lib/
+// directory, or even to individual jar files in the /WEB-INF/lib/ directory.
+//
+// For instance, assume that the standard "examples" application
+// included a JDBC driver that needed to establish a network connection to the
+// corresponding database and used the scrape taglib to get the weather from
+// the NOAA web server. You might create a "grant" entries like this:
+//
+// The permissions granted to the context root directory apply to JSP pages.
+// grant codeBase "file:${catalina.home}/webapps/examples/-" {
+// permission java.net.SocketPermission "dbhost.mycompany.com:5432", "connect";
+// permission java.net.SocketPermission "*.noaa.gov:80", "connect";
+// };
+//
+// The permissions granted to the context WEB-INF/classes directory
+// grant codeBase "file:${catalina.home}/webapps/examples/WEB-INF/classes/-" {
+// };
+//
+// The permission granted to your JDBC driver
+// grant codeBase "jar:file:${catalina.home}/webapps/examples/WEB-INF/lib/driver.jar!/-" {
+// permission java.net.SocketPermission "dbhost.mycompany.com:5432", "connect";
+// };
+// The permission granted to the scrape taglib
+// grant codeBase "jar:file:${catalina.home}/webapps/examples/WEB-INF/lib/scrape.jar!/-" {
+// permission java.net.SocketPermission "*.noaa.gov:80", "connect";
+// };
+
diff --git a/id/server/data/deploy/tomcat/tomcat-4.1.x/server.mod_jk.xml b/id/server/data/deploy/tomcat/tomcat-4.1.x/server.mod_jk.xml new file mode 100644 index 000000000..30770b5bf --- /dev/null +++ b/id/server/data/deploy/tomcat/tomcat-4.1.x/server.mod_jk.xml @@ -0,0 +1,162 @@ +<!-- Alternate Example-less Configuration File -->
+<!-- Note that component elements are nested corresponding to their
+ parent-child relationships with each other -->
+<!-- A "Server" is a singleton element that represents the entire JVM,
+ which may contain one or more "Service" instances. The Server
+ listens for a shutdown command on the indicated port.
+
+ Note: A "Server" is not itself a "Container", so you may not
+ define subcomponents such as "Valves" or "Loggers" at this level.
+ -->
+<Server port="8005" shutdown="SHUTDOWN" debug="0">
+ <!-- Uncomment this entry to enable JMX MBeans support -->
+ <!--
+ <Listener className="org.apache.catalina.mbeans.ServerLifecycleListener"
+ debug="0" port="-1" login="admin" password="admin"/>
+-->
+ <!-- A "Service" is a collection of one or more "Connectors" that share
+ a single "Container" (and therefore the web applications visible
+ within that Container). Normally, that Container is an "Engine",
+ but this is not required.
+
+ Note: A "Service" is not itself a "Container", so you may not
+ define subcomponents such as "Valves" or "Loggers" at this level.
+ -->
+ <!-- Define the Tomcat Stand-Alone Service -->
+ <Service name="Tomcat-Standalone">
+ <!-- A "Connector" represents an endpoint by which requests are received
+ and responses are returned. Each Connector passes requests on to the
+ associated "Container" (normally an Engine) for processing.
+
+ By default, a non-SSL HTTP/1.1 Connector is established on port 8080.
+ You can also enable an SSL HTTP/1.1 Connector on port 8443 by
+ following the instructions below and uncommenting the second Connector
+ entry. SSL support requires the following steps (see the SSL Config
+ HOWTO in the Tomcat 4.0 documentation bundle for more detailed
+ instructions):
+ * Download and install JSSE 1.0.2 or later, and put the JAR files
+ into "$JAVA_HOME/jre/lib/ext".
+ * Execute:
+ %JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA (Windows)
+ $JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA (Unix)
+ with a password value of "changeit" for both the certificate and
+ the keystore itself.
+
+ By default, DNS lookups are enabled when a web application calls
+ request.getRemoteHost(). This can have an adverse impact on
+ performance, so you can disable it by setting the
+ "enableLookups" attribute to "false". When DNS lookups are disabled,
+ request.getRemoteHost() will return the String version of the
+ IP address of the remote client.
+ -->
+ <!-- Define a Coyote/JK2 AJP 1.3 Connector on port 8009 -->
+ <Connector className="org.apache.coyote.tomcat4.CoyoteConnector"
+ port="8009" minProcessors="5" maxProcessors="75"
+ enableLookups="true" redirectPort="8443" acceptCount="10" debug="0"
+ connectionTimeout="0" useURIValidationHack="false"
+ protocolHandlerClassName="org.apache.jk.server.JkCoyoteHandler"/>
+ <!-- An Engine represents the entry point (within Catalina) that processes
+ every request. The Engine implementation for Tomcat stand alone
+ analyzes the HTTP headers included with the request, and passes them
+ on to the appropriate Host (virtual host). -->
+ <!-- Define the top level container in our container hierarchy -->
+ <Engine name="Standalone" defaultHost="localhost" debug="0">
+ <!-- The request dumper valve dumps useful debugging information about
+ the request headers and cookies that were received, and the response
+ headers and cookies that were sent, for all requests received by
+ this instance of Tomcat. If you care only about requests to a
+ particular virtual host, or a particular application, nest this
+ element inside the corresponding <Host> or <Context> entry instead.
+
+ For a similar mechanism that is portable to all Servlet 2.3
+ containers, check out the "RequestDumperFilter" Filter in the
+ example application (the source for this filter may be found in
+ "$CATALINA_HOME/webapps/examples/WEB-INF/classes/filters").
+
+ Request dumping is disabled by default. Uncomment the following
+ element to enable it. -->
+ <!--
+ <Valve className="org.apache.catalina.valves.RequestDumperValve"/>
+ -->
+ <!-- Global logger unless overridden at lower levels -->
+ <Logger className="org.apache.catalina.logger.FileLogger"
+ prefix="catalina_log." suffix=".txt" timestamp="true"/>
+ <!-- Because this Realm is here, an instance will be shared globally -->
+ <Realm className="org.apache.catalina.realm.MemoryRealm" />
+ <!-- Replace the above Realm with one of the following to get a Realm
+ stored in a database and accessed via JDBC -->
+ <!-- Define the default virtual host -->
+ <Host name="localhost" debug="0" appBase="webapps"
+ unpackWARs="true" autoDeploy="true">
+ <!-- Normally, users must authenticate themselves to each web app
+ individually. Uncomment the following entry if you would like
+ a user to be authenticated the first time they encounter a
+ resource protected by a security constraint, and then have that
+ user identity maintained across *all* web applications contained
+ in this virtual host. -->
+ <!--
+ <Valve className="org.apache.catalina.authenticator.SingleSignOn"
+ debug="0"/>
+ -->
+ <!-- Access log processes all requests for this virtual host. By
+ default, log files are created in the "logs" directory relative to
+ $CATALINA_HOME. If you wish, you can specify a different
+ directory with the "directory" attribute. Specify either a relative
+ (to $CATALINA_HOME) or absolute path to the desired directory.
+ -->
+ <Valve className="org.apache.catalina.valves.AccessLogValve"
+ directory="logs" prefix="localhost_access_log."
