On May 31st, 2014, the Linux distribution Linux Mint 17 (named “Qiana”) Cinnamon has been released. Since I wanted to replace Ubuntu Linux on my Lenovo ThinkPad with something else (but nothing too far away from it), I choose Mint Cinnamon (64-bit). Installation was easy and fast, but then I had to redo the installation of my CMS synformation on that machine (simply because I use it as a development and test machine). Java 1.7 (OpenJDK) was installed already, so I had to install Tomcat, MySQL, and Apache. Here, I’ll only talk about Tomcat and Apache, because I choose to use another way to integrate both: I had used
mod_jk before and was looking for an easier way.
There’re several ways to integrate Tomcat and Apache:
- Proxy (which I will use)
Proxy is more transparent than other methods and and works with either the HTTP protocol or the Apache JServ Protocol (AJP). AJP is a binary communication protocol and has better performance than HTTP.
mod_jk(which I used before, but found it overly complex)
mod_jkis a more advanced way of integrating Tomcat and Apache. It provides additional features like load balancing and failure detection.
- Maybe there’re other ways I don’t know about or wouldn’t consider.
Integration with the proxy module
You need to open a terminal window in order to execute the following commands.
Install Apache and Tomcat (with manager application, is needed later as a test case):
$ sudo apt-get install apache2 tomcat7 tomcat7-admin
Enabling Apache module
$ sudo a2enmod proxy_http $ sudo a2enmod proxy_ajp
If it’s alreay enabled, you get something like the following message:
Considering dependency proxy for proxy_http: Module proxy already enabled Module proxy_http already enabled
Now you can use either HTTP or AJP for integrating Tomcat and Apache.
A. Using HTTP
Edit the file
/etc/apache2/sites-enabled/000-default.conf (or whatever
.conf file for one of your sites you want to use) and add at the bottom:
1 2 3 4 5 6
# Needs "proxy_module" and "proxy_http_module" <location /manager> # Local server (Tomcat via http) ProxyPass http://localhost:8080/manager ProxyPassReverse http://localhost:8080/manager </location>
If you want to use AJP instead of HTTP, follow section B.
B. Using AJP
You have to enable the AJP connector in Tomcat’s
/etc/tomcat7/server.xml, the line is there but commented out; activate the line):
<connector port="8009" protocol="AJP/1.3" redirectPort="8443"></connector>
Edit the file
/etc/apache2/sites-enabled/000-default.conf and add at the bottom:
1 2 3 4 5 6
# Needs "proxy_module" and "proxy_ajp_module" <location /manager> # Local server (Tomcat via ajp) ProxyPass ajp://localhost:8009/manager ProxyPassReverse ajp://localhost:8009/manager </location>
If you want to actually work with the manager application, you have to configure roles and at least one user for Tomcat. Edit the file
/etc/tomcat7/tomcat-users.xml and make the element
<tomcat -users> look like this (you should try to come up with a more original password than I have):
1 2 3 4 5 6 7
<tomcat -users> <role rolename="manager-gui"></role> <role rolename="manager"></role> <role rolename="admin-gui"></role> <role rolename="admin"></role> <user username="admin" password="admin" roles="manager-gui,admin-gui,manager,admin"></user> </tomcat>
Don’t forget to restart Apache after you make configuration changes:
$ sudo /etc/init.d/apache2 restart
Same goes for Tomcat:
$ sudo /etc/init.d/tomcat7 restart
To access the manager application thru Tomcat (and not Apache), you would use http://localhost:8080/manager. But now it’s time to try out the path via Apache and then Tomcat: visit http://localhost/manager in your favorite web browser and log in with the user
admin and the password you’ve defined (mine from the example was
admin). Does it work?
If you have other web applications installed in Tomcat, you can access them via Apache, too. Simply add more
<location> elements to your Apache configuration.
In a production environment, I would recommend using the AJP connector and disabling the Tomcat HTTP connector in the file
/etc/tomcat7/server.xml, so all traffic has to go thru Apache.