Integrating Tomcat and Apache on Mint Linux

On May 31st, 2014, the Linux distribution Linux Mint 17 (named “Qiana”) Cinnamon has been released. Since I wanted to replace Ubuntu Linux on my Lenovo ThinkPad with something else (but nothing too far away from it), I choose Mint Cinnamon (64-bit). Installation was easy and fast, but then I had to redo the installation of my CMS synformation on that machine (simply because I use it as a development and test machine). Java 1.7 (OpenJDK) was installed already, so I had to install Tomcat, MySQL, and Apache. Here, I’ll only talk about Tomcat and Apache, because I choose to use another way to integrate both: I had used mod_jk before and was looking for an easier way.


Logo Compilation

There’re several ways to integrate Tomcat and Apache:

  1. Proxy (which I will use)
    Proxy is more transparent than other methods and and works with either the HTTP protocol or the Apache JServ Protocol (AJP). AJP is a binary communication protocol and has better performance than HTTP.
  2. mod_jk (which I used before, but found it overly complex)
    Integration thru mod_jk is a more advanced way of integrating Tomcat and Apache. It provides additional features like load balancing and failure detection.
  3. Maybe there’re other ways I don’t know about or wouldn’t consider.

Integration with the proxy module

You need to open a terminal window in order to execute the following commands.

Install Apache and Tomcat (with manager application, is needed later as a test case):

$ sudo apt-get install apache2 tomcat7 tomcat7-admin

Enabling Apache module proxy_http and proxy_ajp:

$ sudo a2enmod proxy_http
$ sudo a2enmod proxy_ajp

If it’s alreay enabled, you get something like the following message:

Considering dependency proxy for proxy_http:
Module proxy already enabled
Module proxy_http already enabled

Now you can use either HTTP or AJP for integrating Tomcat and Apache.

A. Using HTTP

Edit the file /etc/apache2/sites-enabled/000-default.conf (or whatever .conf file for one of your sites you want to use) and add at the bottom:

1
2
3
4
5
6
# Needs "proxy_module" and "proxy_http_module"
<location /manager>
  # Local server (Tomcat via http)
  ProxyPass http://localhost:8080/manager
  ProxyPassReverse http://localhost:8080/manager
</location>

If you want to use AJP instead of HTTP, follow section B.

B. Using AJP

You have to enable the AJP connector in Tomcat’s server.xml (/etc/tomcat7/server.xml, the line is there but commented out; activate the line):

<connector port="8009" protocol="AJP/1.3" redirectPort="8443"></connector>

Edit the file /etc/apache2/sites-enabled/000-default.conf and add at the bottom:

1
2
3
4
5
6
# Needs "proxy_module" and "proxy_ajp_module"
<location /manager>
  # Local server (Tomcat via ajp)
  ProxyPass ajp://localhost:8009/manager
  ProxyPassReverse ajp://localhost:8009/manager
</location>

If you want to actually work with the manager application, you have to configure roles and at least one user for Tomcat. Edit the file /etc/tomcat7/tomcat-users.xml and make the element <tomcat -users> look like this (you should try to come up with a more original password than I have):

1
2
3
4
5
6
7
<tomcat -users>
  <role rolename="manager-gui"></role>
  <role rolename="manager"></role>
  <role rolename="admin-gui"></role>
  <role rolename="admin"></role>
  <user username="admin" password="admin" roles="manager-gui,admin-gui,manager,admin"></user>
</tomcat>

Don’t forget to restart Apache after you make configuration changes:

$ sudo /etc/init.d/apache2 restart

Same goes for Tomcat:

$ sudo /etc/init.d/tomcat7 restart

To access the manager application thru Tomcat (and not Apache), you would use http://localhost:8080/manager. But now it’s time to try out the path via Apache and then Tomcat: visit http://localhost/manager in your favorite web browser and log in with the user admin and the password you’ve defined (mine from the example was admin). Does it work?

If you have other web applications installed in Tomcat, you can access them via Apache, too. Simply add more <location> elements to your Apache configuration.

In a production environment, I would recommend using the AJP connector and disabling the Tomcat HTTP connector in the file /etc/tomcat7/server.xml, so all traffic has to go thru Apache.

0 comments… add one

Leave a Comment