+ suffix=".txt" pattern="common"/>
+ <!-- Logger shared by all Contexts related to this virtual host. By
+ default (when using FileLogger), log files are created in the "logs"
+ directory relative to $CATALINA_HOME. If you wish, you can specify
+ a different directory with the "directory" attribute. Specify either a
+ relative (to $CATALINA_HOME) or absolute path to the desired
+ directory.-->
+ <Logger className="org.apache.catalina.logger.FileLogger"
+ directory="logs" prefix="localhost_log." suffix=".txt"
+ timestamp="true"/>
+ <!-- Define properties for each web application. This is only needed
+ if you want to set non-default properties, or have web application
+ document roots in places other than the virtual host's appBase
+ directory. -->
+ <!-- Tomcat Root Context -->
+ <!--
+ <Context path="" docBase="ROOT" debug="0"/>
+ -->
+ </Host>
+ </Engine>
+ </Service>
+ <!-- The MOD_WEBAPP connector is used to connect Apache 1.3 with Tomcat 4.0
+ as its servlet container. Please read the README.txt file coming with
+ the WebApp Module distribution on how to build it.
+ (Or check out the "jakarta-tomcat-connectors/webapp" CVS repository)
+
+ To configure the Apache side, you must ensure that you have the
+ "ServerName" and "Port" directives defined in "httpd.conf". Then,
+ lines like these to the bottom of your "httpd.conf" file:
+
+ LoadModule webapp_module libexec/mod_webapp.so
+ WebAppConnection warpConnection warp localhost:8008
+ WebAppDeploy examples warpConnection /examples/
+
+ The next time you restart Apache (after restarting Tomcat, if needed)
+ the connection will be established, and all applications you make
+ visible via "WebAppDeploy" directives can be accessed through Apache.
+ -->
+ <!-- Define an Apache-Connector Service -->
+ <Service name="Tomcat-Apache">
+ <Connector className="org.apache.catalina.connector.warp.WarpConnector"
+ port="8008" minProcessors="5" maxProcessors="75"
+ enableLookups="true" acceptCount="10" debug="0"/>
+ <!-- Replace "localhost" with what your Apache "ServerName" is set to -->
+ <Engine className="org.apache.catalina.connector.warp.WarpEngine"
+ name="Apache" debug="0" appBase="webapps">
+ <!-- Global logger unless overridden at lower levels -->
+ <Logger className="org.apache.catalina.logger.FileLogger"
+ prefix="apache_log." suffix=".txt" timestamp="true"/>
+ <!-- Because this Realm is here, an instance will be shared globally -->
+ <Realm className="org.apache.catalina.realm.MemoryRealm" />
+ </Engine>
+ </Service>
+</Server>
\ No newline at end of file diff --git a/id/server/data/deploy/tomcat/tomcat-4.1.x/server.xml b/id/server/data/deploy/tomcat/tomcat-4.1.x/server.xml new file mode 100644 index 000000000..b259d2dec --- /dev/null +++ b/id/server/data/deploy/tomcat/tomcat-4.1.x/server.xml @@ -0,0 +1,171 @@ +<!-- Alternate Example-less Configuration File -->
+<!-- Note that component elements are nested corresponding to their
+ parent-child relationships with each other -->
+<!-- A "Server" is a singleton element that represents the entire JVM,
+ which may contain one or more "Service" instances. The Server
+ listens for a shutdown command on the indicated port.
+
+ Note: A "Server" is not itself a "Container", so you may not
+ define subcomponents such as "Valves" or "Loggers" at this level.
+ -->
+<Server port="8005" shutdown="SHUTDOWN" debug="0">
+ <!-- Uncomment this entry to enable JMX MBeans support -->
+ <!--
+ <Listener className="org.apache.catalina.mbeans.ServerLifecycleListener"
+ debug="0" port="-1" login="admin" password="admin"/>
+-->
+ <!-- A "Service" is a collection of one or more "Connectors" that share
+ a single "Container" (and therefore the web applications visible
+ within that Container). Normally, that Container is an "Engine",
+ but this is not required.
+
+ Note: A "Service" is not itself a "Container", so you may not
+ define subcomponents such as "Valves" or "Loggers" at this level.
+ -->
+ <!-- Define the Tomcat Stand-Alone Service -->
+ <Service name="Tomcat-Standalone">
+ <!-- A "Connector" represents an endpoint by which requests are received
+ and responses are returned. Each Connector passes requests on to the
+ associated "Container" (normally an Engine) for processing.
+
+ By default, a non-SSL HTTP/1.1 Connector is established on port 8080.
+ You can also enable an SSL HTTP/1.1 Connector on port 8443 by
+ following the instructions below and uncommenting the second Connector
+ entry. SSL support requires the following steps (see the SSL Config
+ HOWTO in the Tomcat 4.0 documentation bundle for more detailed
+ instructions):
+ * Download and install JSSE 1.0.2 or later, and put the JAR files
+ into "$JAVA_HOME/jre/lib/ext".
+ * Execute:
+ %JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA (Windows)
+ $JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA (Unix)
+ with a password value of "changeit" for both the certificate and
+ the keystore itself.
+
+ By default, DNS lookups are enabled when a web application calls
+ request.getRemoteHost(). This can have an adverse impact on
+ performance, so you can disable it by setting the
+ "enableLookups" attribute to "false". When DNS lookups are disabled,
+ request.getRemoteHost() will return the String version of the
+ IP address of the remote client.
+ -->
+ <!-- Define a non-SSL Coyote HTTP/1.1 Connector on port 8080 -->
+ <Connector className="org.apache.coyote.tomcat4.CoyoteConnector"
+ port="8080" minProcessors="5" maxProcessors="75"
+ enableLookups="true" redirectPort="8443" acceptCount="100"
+ debug="0" connectionTimeout="20000" useURIValidationHack="false"
+ disableUploadTimeout="true"/>
+ <!-- Note : To disable connection timeouts, set connectionTimeout value to -1 -->
+ <!-- Define a SSL Coyote HTTP/1.1 Connector on port 8443 -->
+ <Connector className="org.apache.coyote.tomcat4.CoyoteConnector"
+ port="8443" minProcessors="5" maxProcessors="75"
+ enableLookups="uri" acceptCount="100" debug="0" scheme="https"
+ secure="true" useURIValidationHack="false"
+ disableUploadTimeout="true">
+ <Factory
+ className="org.apache.coyote.tomcat4.CoyoteServerSocketFactory"
+ clientAuth="false" protocol="TLS"/>
+ </Connector>
+ <!-- An Engine represents the entry point (within Catalina) that processes
+ every request. The Engine implementation for Tomcat stand alone
+ analyzes the HTTP headers included with the request, and passes them
+ on to the appropriate Host (virtual host). -->
+ <!-- Define the top level container in our container hierarchy -->
+ <Engine name="Standalone" defaultHost="localhost" debug="0">
+ <!-- The request dumper valve dumps useful debugging information about
+ the request headers and cookies that were received, and the response
+ headers and cookies that were sent, for all requests received by
+ this instance of Tomcat. If you care only about requests to a
+ particular virtual host, or a particular application, nest this
+ element inside the corresponding <Host> or <Context> entry instead.
+
+ For a similar mechanism that is portable to all Servlet 2.3
+ containers, check out the "RequestDumperFilter" Filter in the
+ example application (the source for this filter may be found in
+ "$CATALINA_HOME/webapps/examples/WEB-INF/classes/filters").
