Tomcat 伺服器server.xml,web.xml的關鍵引數配置
阿新 • • 發佈:2019-01-06
1.下載
http://www.eu.apache.org/dist/jakarta/tomcat-5/
這裡注意,在jakarta-tomcat-5.0.28.exe以前是有預設的admin模組,在jakarta-tomcat-5.5.9.exe則沒有安裝預設的admin模組,這時http://127.0.0.1:8080/admin開啟時則會出現
Tomcat's administration web application is no longer installed by default. Download and install the "admin" package to use it.
因此我們現在需要下載"admin"package 包
把jakarta-tomcat-5.5.x.zip 與 jakarta-tomcat-5.5.x-compat.zip 與 jakarta-tomcat-5.5.x-admin.zip
三個檔案解壓在同一個目錄中
(如果使用jdk1.4,才需要compat.zip用jdk1.5就可以免了這個。)
2.修改jakarta-tomcat-5.5.x/conf/tomcat-users.xml.
新增管理員賬號lizongbo,密碼為lizongbopass.
新xml如下:
<?xml version='1.0' encoding='utf-8'?>
<tomcat-users>
<role rolename="tomcat"/>
<role rolename="role1"/>
<role rolename="manager"/>
<role rolename="admin"/>
<user username="tomcat" password="tomcat" roles="tomcat"/>
<user username="role1" password="tomcat" roles="role1"/>
<user username="both" password="tomcat" roles="tomcat,role1"/>
<user username="lizongbo" password="lizongbopass" roles="admin,manager"/>
</tomcat-users>
有時在%CATALINA_HOME%/server/webapps/admin/WEB-INF/web.xml裡面也要做些修改
<!-- Security is active on entire directory -->
<security-constraint>
<display-name>Tomcat Server Configuration Security Constraint</display-name>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<!-- Define the context-relative URL(s) to be protected -->
<url-pattern>*.jsp</url-pattern>
<url-pattern>*.do</url-pattern>
<url-pattern>*.html</url-pattern>
</web-resource-collection>
<auth-constraint>
<!-- Anyone with one of the listed roles may access this area -->
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
<!-- Login configuration uses form-based authentication -->
<login-config>
<auth-method>FORM</auth-method>
<realm-name>Tomcat Server Configuration Form-Based Authentication Area</realm-name>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/error.jsp</form-error-page>
</form-login-config>
</login-config>
<!-- Security roles referenced by this web application -->
<security-role>
<description>
The role that is required to log in to the Administration Application
</description>
<role-name>admin</role-name>
</security-role>
無論是 Authetication ( 身份驗證
3.修改jakarta-tomcat-5.5.x/conf/server.xml來解決編碼問題。
(給Connector 新增URIEncoding引數,參考http://blog.csdn.net/darkxie/archive/2004/10/25/TOMCATAPP.aspx)
(可以設定成GB18030)
<Connector port="8080"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" redirectPort="8443" acceptCount="200"
connectionTimeout="20000" disableUploadTimeout="true" URIEncoding="GBK"
compression="on" compressionMinSize="2048"
noCompressionUserAgents="gozilla, traviata"
compressableMimeType="text/html,text/xml"/>
<Connector port="8009"
enableLookups="false" redirectPort="8443" protocol="AJP/1.3" URIEncoding="GBK"/>
4.啟用支援gzip壓縮.
(
新增下列屬性
compression="on"
compressionMinSize="2048"
noCompressionUserAgents="gozilla, traviata"
compressableMimeType="text/html,text/xml"
5.設定虛擬主機。
在jakarta-tomcat-5.5.x/下建立資料夾vhost/www.mydomain.com。
然後修改jakarta-tomcat-5.5.x/conf/server.xml
<Engine defaultHost="localhost" name="Catalina">
<Host appBase="vhost/www.mydomain.com" name="
</Host>
<Host appBase="webapps" name="localhost">
</Host>
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"/>
</Engine>
6.新增資料庫驅動,更新mail.jar和actiovation.jar
複製mysql-connector-java-3.0.16-ga-bin.jar,pg74.215.jdbc3.jar到 jakarta-tomcat-5.5.x/common/lib/
還有javamail 1.3.2的mail.jar,jaf-1_0_2的 activation.jar
msSQl 2000 JDBC sp3,msbase.jar,msutil,jar,mssqlserver.jar
7.配置SSL
參考http://jakarta.apache.org/tomcat/tomcat-5.5-doc/ssl-howto.html
D:/j2sdk1.4.2_06/bin>%JAVA_HOME%/bin/keytool -genkey -alias tomcat -keyalg RSA
輸入keystore密碼: lizongbossl
您的名字與姓氏是什麼?