+
+ Request dumping is disabled by default. Uncomment the following
+ element to enable it. -->
+ <!--
+ <Valve className="org.apache.catalina.valves.RequestDumperValve"/>
+ -->
+ <!-- Global logger unless overridden at lower levels -->
+ <Logger className="org.apache.catalina.logger.FileLogger"
+ prefix="catalina_log." suffix=".txt" timestamp="true"/>
+ <!-- Because this Realm is here, an instance will be shared globally -->
+ <Realm className="org.apache.catalina.realm.MemoryRealm"/>
+ <!-- Define the default virtual host -->
+ <Host name="localhost" debug="0" appBase="webapps"
+ unpackWARs="true" autoDeploy="true">
+ <!-- Normally, users must authenticate themselves to each web app
+ individually. Uncomment the following entry if you would like
+ a user to be authenticated the first time they encounter a
+ resource protected by a security constraint, and then have that
+ user identity maintained across *all* web applications contained
+ in this virtual host. -->
+ <!--
+ <Valve className="org.apache.catalina.authenticator.SingleSignOn"
+ debug="0"/>
+ -->
+ <!-- Access log processes all requests for this virtual host. By
+ default, log files are created in the "logs" directory relative to
+ $CATALINA_HOME. If you wish, you can specify a different
+ directory with the "directory" attribute. Specify either a relative
+ (to $CATALINA_HOME) or absolute path to the desired directory.
+ -->
+ <Valve className="org.apache.catalina.valves.AccessLogValve"
+ directory="logs" prefix="localhost_access_log."
+ suffix=".txt" pattern="common"/>
+ <!-- Logger shared by all Contexts related to this virtual host. By
+ default (when using FileLogger), log files are created in the "logs"
+ directory relative to $CATALINA_HOME. If you wish, you can specify
+ a different directory with the "directory" attribute. Specify either a
+ relative (to $CATALINA_HOME) or absolute path to the desired
+ directory.-->
+ <Logger className="org.apache.catalina.logger.FileLogger"
+ directory="logs" prefix="localhost_log." suffix=".txt"
+ timestamp="true"/>
+ <!-- Define properties for each web application. This is only needed
+ if you want to set non-default properties, or have web application
+ document roots in places other than the virtual host's appBase
+ directory. -->
+ <!-- Tomcat Root Context -->
+ <!--
+ <Context path="" docBase="../moa-id-proxy.war" debug="0"/>
+ -->
+ </Host>
+ </Engine>
+ </Service>
+ <!-- The MOD_WEBAPP connector is used to connect Apache 1.3 with Tomcat 4.0
+ as its servlet container. Please read the README.txt file coming with
+ the WebApp Module distribution on how to build it.
+ (Or check out the "jakarta-tomcat-connectors/webapp" CVS repository)
+
+ To configure the Apache side, you must ensure that you have the
+ "ServerName" and "Port" directives defined in "httpd.conf". Then,
+ lines like these to the bottom of your "httpd.conf" file:
+
+ LoadModule webapp_module libexec/mod_webapp.so
+ WebAppConnection warpConnection warp localhost:8008
+ WebAppDeploy examples warpConnection /examples/
+
+ The next time you restart Apache (after restarting Tomcat, if needed)
+ the connection will be established, and all applications you make
+ visible via "WebAppDeploy" directives can be accessed through Apache.
+ -->
+ <!-- Define an Apache-Connector Service -->
+ <Service name="Tomcat-Apache">
+ <Connector className="org.apache.catalina.connector.warp.WarpConnector"
+ port="8008" minProcessors="5" maxProcessors="75"
+ enableLookups="true" acceptCount="10" debug="0"/>
+ <!-- Replace "localhost" with what your Apache "ServerName" is set to -->
+ <Engine className="org.apache.catalina.connector.warp.WarpEngine"
+ name="Apache" debug="0" appBase="webapps">
+ <!-- Global logger unless overridden at lower levels -->
+ <Logger className="org.apache.catalina.logger.FileLogger"
+ prefix="apache_log." suffix=".txt" timestamp="true"/>
+ <!-- Because this Realm is here, an instance will be shared globally -->
+ <Realm className="org.apache.catalina.realm.MemoryRealm"/>
+ </Engine>
+ </Service>
+</Server>
\ No newline at end of file diff --git a/id/server/data/deploy/tomcat/tomcat-5.0.x/server.mod_jk.xml b/id/server/data/deploy/tomcat/tomcat-5.0.x/server.mod_jk.xml new file mode 100644 index 000000000..bbc375984 --- /dev/null +++ b/id/server/data/deploy/tomcat/tomcat-5.0.x/server.mod_jk.xml @@ -0,0 +1,386 @@ +<!-- Example Server Configuration File -->
+<!-- Note that component elements are nested corresponding to their
+ parent-child relationships with each other -->
+
+<!-- A "Server" is a singleton element that represents the entire JVM,
+ which may contain one or more "Service" instances. The Server
+ listens for a shutdown command on the indicated port.
+
+ Note: A "Server" is not itself a "Container", so you may not
+ define subcomponents such as "Valves" or "Loggers" at this level.
+ -->
+
+<Server port="8005" shutdown="SHUTDOWN" debug="0">
+
+
+ <!-- Comment these entries out to disable JMX MBeans support -->
+ <!-- You may also configure custom components (e.g. Valves/Realms) by
+ including your own mbean-descriptor file(s), and setting the
+ "descriptors" attribute to point to a ';' seperated list of paths
+ (in the ClassLoader sense) of files to add to the default list.
+ e.g. descriptors="/com/myfirm/mypackage/mbean-descriptor.xml"
+ -->
+ <Listener className="org.apache.catalina.mbeans.ServerLifecycleListener"
+ debug="0"/>
+ <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener"
+ debug="0"/>
+
+ <!-- Global JNDI resources -->
+ <GlobalNamingResources>
+
+ <!-- Test entry for demonstration purposes -->
+ <Environment name="simpleValue" type="java.lang.Integer" value="30"/>
+
+ <!-- Editable user database that can also be used by
+ UserDatabaseRealm to authenticate users -->
+ <Resource name="UserDatabase" auth="Container"
+ type="org.apache.catalina.UserDatabase"
+ description="User database that can be updated and saved">
+ </Resource>
+ <ResourceParams name="UserDatabase">
+ <parameter>
+ <name>factory</name>
+ <value>org.apache.catalina.users.MemoryUserDatabaseFactory</value>
+ </parameter>
+ <parameter>
+ <name>pathname</name>
+ <value>conf/tomcat-users.xml</value>
+ </parameter>
+ </ResourceParams>
+
+ </GlobalNamingResources>
+
+ <!-- A "Service" is a collection of one or more "Connectors" that share
+ a single "Container" (and therefore the web applications visible
+ within that Container). Normally, that Container is an "Engine",
+ but this is not required.
+
+ Note: A "Service" is not itself a "Container", so you may not
+ define subcomponents such as "Valves" or "Loggers" at this level.
+ -->
+
+ <!-- Define the Tomcat Stand-Alone Service -->
+ <Service name="Catalina">
+
+ <!-- A "Connector" represents an endpoint by which requests are received
+ and responses are returned. Each Connector passes requests on to the
+ associated "Container" (normally an Engine) for processing.
+
+ By default, a non-SSL HTTP/1.1 Connector is established on port 8080.
+ You can also enable an SSL HTTP/1.1 Connector on port 8443 by
+ following the instructions below and uncommenting the second Connector
+ entry. SSL support requires the following steps (see the SSL Config
+ HOWTO in the Tomcat 5 documentation bundle for more detailed
+ instructions):
+ * If your JDK version 1.3 or prior, download and install JSSE 1.0.2 or
+ later, and put the JAR files into "$JAVA_HOME/jre/lib/ext".