[tomcat5.5.x]: tomcat5.5.x
您的組織單位名稱是什麼?
[jakarta]: jakarta
您的組織名稱是什麼?
[apache]: apache
您所在的城市或區域名稱是什麼?
[hzcity]: hzcity
您所在的州或省份名稱是什麼?
[gdp]: gdp
該單位的兩字母國家程式碼是什麼
[CN]: CN
CN=tomcat5.5.x, OU=jakarta, O=apache, L=hzcity, ST=gdp, C=CN 正確嗎?
[否]: y
輸入<tomcat>的主密碼
(如果和 keystore 密碼相同,按回車):
(必須密碼一致,因此直接回車)
然後再把userhome(例如:C:/Documents and Settings/lizongbo/)下的.keystore複製到
tomcat的conf/目錄下。
(例如:D:/jakarta-tomcat-5.5.x/conf/.keystore
配置jakarta-tomcat-5.5.x/conf/server.xml
加上
<Connector port="8443"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="conf/.keystore"
keystorePass="lizongbossl"> <!--與先前設定的密碼一致-->
</Connector>
8.禁止檔案目錄列表,
修改jakarta-tomcat-5.5.x/conf/web.xml,把listing設定為false
<servlet>
<servlet-name>default</servlet-name>
<servlet-class>org.apache.catalina.servlets.DefaultServlet</servlet-class>
<init-param>
<param-name>debug</param-name>
<param-value>0</param-value>
</init-param>
<init-param>
<param-name>listings</param-name>
<param-value>true</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
9.指定了自己的javaEncoding
(參考http://gceclub.sun.com.cn/staticcontent/html/sunone/app7/app7-dg-webapp/ch6/ch6-4.html
<servlet>
<servlet-name>jsp</servlet-name>
<servlet-class>org.apache.jasper.servlet.JspServlet</servlet-class>
<init-param>
<param-name>fork</param-name>
<param-value>false</param-value>
</init-param>
<init-param>
<param-name>javaEncoding</param-name>
<param-value>GB18030</param-value>
</init-param>
<init-param>
<param-name>xpoweredBy</param-name>
<param-value>true</param-value>
</init-param>
<load-on-startup>3</load-on-startup>
</servlet>
10.新增rar,iso等的mime-type對映
避免在瀏覽器裡直接開啟。
<mime-mapping>
<extension>mht</extension>
<mime-type>text/x-mht</mime-type>
</mime-mapping>
<mime-mapping>
<extension>rar</extension>
<mime-type>application/octet-stream</mime-type>
</mime-mapping>
<mime-mapping>
<extension>iso</extension>
<mime-type>application/octet-stream</mime-type>
</mime-mapping>
<mime-mapping>
<extension>ape</extension>
<mime-type>application/octet-stream</mime-type>
</mime-mapping>
<mime-mapping>
<extension>rmvb</extension>
<mime-type>application/octet-stream</mime-type>
</mime-mapping>
<mime-mapping>
<extension>ico</extension>
<mime-type>image/x-icon</mime-type>
</mime-mapping>
10.1對html靜態頁面設定編碼
<!-- 修改下面兩行以支援靜態超文字的自動編碼
-->
<mime-mapping>
<extension>htm</extension>
<mime-type>text/html;charset=gb2312</mime-type>
</mime-mapping>
<mime-mapping>
<extension>html</extension>
<mime-type>text/html;charset=gb2312</mime-type>
</mime-mapping>
</web-app>
11.新增welcome-file-list,並調整順序。
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
<welcome-file>index.html</welcome-file>
<welcome-file>index.htm</welcome-file>
<welcome-file>default.html</welcome-file>
<welcome-file>default.htm</welcome-file>
<welcome-file>default.jsp</welcome-file>
</welcome-file-list>
http://www.eu.apache.org/dist/jakarta/tomcat-5/ 這裡注意,在jakarta-tomcat-5.0.28.exe以前是有預設的admin模組,在jakarta-tomcat-5.5.9.exe則沒有安裝預設的admin模組,這時
http://127.0.0.1:8080/admin開啟時則會出現 Tomcat's administration web application is no longer installed by default. Download and install the "admin" package to use it.