+ * Execute:
+ %JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA (Windows)
+ $JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA (Unix)
+ with a password value of "changeit" for both the certificate and
+ the keystore itself.
+
+ By default, DNS lookups are enabled when a web application calls
+ request.getRemoteHost(). This can have an adverse impact on
+ performance, so you can disable it by setting the
+ "enableLookups" attribute to "false". When DNS lookups are disabled,
+ request.getRemoteHost() will return the String version of the
+ IP address of the remote client.
+ -->
+
+ <!-- Define a non-SSL Coyote HTTP/1.1 Connector on port 8080 -->
+ <Connector port="8080"
+ maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
+ enableLookups="false" redirectPort="8443" acceptCount="100"
+ debug="0" connectionTimeout="20000"
+ disableUploadTimeout="true" />
+ <!-- Note : To disable connection timeouts, set connectionTimeout value
+ to 0 -->
+
+ <!-- Note : To use gzip compression you could set the following properties :
+
+ compression="on"
+ compressionMinSize="2048"
+ noCompressionUserAgents="gozilla, traviata"
+ compressableMimeType="text/html,text/xml"
+ -->
+
+ <!-- Define a SSL Coyote HTTP/1.1 Connector on port 8443 -->
+ <Connector port="8443"
+ maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
+ enableLookups="false" disableUploadTimeout="true"
+ acceptCount="100" debug="0" scheme="https" secure="true"
+ clientAuth="false" sslProtocol="TLS" />
+
+ <!-- Define a Coyote/JK2 AJP 1.3 Connector on port 8009 -->
+ <Connector port="8009"
+ enableLookups="false" redirectPort="8443" debug="0"
+ protocol="AJP/1.3" />
+
+ <!-- Define a Proxied HTTP/1.1 Connector on port 8082 -->
+ <!-- See proxy documentation for more information about using this. -->
+ <!--
+ <Connector port="8082"
+ maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
+ enableLookups="false"
+ acceptCount="100" debug="0" connectionTimeout="20000"
+ proxyPort="80" disableUploadTimeout="true" />
+ -->
+
+ <!-- An Engine represents the entry point (within Catalina) that processes
+ every request. The Engine implementation for Tomcat stand alone
+ analyzes the HTTP headers included with the request, and passes them
+ on to the appropriate Host (virtual host). -->
+
+ <!-- You should set jvmRoute to support load-balancing via JK/JK2 ie :
+ <Engine name="Standalone" defaultHost="localhost" debug="0" jvmRoute="jvm1">
+ -->
+
+ <!-- Define the top level container in our container hierarchy -->
+ <Engine name="Catalina" defaultHost="localhost" debug="0">
+
+ <!-- The request dumper valve dumps useful debugging information about
+ the request headers and cookies that were received, and the response
+ headers and cookies that were sent, for all requests received by
+ this instance of Tomcat. If you care only about requests to a
+ particular virtual host, or a particular application, nest this
+ element inside the corresponding <Host> or <Context> entry instead.
+
+ For a similar mechanism that is portable to all Servlet 2.4
+ containers, check out the "RequestDumperFilter" Filter in the
+ example application (the source for this filter may be found in
+ "$CATALINA_HOME/webapps/examples/WEB-INF/classes/filters").
+
+ Request dumping is disabled by default. Uncomment the following
+ element to enable it. -->
+ <!--
+ <Valve className="org.apache.catalina.valves.RequestDumperValve"/>
+ -->
+
+ <!-- Global logger unless overridden at lower levels -->
+ <Logger className="org.apache.catalina.logger.FileLogger"
+ prefix="catalina_log." suffix=".txt"
+ timestamp="true"/>
+
+ <!-- Because this Realm is here, an instance will be shared globally -->
+
+ <!-- This Realm uses the UserDatabase configured in the global JNDI
+ resources under the key "UserDatabase". Any edits
+ that are performed against this UserDatabase are immediately
+ available for use by the Realm. -->
+ <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
+ debug="0" resourceName="UserDatabase"/>
+
+ <!-- Comment out the old realm but leave here for now in case we
+ need to go back quickly -->
+ <!--
+ <Realm className="org.apache.catalina.realm.MemoryRealm" />
+ -->
+
+ <!-- Replace the above Realm with one of the following to get a Realm
+ stored in a database and accessed via JDBC -->
+
+ <!--
+ <Realm className="org.apache.catalina.realm.JDBCRealm" debug="99"
+ driverName="org.gjt.mm.mysql.Driver"
+ connectionURL="jdbc:mysql://localhost/authority"
+ connectionName="test" connectionPassword="test"
+ userTable="users" userNameCol="user_name" userCredCol="user_pass"
+ userRoleTable="user_roles" roleNameCol="role_name" />
+ -->
+
+ <!--
+ <Realm className="org.apache.catalina.realm.JDBCRealm" debug="99"
+ driverName="oracle.jdbc.driver.OracleDriver"
+ connectionURL="jdbc:oracle:thin:@ntserver:1521:ORCL"
+ connectionName="scott" connectionPassword="tiger"
+ userTable="users" userNameCol="user_name" userCredCol="user_pass"
+ userRoleTable="user_roles" roleNameCol="role_name" />
+ -->
+
+ <!--
+ <Realm className="org.apache.catalina.realm.JDBCRealm" debug="99"
+ driverName="sun.jdbc.odbc.JdbcOdbcDriver"
+ connectionURL="jdbc:odbc:CATALINA"
+ userTable="users" userNameCol="user_name" userCredCol="user_pass"
+ userRoleTable="user_roles" roleNameCol="role_name" />
+ -->
+
+ <!-- Define the default virtual host
+ Note: XML Schema validation will not work with Xerces 2.2.
+ -->
+ <Host name="localhost" debug="0" appBase="webapps"
+ unpackWARs="true" autoDeploy="true"
+ xmlValidation="false" xmlNamespaceAware="false">
+
+ <!-- Defines a cluster for this node,
+ By defining this element, means that every manager will be changed.
+ So when running a cluster, only make sure that you have webapps in there
+ that need to be clustered and remove the other ones.
+ A cluster has the following parameters:
+
+ className = the fully qualified name of the cluster class
+
+ name = a descriptive name for your cluster, can be anything
+
+ debug = the debug level, higher means more output
+
+ mcastAddr = the multicast address, has to be the same for all the nodes
+
+ mcastPort = the multicast port, has to be the same for all the nodes
+
+ mcastBindAddr = bind the multicast socket to a specific address
+
+ mcastTTL = the multicast TTL if you want to limit your broadcast
+
+ mcastSoTimeout = the multicast readtimeout
+
+ mcastFrequency = the number of milliseconds in between sending a "I'm alive" heartbeat
+
+ mcastDropTime = the number a milliseconds before a node is considered "dead" if no heartbeat is received
+
+ tcpThreadCount = the number of threads to handle incoming replication requests, optimal would be the same amount of threads as nodes
+
+ tcpListenAddress = the listen address (bind address) for TCP cluster request on this host,
+ in case of multiple ethernet cards.
+ auto means that address becomes
+ InetAddress.getLocalHost().getHostAddress()
+
+ tcpListenPort = the tcp listen port
+
+ tcpSelectorTimeout = the timeout (ms) for the Selector.select() method in case the OS
+ has a wakup bug in java.nio. Set to 0 for no timeout
+
+ printToScreen = true means that managers will also print to std.out
+
+ expireSessionsOnShutdown = true means that
+
+ useDirtyFlag = true means that we only replicate a session after setAttribute,removeAttribute has been called.
+ false means to replicate the session after each request.
+ false means that replication would work for the following piece of code:
+ <%
+ HashMap map = (HashMap)session.getAttribute("map");
+ map.put("key","value");
+ %>
+ replicationMode = can be either 'pooled', 'synchronous' or 'asynchronous'.
+ * Pooled means that the replication happens using several sockets in a synchronous way. Ie, the data gets replicated, then the request return. This is the same as the 'synchronous' setting except it uses a pool of sockets, hence it is multithreaded. This is the fastest and safest configuration. To use this, also increase the nr of tcp threads that you have dealing with replication.
+ * Synchronous means that the thread that executes the request, is also the
+ thread the replicates the data to the other nodes, and will not return until all
+ nodes have received the information.
+ * Asynchronous means that there is a specific 'sender' thread for each cluster node,
+ so the request thread will queue the replication request into a "smart" queue,
+ and then return to the client.
+ The "smart" queue is a queue where when a session is added to the queue, and the same session
+ already exists in the queue from a previous request, that session will be replaced
+ in the queue instead of replicating two requests. This almost never happens, unless there is a
+ large network delay.
+ -->
+ <!--
+ When configuring for clustering, you also add in a valve to catch all the requests
+ coming in, at the end of the request, the session may or may not be replicated.
+ A session is replicated if and only if all the conditions are met:
+ 1. useDirtyFlag is true or setAttribute or removeAttribute has been called AND
+ 2. a session exists (has been created)
+ 3. the request is not trapped by the "filter" attribute
+
+ The filter attribute is to filter out requests that could not modify the session,
+ hence we don't replicate the session after the end of this request.
+ The filter is negative, ie, anything you put in the filter, you mean to filter out,
+ ie, no replication will be done on requests that match one of the filters.
+ The filter attribute is delimited by ;, so you can't escape out ; even if you wanted to.
+
+ filter=".*\.gif;.*\.js;" means that we will not replicate the session after requests with the URI
+ ending with .gif and .js are intercepted.
+
+ The deployer element can be used to deploy apps cluster wide.
+ Currently the deployment only deploys/undeploys to working members in the cluster
+ so no WARs are copied upons startup of a broken node.
+ The deployer watches a directory (watchDir) for WAR files when watchEnabled="true"
+ When a new war file is added the war gets deployed to the local instance,
+ and then deployed to the other instances in the cluster.
+ When a war file is deleted from the watchDir the war is undeployed locally
+ and cluster wide
+ -->
+
+ <!--
+ <Cluster className="org.apache.catalina.cluster.tcp.SimpleTcpCluster"
+ managerClassName="org.apache.catalina.cluster.session.DeltaManager"
+ expireSessionsOnShutdown="false"
+ useDirtyFlag="true">
+
+ <Membership
+ className="org.apache.catalina.cluster.mcast.McastService"
+ mcastAddr="228.0.0.4"
+ mcastPort="45564"
+ mcastFrequency="500"
+ mcastDropTime="3000"/>
+
+ <Receiver
+ className="org.apache.catalina.cluster.tcp.ReplicationListener"
+ tcpListenAddress="auto"
+ tcpListenPort="4001"
+ tcpSelectorTimeout="100"
+ tcpThreadCount="6"/>
+
+ <Sender
+ className="org.apache.catalina.cluster.tcp.ReplicationTransmitter"
+ replicationMode="pooled"/>
+
+ <Valve className="org.apache.catalina.cluster.tcp.ReplicationValve"
+ filter=".*\.gif;.*\.js;.*\.jpg;.*\.htm;.*\.html;.*\.txt;"/>
+
+ <Deployer className="org.apache.catalina.cluster.deploy.FarmWarDeployer"
+ tempDir="/tmp/war-temp/"
+ deployDir="/tmp/war-deploy/"
+ watchDir="/tmp/war-listen/"
+ watchEnabled="false"/>
+ </Cluster>
+ -->
+
+
+
+ <!-- Normally, users must authenticate themselves to each web app
+ individually. Uncomment the following entry if you would like
+ a user to be authenticated the first time they encounter a
+ resource protected by a security constraint, and then have that
+ user identity maintained across *all* web applications contained
+ in this virtual host. -->
+ <!--
+ <Valve className="org.apache.catalina.authenticator.SingleSignOn"
+ debug="0"/>
+ -->
+
+ <!-- Access log processes all requests for this virtual host. By
+ default, log files are created in the "logs" directory relative to
+ $CATALINA_HOME. If you wish, you can specify a different
+ directory with the "directory" attribute. Specify either a relative
+ (to $CATALINA_HOME) or absolute path to the desired directory.
+ -->
+ <!--
+ <Valve className="org.apache.catalina.valves.AccessLogValve"
+ directory="logs" prefix="localhost_access_log." suffix=".txt"
+ pattern="common" resolveHosts="false"/>
+ -->
+
+ <!-- Logger shared by all Contexts related to this virtual host. By
+ default (when using FileLogger), log files are created in the "logs"
+ directory relative to $CATALINA_HOME. If you wish, you can specify
+ a different directory with the "directory" attribute. Specify either a
+ relative (to $CATALINA_HOME) or absolute path to the desired
+ directory.-->
+ <Logger className="org.apache.catalina.logger.FileLogger"
+ directory="logs" prefix="localhost_log." suffix=".txt"
+ timestamp="true"/>
+
+ <!-- Tomcat Root Context -->
+ <!--
+ <Context path="" docBase="../webappsProxy" debug="0"/>
+ -->
+
+ </Host>
+
+ </Engine>
+
+ </Service>
+
+</Server>
diff --git a/id/server/data/deploy/tomcat/tomcat-5.0.x/server.xml b/id/server/data/deploy/tomcat/tomcat-5.0.x/server.xml new file mode 100644 index 000000000..9b86b38ca --- /dev/null +++ b/id/server/data/deploy/tomcat/tomcat-5.0.x/server.xml @@ -0,0 +1,388 @@ +<!-- Example Server Configuration File -->
+<!-- Note that component elements are nested corresponding to their
+ parent-child relationships with each other -->
+
+<!-- A "Server" is a singleton element that represents the entire JVM,
+ which may contain one or more "Service" instances. The Server
+ listens for a shutdown command on the indicated port.
+
+ Note: A "Server" is not itself a "Container", so you may not
+ define subcomponents such as "Valves" or "Loggers" at this level.
+ -->
+
+<Server port="8005" shutdown="SHUTDOWN" debug="0">
+
+
+ <!-- Comment these entries out to disable JMX MBeans support -->
+ <!-- You may also configure custom components (e.g. Valves/Realms) by
+ including your own mbean-descriptor file(s), and setting the
+ "descriptors" attribute to point to a ';' seperated list of paths
+ (in the ClassLoader sense) of files to add to the default list.