因此我們現在需要下載"admin"package 包
把jakarta-tomcat-5.5.x.zip 與 jakarta-tomcat-5.5.x-compat.zip 與 jakarta-tomcat-5.5.x-admin.zip
三個檔案解壓在同一個目錄中
(如果使用jdk1.4,才需要compat.zip用jdk1.5就可以免了這個。)
2.修改jakarta-tomcat-5.5.x/conf/tomcat-users.xml.
新增管理員賬號lizongbo,密碼為lizongbopass.
新xml如下:
<?xml version='1.0' encoding='utf-8'?>
<tomcat-users>
<role rolename="tomcat"/>
<role rolename="role1"/>
<role rolename="manager"/>
<role rolename="admin"/>
<user username="tomcat" password="tomcat" roles="tomcat"/>
<user username="role1" password="tomcat" roles="role1"/>
<user username="both" password="tomcat" roles="tomcat,role1"/>
<user username="lizongbo" password="lizongbopass" roles="admin,manager"/>
</tomcat-users>
有時在%CATALINA_HOME%/server/webapps/admin/WEB-INF/web.xml裡面也要做些修改
<!-- Security is active on entire directory -->
<security-constraint>
<display-name>Tomcat Server Configuration Security Constraint</display-name>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<!-- Define the context-relative URL(s) to be protected -->
<url-pattern>*.jsp</url-pattern>
<url-pattern>*.do</url-pattern>
<url-pattern>*.html</url-pattern>
</web-resource-collection>
<auth-constraint>
<!-- Anyone with one of the listed roles may access this area -->
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
<!-- Login configuration uses form-based authentication -->
<login-config>
<auth-method>FORM</auth-method>
<realm-name>Tomcat Server Configuration Form-Based Authentication Area</realm-name>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/error.jsp</form-error-page>
</form-login-config>
</login-config>
<!-- Security roles referenced by this web application -->
<security-role>
<description>
The role that is required to log in to the Administration Application
</description>
<role-name>admin</role-name>
</security-role>
無論是 Authetication ( 身份驗證
都只有設定相關的 admin ROLE, 當你想要新增或修改相關的 AA, 就必須修改這一個檔案, 來符合你的環境.3.修改jakarta-tomcat-5.5.x/conf/server.xml來解決編碼問題。
(給Connector 新增URIEncoding引數,參考
http://blog.csdn.net/darkxie/archive/2004/10/25/TOMCATAPP.aspx) (可以設定成GB18030)
<Connector port="8080"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" redirectPort="8443" acceptCount="200"
connectionTimeout="20000" disableUploadTimeout="true" URIEncoding="GBK"
compression="on" compressionMinSize="2048"
noCompressionUserAgents="gozilla, traviata"
compressableMimeType="text/html,text/xml"/>
<Connector port="8009"
enableLookups="false" redirectPort="8443" protocol="AJP/1.3" URIEncoding="GBK"/>
4.啟用支援gzip壓縮.
(
新增下列屬性
compression="on"
compressionMinSize="2048"
noCompressionUserAgents="gozilla, traviata"
compressableMimeType="text/html,text/xml"
5.設定虛擬主機。
在jakarta-tomcat-5.5.x/下建立資料夾vhost/www.mydomain.com。
然後修改jakarta-tomcat-5.5.x/conf/server.xml
<Engine defaultHost="localhost" name="Catalina">
<Host appBase="vhost/www.mydomain.com" name="
</Host>
<Host appBase="webapps" name="localhost">
</Host>
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"/>
</Engine>
6.新增資料庫驅動,更新mail.jar和actiovation.jar
複製mysql-connector-java-3.0.16-ga-bin.jar,pg74.215.jdbc3.jar到 jakarta-tomcat-5.5.x/common/lib/
還有javamail 1.3.2的mail.jar,jaf-1_0_2的 activation.jar
msSQl 2000 JDBC sp3,msbase.jar,msutil,jar,mssqlserver.jar
7.配置SSL
參考
http://jakarta.apache.org/tomcat/tomcat-5.5-doc/ssl-howto.html D:/j2sdk1.4.2_06/bin>%JAVA_HOME%/bin/keytool -genkey -alias tomcat -keyalg RSA
輸入keystore密碼: lizongbossl
您的名字與姓氏是什麼?