+ e.g. descriptors="/com/myfirm/mypackage/mbean-descriptor.xml"
+ -->
+ <Listener className="org.apache.catalina.mbeans.ServerLifecycleListener"
+ debug="0"/>
+ <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener"
+ debug="0"/>
+
+ <!-- Global JNDI resources -->
+ <GlobalNamingResources>
+
+ <!-- Test entry for demonstration purposes -->
+ <Environment name="simpleValue" type="java.lang.Integer" value="30"/>
+
+ <!-- Editable user database that can also be used by
+ UserDatabaseRealm to authenticate users -->
+ <Resource name="UserDatabase" auth="Container"
+ type="org.apache.catalina.UserDatabase"
+ description="User database that can be updated and saved">
+ </Resource>
+ <ResourceParams name="UserDatabase">
+ <parameter>
+ <name>factory</name>
+ <value>org.apache.catalina.users.MemoryUserDatabaseFactory</value>
+ </parameter>
+ <parameter>
+ <name>pathname</name>
+ <value>conf/tomcat-users.xml</value>
+ </parameter>
+ </ResourceParams>
+
+ </GlobalNamingResources>
+
+ <!-- A "Service" is a collection of one or more "Connectors" that share
+ a single "Container" (and therefore the web applications visible
+ within that Container). Normally, that Container is an "Engine",
+ but this is not required.
+
+ Note: A "Service" is not itself a "Container", so you may not
+ define subcomponents such as "Valves" or "Loggers" at this level.
+ -->
+
+ <!-- Define the Tomcat Stand-Alone Service -->
+ <Service name="Catalina">
+
+ <!-- A "Connector" represents an endpoint by which requests are received
+ and responses are returned. Each Connector passes requests on to the
+ associated "Container" (normally an Engine) for processing.
+
+ By default, a non-SSL HTTP/1.1 Connector is established on port 8080.
+ You can also enable an SSL HTTP/1.1 Connector on port 8443 by
+ following the instructions below and uncommenting the second Connector
+ entry. SSL support requires the following steps (see the SSL Config
+ HOWTO in the Tomcat 5 documentation bundle for more detailed
+ instructions):
+ * If your JDK version 1.3 or prior, download and install JSSE 1.0.2 or
+ later, and put the JAR files into "$JAVA_HOME/jre/lib/ext".
+ * Execute:
+ %JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA (Windows)
+ $JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA (Unix)
+ with a password value of "changeit" for both the certificate and
+ the keystore itself.
+
+ By default, DNS lookups are enabled when a web application calls
+ request.getRemoteHost(). This can have an adverse impact on
+ performance, so you can disable it by setting the
+ "enableLookups" attribute to "false". When DNS lookups are disabled,
+ request.getRemoteHost() will return the String version of the
+ IP address of the remote client.
+ -->
+
+ <!-- Define a non-SSL Coyote HTTP/1.1 Connector on port 8080 -->
+ <Connector port="8080"
+ maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
+ enableLookups="false" redirectPort="8443" acceptCount="100"
+ debug="0" connectionTimeout="20000"
+ disableUploadTimeout="true" />
+ <!-- Note : To disable connection timeouts, set connectionTimeout value
+ to 0 -->
+
+ <!-- Note : To use gzip compression you could set the following properties :
+
+ compression="on"
+ compressionMinSize="2048"
+ noCompressionUserAgents="gozilla, traviata"
+ compressableMimeType="text/html,text/xml"
+ -->
+
+ <!-- Define a SSL Coyote HTTP/1.1 Connector on port 8443 -->
+ <Connector port="8443"
+ maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
+ enableLookups="false" disableUploadTimeout="true"
+ acceptCount="100" debug="0" scheme="https" secure="true"
+ clientAuth="false" sslProtocol="TLS" />
+
+ <!-- Define a Coyote/JK2 AJP 1.3 Connector on port 8009 -->
+ <!--
+ <Connector port="8009"
+ enableLookups="false" redirectPort="8443" debug="0"
+ protocol="AJP/1.3" />
+ -->
+
+ <!-- Define a Proxied HTTP/1.1 Connector on port 8082 -->
+ <!-- See proxy documentation for more information about using this. -->
+ <!--
+ <Connector port="8082"
+ maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
+ enableLookups="false"
+ acceptCount="100" debug="0" connectionTimeout="20000"
+ proxyPort="80" disableUploadTimeout="true" />
+ -->
+
+ <!-- An Engine represents the entry point (within Catalina) that processes
+ every request. The Engine implementation for Tomcat stand alone
+ analyzes the HTTP headers included with the request, and passes them
+ on to the appropriate Host (virtual host). -->
+
+ <!-- You should set jvmRoute to support load-balancing via JK/JK2 ie :
+ <Engine name="Standalone" defaultHost="localhost" debug="0" jvmRoute="jvm1">
+ -->
+
+ <!-- Define the top level container in our container hierarchy -->
+ <Engine name="Catalina" defaultHost="localhost" debug="0">
+
+ <!-- The request dumper valve dumps useful debugging information about
+ the request headers and cookies that were received, and the response
+ headers and cookies that were sent, for all requests received by
+ this instance of Tomcat. If you care only about requests to a
+ particular virtual host, or a particular application, nest this
+ element inside the corresponding <Host> or <Context> entry instead.
+
+ For a similar mechanism that is portable to all Servlet 2.4
+ containers, check out the "RequestDumperFilter" Filter in the
+ example application (the source for this filter may be found in
+ "$CATALINA_HOME/webapps/examples/WEB-INF/classes/filters").
+
+ Request dumping is disabled by default. Uncomment the following
+ element to enable it. -->
+ <!--
+ <Valve className="org.apache.catalina.valves.RequestDumperValve"/>
+ -->
+
+ <!-- Global logger unless overridden at lower levels -->
+ <Logger className="org.apache.catalina.logger.FileLogger"
+ prefix="catalina_log." suffix=".txt"
+ timestamp="true"/>
+
+ <!-- Because this Realm is here, an instance will be shared globally -->
+
+ <!-- This Realm uses the UserDatabase configured in the global JNDI
+ resources under the key "UserDatabase". Any edits
+ that are performed against this UserDatabase are immediately
+ available for use by the Realm. -->
+ <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
+ debug="0" resourceName="UserDatabase"/>
+
+ <!-- Comment out the old realm but leave here for now in case we
+ need to go back quickly -->
+ <!--
+ <Realm className="org.apache.catalina.realm.MemoryRealm" />
+ -->
+
+ <!-- Replace the above Realm with one of the following to get a Realm
+ stored in a database and accessed via JDBC -->
+
+ <!--
+ <Realm className="org.apache.catalina.realm.JDBCRealm" debug="99"
+ driverName="org.gjt.mm.mysql.Driver"
+ connectionURL="jdbc:mysql://localhost/authority"
+ connectionName="test" connectionPassword="test"
+ userTable="users" userNameCol="user_name" userCredCol="user_pass"
+ userRoleTable="user_roles" roleNameCol="role_name" />
+ -->
+
+ <!--
+ <Realm className="org.apache.catalina.realm.JDBCRealm" debug="99"
+ driverName="oracle.jdbc.driver.OracleDriver"
+ connectionURL="jdbc:oracle:thin:@ntserver:1521:ORCL"
+ connectionName="scott" connectionPassword="tiger"
+ userTable="users" userNameCol="user_name" userCredCol="user_pass"
+ userRoleTable="user_roles" roleNameCol="role_name" />
+ -->
+
+ <!--
+ <Realm className="org.apache.catalina.realm.JDBCRealm" debug="99"
+ driverName="sun.jdbc.odbc.JdbcOdbcDriver"
+ connectionURL="jdbc:odbc:CATALINA"
+ userTable="users" userNameCol="user_name" userCredCol="user_pass"
+ userRoleTable="user_roles" roleNameCol="role_name" />
+ -->
+
+ <!-- Define the default virtual host
+ Note: XML Schema validation will not work with Xerces 2.2.