[tomcat5.5.x]: tomcat5.5.x
您的組織單位名稱是什麼?
[jakarta]: jakarta
您的組織名稱是什麼?
[apache]: apache
您所在的城市或區域名稱是什麼?
[hzcity]: hzcity
您所在的州或省份名稱是什麼?
[gdp]: gdp
該單位的兩字母國家程式碼是什麼
[CN]: CN
CN=tomcat5.5.x, OU=jakarta, O=apache, L=hzcity, ST=gdp, C=CN 正確嗎?
[否]: y
輸入<tomcat>的主密碼
(如果和 keystore 密碼相同,按回車):
(必須密碼一致,因此直接回車)
然後再把userhome(例如:C:/Documents and Settings/lizongbo/)下的.keystore複製到
tomcat的conf/目錄下。
(例如:D:/jakarta-tomcat-5.5.x/conf/.keystore
配置jakarta-tomcat-5.5.x/conf/server.xml
加上
<Connector port="8443"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS"
keystoreFile="conf/.keystore"
keystorePass="lizongbossl"> <!--與先前設定的密碼一致-->
</Connector>
8.禁止檔案目錄列表,
修改jakarta-tomcat-5.5.x/conf/web.xml,把listing設定為false
<servlet>
<servlet-name>default</servlet-name>
<servlet-class>org.apache.catalina.servlets.DefaultServlet</servlet-class>
<init-param>
<param-name>debug</param-name>
<param-value>0</param-value>
</init-param>
<init-param>
<param-name>listings</param-name>
<param-value>true</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
9.指定了自己的javaEncoding
(參考
http://gceclub.sun.com.cn/staticcontent/html/sunone/app7/app7-dg-webapp/ch6/ch6-4.html <servlet>
<servlet-name>jsp</servlet-name>
<servlet-class>org.apache.jasper.servlet.JspServlet</servlet-class>
<init-param>
<param-name>fork</param-name>
<param-value>false</param-value>
</init-param>
<init-param>
<param-name>javaEncoding</param-name>
<param-value>GB18030</param-value>
</init-param>
<init-param>
<param-name>xpoweredBy</param-name>
<param-value>true</param-value>
</init-param>
<load-on-startup>3</load-on-startup>
</servlet>
10.新增rar,iso等的mime-type對映
避免在瀏覽器裡直接開啟。
<mime-mapping>
<extension>mht</extension>
<mime-type>text/x-mht</mime-type>
</mime-mapping>
<mime-mapping>
<extension>rar</extension>
<mime-type>application/octet-stream</mime-type>
</mime-mapping>
<mime-mapping>
<extension>iso</extension>
<mime-type>application/octet-stream</mime-type>
</mime-mapping>
<mime-mapping>
<extension>ape</extension>
<mime-type>application/octet-stream</mime-type>
</mime-mapping>
<mime-mapping>
<extension>rmvb</extension>
<mime-type>application/octet-stream</mime-type>
</mime-mapping>
<mime-mapping>
<extension>ico</extension>
<mime-type>image/x-icon</mime-type>
</mime-mapping>
10.1對html靜態頁面設定編碼
<!-- 修改下面兩行以支援靜態超文字的自動編碼
-->
<mime-mapping>
<extension>htm</extension>
<mime-type>text/html;charset=gb2312</mime-type>
</mime-mapping>
<mime-mapping>
<extension>html</extension>
<mime-type>text/html;charset=gb2312</mime-type>
</mime-mapping>
</web-app>
11.新增welcome-file-list,並調整順序。
<welcome-file-list>
<welcome-file>index.jsp</welcome-file>
<welcome-file>index.html</welcome-file>
<welcome-file>index.htm</welcome-file>
<welcome-file>default.html</welcome-file>
<welcome-file>default.htm</welcome-file>
<welcome-file>default.jsp</welcome-file>
</welcome-file-list>