+ -->
+ <Host name="localhost" debug="0" appBase="webapps"
+ unpackWARs="true" autoDeploy="true"
+ xmlValidation="false" xmlNamespaceAware="false">
+
+ <!-- Defines a cluster for this node,
+ By defining this element, means that every manager will be changed.
+ So when running a cluster, only make sure that you have webapps in there
+ that need to be clustered and remove the other ones.
+ A cluster has the following parameters:
+
+ className = the fully qualified name of the cluster class
+
+ name = a descriptive name for your cluster, can be anything
+
+ debug = the debug level, higher means more output
+
+ mcastAddr = the multicast address, has to be the same for all the nodes
+
+ mcastPort = the multicast port, has to be the same for all the nodes
+
+ mcastBindAddr = bind the multicast socket to a specific address
+
+ mcastTTL = the multicast TTL if you want to limit your broadcast
+
+ mcastSoTimeout = the multicast readtimeout
+
+ mcastFrequency = the number of milliseconds in between sending a "I'm alive" heartbeat
+
+ mcastDropTime = the number a milliseconds before a node is considered "dead" if no heartbeat is received
+
+ tcpThreadCount = the number of threads to handle incoming replication requests, optimal would be the same amount of threads as nodes
+
+ tcpListenAddress = the listen address (bind address) for TCP cluster request on this host,
+ in case of multiple ethernet cards.
+ auto means that address becomes
+ InetAddress.getLocalHost().getHostAddress()
+
+ tcpListenPort = the tcp listen port
+
+ tcpSelectorTimeout = the timeout (ms) for the Selector.select() method in case the OS
+ has a wakup bug in java.nio. Set to 0 for no timeout
+
+ printToScreen = true means that managers will also print to std.out
+
+ expireSessionsOnShutdown = true means that
+
+ useDirtyFlag = true means that we only replicate a session after setAttribute,removeAttribute has been called.
+ false means to replicate the session after each request.
+ false means that replication would work for the following piece of code:
+ <%
+ HashMap map = (HashMap)session.getAttribute("map");
+ map.put("key","value");
+ %>
+ replicationMode = can be either 'pooled', 'synchronous' or 'asynchronous'.
+ * Pooled means that the replication happens using several sockets in a synchronous way. Ie, the data gets replicated, then the request return. This is the same as the 'synchronous' setting except it uses a pool of sockets, hence it is multithreaded. This is the fastest and safest configuration. To use this, also increase the nr of tcp threads that you have dealing with replication.
+ * Synchronous means that the thread that executes the request, is also the
+ thread the replicates the data to the other nodes, and will not return until all
+ nodes have received the information.
+ * Asynchronous means that there is a specific 'sender' thread for each cluster node,
+ so the request thread will queue the replication request into a "smart" queue,
+ and then return to the client.
+ The "smart" queue is a queue where when a session is added to the queue, and the same session
+ already exists in the queue from a previous request, that session will be replaced
+ in the queue instead of replicating two requests. This almost never happens, unless there is a
+ large network delay.
+ -->
+ <!--
+ When configuring for clustering, you also add in a valve to catch all the requests
+ coming in, at the end of the request, the session may or may not be replicated.
+ A session is replicated if and only if all the conditions are met:
+ 1. useDirtyFlag is true or setAttribute or removeAttribute has been called AND
+ 2. a session exists (has been created)
+ 3. the request is not trapped by the "filter" attribute
+
+ The filter attribute is to filter out requests that could not modify the session,
+ hence we don't replicate the session after the end of this request.
+ The filter is negative, ie, anything you put in the filter, you mean to filter out,
+ ie, no replication will be done on requests that match one of the filters.
+ The filter attribute is delimited by ;, so you can't escape out ; even if you wanted to.
+
+ filter=".*\.gif;.*\.js;" means that we will not replicate the session after requests with the URI
+ ending with .gif and .js are intercepted.
+
+ The deployer element can be used to deploy apps cluster wide.
+ Currently the deployment only deploys/undeploys to working members in the cluster
+ so no WARs are copied upons startup of a broken node.
+ The deployer watches a directory (watchDir) for WAR files when watchEnabled="true"
+ When a new war file is added the war gets deployed to the local instance,
+ and then deployed to the other instances in the cluster.
+ When a war file is deleted from the watchDir the war is undeployed locally
+ and cluster wide
+ -->
+
+ <!--
+ <Cluster className="org.apache.catalina.cluster.tcp.SimpleTcpCluster"
+ managerClassName="org.apache.catalina.cluster.session.DeltaManager"
+ expireSessionsOnShutdown="false"
+ useDirtyFlag="true">
+
+ <Membership
+ className="org.apache.catalina.cluster.mcast.McastService"
+ mcastAddr="228.0.0.4"
+ mcastPort="45564"
+ mcastFrequency="500"
+ mcastDropTime="3000"/>
+
+ <Receiver
+ className="org.apache.catalina.cluster.tcp.ReplicationListener"
+ tcpListenAddress="auto"
+ tcpListenPort="4001"
+ tcpSelectorTimeout="100"
+ tcpThreadCount="6"/>
+
+ <Sender
+ className="org.apache.catalina.cluster.tcp.ReplicationTransmitter"
+ replicationMode="pooled"/>
+
+ <Valve className="org.apache.catalina.cluster.tcp.ReplicationValve"
+ filter=".*\.gif;.*\.js;.*\.jpg;.*\.htm;.*\.html;.*\.txt;"/>
+
+ <Deployer className="org.apache.catalina.cluster.deploy.FarmWarDeployer"
+ tempDir="/tmp/war-temp/"
+ deployDir="/tmp/war-deploy/"
+ watchDir="/tmp/war-listen/"
+ watchEnabled="false"/>
+ </Cluster>
+ -->
+
+
+
+ <!-- Normally, users must authenticate themselves to each web app
+ individually. Uncomment the following entry if you would like
+ a user to be authenticated the first time they encounter a
+ resource protected by a security constraint, and then have that
+ user identity maintained across *all* web applications contained
+ in this virtual host. -->
+ <!--
+ <Valve className="org.apache.catalina.authenticator.SingleSignOn"
+ debug="0"/>
+ -->
+
+ <!-- Access log processes all requests for this virtual host. By
+ default, log files are created in the "logs" directory relative to
+ $CATALINA_HOME. If you wish, you can specify a different
+ directory with the "directory" attribute. Specify either a relative
+ (to $CATALINA_HOME) or absolute path to the desired directory.
+ -->
+ <!--
+ <Valve className="org.apache.catalina.valves.AccessLogValve"
+ directory="logs" prefix="localhost_access_log." suffix=".txt"
+ pattern="common" resolveHosts="false"/>
+ -->
+
+ <!-- Logger shared by all Contexts related to this virtual host. By
+ default (when using FileLogger), log files are created in the "logs"
+ directory relative to $CATALINA_HOME. If you wish, you can specify
+ a different directory with the "directory" attribute. Specify either a
+ relative (to $CATALINA_HOME) or absolute path to the desired
+ directory.-->
+ <Logger className="org.apache.catalina.logger.FileLogger"
+ directory="logs" prefix="localhost_log." suffix=".txt"
+ timestamp="true"/>
+
+ <!-- Tomcat Root Context -->
+ <!--
+ <Context path="" docBase="../webappsProxy" debug="0"/>
+ -->
+
+ </Host>
+
+ </Engine>
+
+ </Service>
+
+</Server>
diff --git a/id/server/data/deploy/tomcat/tomcat-util-4.1.27-patched/tomcat-util.jar b/id/server/data/deploy/tomcat/tomcat-util-4.1.27-patched/tomcat-util.jar Binary files differnew file mode 100644 index 000000000..62c7645b9 --- /dev/null +++ b/id/server/data/deploy/tomcat/tomcat-util-4.1.27-patched/tomcat-util.jar diff --git a/id/server/data/deploy/tomcat/unix/tomcat-start.sh b/id/server/data/deploy/tomcat/unix/tomcat-start.sh new file mode 100644 index 000000000..6dc0289d5 --- /dev/null +++ b/id/server/data/deploy/tomcat/unix/tomcat-start.sh @@ -0,0 +1,28 @@ +#! /bin/bash
+
+export JAVA_HOME= <insert java home directory (no trailing path separator)>
+export CATALINA_HOME= <insert Tomcat 4.1.x home directory (no trailing path separator)>
+export CATALINA_BASE=$CATALINA_HOME
+
+CONFIG_OPT=-Dmoa.id.configuration=$CATALINA_BASE/conf/moa-id/SampleMOAIDConfiguration.xml
+LOGGING_OPT=-Dlog4j.configuration=file:$CATALINA_BASE/conf/moa-id/log4j.properties
+SPSS_OPT=-Dmoa.spss.server.configuration=$CATALINA_BASE/conf/moa-spss/SampleMOASPSSConfiguration.xml
+
+#TRUST_STORE_OPT=-Djavax.net.ssl.trustStore=$CATALINA_BASE/conf/moa-spss/keys/clients/trustedMOAClients-password=changeit.keystore
+#TRUST_STORE_PASS_OPT=-Djavax.net.ssl.trustStorePassword=changeit
+#TRUST_STORE_TYPE_OPT=-Djavax.net.ssl.trustStoreType=jks
+
+export CATALINA_OPTS="$CONFIG_OPT $LOGGING_OPT $SPSS_OPT $TRUST_STORE_OPT $TRUST_STORE_PASS_OPT $TRUST_STORE_TYPE_OPT"
+
+echo CATALINA_HOME: $CATALINA_HOME
+echo CATALINA_BASE: $CATALINA_BASE
+echo CATALINA_OPTS: $CATALINA_OPTS
+
+echo
+echo Moving old log files to logs\backup
+mv logs/*.out logs/backup
+mv logs/*.txt logs/backup
+mv logs/*.log logs/backup
+
+cd $CATALINA_HOME
+./bin/startup.sh
diff --git a/id/server/data/deploy/tomcat/unix/tomcat-stop.sh b/id/server/data/deploy/tomcat/unix/tomcat-stop.sh new file mode 100644 index 000000000..82e4ffcfe --- /dev/null +++ b/id/server/data/deploy/tomcat/unix/tomcat-stop.sh @@ -0,0 +1,7 @@ +#! /bin/bash
+
+export JAVA_HOME= <insert java home directory (no trailing path separator)>
+export CATALINA_HOME= <insert Tomcat 4.1.x home directory (no trailing path separator)>
+
+cd $CATALINA_HOME
+./bin/shutdown.sh
\ No newline at end of file diff --git a/id/server/data/deploy/tomcat/uriworkermap.properties b/id/server/data/deploy/tomcat/uriworkermap.properties new file mode 100644 index 000000000..32b4c1f50 --- /dev/null +++ b/id/server/data/deploy/tomcat/uriworkermap.properties @@ -0,0 +1,9 @@ +# a sample mod_jk uriworkermap.properties file for mapping +# MOA-ID-AUTH and MOA-ID-PROXY web service requests to workers +# +# omit the mappings you don't need + +#/moa-id-auth/*=moaworker + +#forward all requests to tomcat (e.g.) +/*=moaworker
\ No newline at end of file diff --git a/id/server/data/deploy/tomcat/win32/startTomcat.bat b/id/server/data/deploy/tomcat/win32/startTomcat.bat new file mode 100644 index 000000000..676e52f21 --- /dev/null +++ b/id/server/data/deploy/tomcat/win32/startTomcat.bat @@ -0,0 +1,26 @@ +rem ----------------------------------------------------------------------------------------------
+rem Modify these entries according to your needs
+
+rem JDK home directory (no trailing path separator)
+set JAVA_HOME=<jdk home directory>
+
+rem Tomcat home directory (no trailing path separator)
+set CATALINA_HOME=<Tomcat home directory>
+
+rem ----------------------------------------------------------------------------------------------
+
+set CONFIG_OPT_SPSS=-Dmoa.spss.server.configuration=%CATALINA_HOME%/conf/moa-spss/SampleMOASPSSConfiguration.xml
+set CONFIG_OPT_ID=-Dmoa.id.configuration=%CATALINA_HOME%/conf/moa-id/SampleMOAIDConfiguration.xml
+set LOGGING_OPT=-Dlog4j.configuration=file:%CATALINA_HOME%/conf/moa-id/log4j.properties
+
+set PARAMS_MOA=%CONFIG_OPT_SPSS% %CONFIG_OPT_ID% %LOGGING_OPT%
+
+rem set PARAM_TRUST_STORE=-Djavax.net.ssl.trustStore=truststore.jks
+rem set PARAM_TRUST_STORE_PASS=-Djavax.net.ssl.trustStorePassword=changeit
+rem set PARAM_TRUST_STORE_TYPE=-Djavax.net.ssl.trustStoreType=jks
+rem set PARAMS_SSL=%PARAM_TRUST_STORE% %PARAM_TRUST_STORE_PASS% %PARAM_TRUST_STORE_TYPE%
+
+set CATALINA_OPTS=%PARAMS_MOA% %PARAMS_SSL%
+
+cd %CATALINA_HOME%
+bin\catalina.bat start
diff --git a/id/server/data/deploy/tomcat/win32/stopTomcat.bat b/id/server/data/deploy/tomcat/win32/stopTomcat.bat new file mode 100644 index 000000000..46c1ba570 --- /dev/null +++ b/id/server/data/deploy/tomcat/win32/stopTomcat.bat @@ -0,0 +1,13 @@ +rem ----------------------------------------------------------------------------------------------
+rem Modify these entries according to your needs
+
+rem JDK home directory (no trailing path separator)
+set JAVA_HOME=<jdk home directory>
+
+rem Tomcat home directory (no trailing path separator)
+set CATALINA_HOME=<Tomcat home directory>
+
+rem ----------------------------------------------------------------------------------------------
+
+cd %CATALINA_HOME%
+bin\catalina.bat stop
diff --git a/id/server/data/deploy/tomcat/workers.properties b/id/server/data/deploy/tomcat/workers.properties new file mode 100644 index 000000000..9350ddc77 --- /dev/null +++ b/id/server/data/deploy/tomcat/workers.properties @@ -0,0 +1,6 @@ +# a sample workers.properties file defining a single mod_jk worker + +worker.list=moaworker +worker.moaworker.type=ajp13 +worker.moaworker.host=localhost +worker.moaworker.port=8009 |