skzr.org

浏览: 365365 次
性别:
来自: 长沙

最近访客更多访客>>

eye_n

sycvswho

Bill_Logan

ms143014

博主相关

博客

微博

相册

留言

关于我

文章分类

社区版块

存档分类

tomcat攻略

博客分类：

J2EE

以下是常见的tomcat配置和问题

以下总结来自实践(OS: Ubuntu 10.10 64bit)

Tomcat conf配置
1. tomcat-users.xml配置
2. web.xml静态资源编码设置
3. URI编码设置
APR
配置SSL
1. 非APR的SSL配置步骤
2. APR环境的SSL配置(ssl使用apr)
gzip压缩
jdbc
HttpOnly

tomcat主页

Tomcat conf配置

tomcat-users.xml配置

默认是没有任何用户的，这样开发不方便，如果是生产环境，建议删除所有用户，开发配置(tomcat7)如下：

<?xml version='1.0' encoding='utf-8'?>
<tomcat-users>
  <role rolename="manager-gui"/>
  <role rolename="manager-script"/>
  <role rolename="manager-jmx"/>
  <role rolename="manager-status"/>
  <user username="admin" password="" roles="manager-gui,manager-script,manager-jmx,manager-status"/>
</tomcat-users>

web.xml静态资源编码设置

问题：在查看页面js或者css的源代码的时候，源代码出现乱码，但是页面上一切正常运行，因为tomcat需要配置静态资源的编码格式 解决：打开tomcat_home/conf/web.xml文件，在mime-type中增加编码chartset=utf-8信息即可,如：
```
<mime-mapping>
        <extension>css</extension>
        <mime-type>text/css;charset=utf-8</mime-type>
    </mime-mapping>
    <mime-mapping>
        <extension>js</extension>
        <mime-type>text/javascript;charset=utf-8</mime-type>
    </mime-mapping>
```

URI编码设置

问题：乱码问题，非通过表单的提交，比如直接在浏览器地址栏直接输入中文数据的乱码问题
```
http://yoururl//your.action?name=我的中文名&check=可能在服务器端乱码
```
解决：打开tomcat_home/conf/server.xml文件,设置Connector属性URIEncoding="UTF-8"就可以解决了，注意每一个Connector都要设置此属性
```
<Connector URIEncoding="UTF-8" port="8159" protocol="AJP/1.3" redirectPort="8593"/>
```

APR

tomcat启动时提示信息——The APR based Apache Tomcat Native library which allows optimal performance in production environments was not found

Sep 3, 2010 8:59:51 PM org.apache.catalina.core.AprLifecycleListener init
INFO: The APR based Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path: /prog/java/jdk1.6.0_20/bin:/prog/apache/app-apache-tomcat-7.0.0/bin
Sep 3, 2010 8:59:51 PM org.apache.catalina.startup.Catalina load
INFO: Initialization processed in 848 ms

步骤：APR详情

准备依赖包
1. 下载APR依赖: APR 1.2+ development headers (libapr1-dev package)
2. 下载OpenSSL依赖：OpenSSL 0.9.7+ development headers (libssl-dev package)
解压缩tomcat_home/bin/tomcat-native.tar.gz
进入目录：tomcat-native-1.1.20-src/jni/native 详细安装见此目录下的BUILDING文件
执行 export JAVA_HOME=/prog/java/jdk 设置JDK
执行：./configure --with-apr=/usr/bin --with-ssl=/usr/bin
执行：make
执行：sudo make install -->安装到/usr/local/apr/lib
执行：ln -s /usr/local/apr/lib/libtcnative-1.so $JAVA_HOME/jre/lib/amd64/

重新启动tomcat看到：

Sep 3, 2010 9:56:17 PM org.apache.catalina.core.AprLifecycleListener init
INFO: Loaded APR based Apache Tomcat Native library 1.1.20.
Sep 3, 2010 9:56:18 PM org.apache.catalina.core.AprLifecycleListener init
INFO: APR capabilities: IPv6 [true], sendfile [true], accept filters [false], random [true].
Sep 3, 2010 9:56:18 PM org.apache.catalina.core.AprLifecycleListener lifecycleEvent
INFO: Failed to initialize the SSLEngine.
Sep 3, 2010 9:56:18 PM org.apache.coyote.http11.Http11AprProtocol init
INFO: Initializing Coyote HTTP/1.1 on http-8782
Sep 3, 2010 9:56:18 PM org.apache.coyote.ajp.AjpAprProtocol init
INFO: Initializing Coyote AJP/1.3 on ajp-8711
Sep 3, 2010 9:56:18 PM org.apache.catalina.startup.Catalina load
INFO: Initialization processed in 840 ms

配置SSL

非APR的SSL配置步骤

创建keystore:

jdk/bin/keytool -genkey -keystore tomcat.keystore -alias tomcat -keyalg RSA

把tomcat.keystore放入${user.home}目录中，就是你的用户目录，当然你可以放入其他目录中

修改tomcat的server.xml,增加Connector:

<Connector port="9145" SSLEnabled="true" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS"
                URIEncoding="UTF-8"
                keystoreFile="${user.home}/tomcat.keystore" keystorePass="cms4g-proxy-PaSsWoRd"
                maxThreads="20"
                />

APR环境的SSL配置(ssl不使用apr)：

如果还是按照上面的#非APR的SSL配置步骤进行ssl配置，那么需要这么做:

在Connector中配置protocol=org.apache.coyote.http11.Http11NioProtocol

        <Connector port="9145" SSLEnabled="true" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS"
                protocol="org.apache.coyote.http11.Http11NioProtocol"
                URIEncoding="UTF-8"
                keystoreFile="${user.home}/tomcat.keystore" keystorePass="cms4g-proxy-PaSsWoRd"
                maxThreads="20"
                />

但启动时会提示错误：Failed to initialize the SSLEngine.

Sep 3, 2010 10:49:42 PM org.apache.catalina.core.AprLifecycleListener init
INFO: Loaded APR based Apache Tomcat Native library 1.1.20.
Sep 3, 2010 10:49:43 PM org.apache.catalina.core.AprLifecycleListener init
INFO: APR capabilities: IPv6 [true], sendfile [true], accept filters [false], random [true].
Sep 3, 2010 10:49:43 PM org.apache.catalina.core.AprLifecycleListener lifecycleEvent
INFO: Failed to initialize the SSLEngine.
Sep 3, 2010 10:49:43 PM org.apache.coyote.http11.Http11AprProtocol init
INFO: Initializing Coyote HTTP/1.1 on http-8782
Sep 3, 2010 10:49:43 PM org.apache.tomcat.util.net.NioSelectorPool getSharedSelector
INFO: Using a shared selector for servlet write/read
Sep 3, 2010 10:49:43 PM org.apache.coyote.http11.Http11NioProtocol init
INFO: Initializing Coyote HTTP/1.1 on http-9145
Sep 3, 2010 10:49:43 PM org.apache.coyote.ajp.AjpAprProtocol init
INFO: Initializing Coyote AJP/1.3 on ajp-8711
Sep 3, 2010 10:49:43 PM org.apache.catalina.startup.Catalina load
INFO: Initialization processed in 1162 ms

虽然提示信息：Failed to initialize the SSLEngine.但ssl依然可以正常运行,要抑制此信息只要修改server.xml配置apr的sslengine=off即可，如

  <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="off" />

启动信息

Sep 3, 2010 10:51:53 PM org.apache.catalina.core.AprLifecycleListener init
INFO: Loaded APR based Apache Tomcat Native library 1.1.20.
Sep 3, 2010 10:51:53 PM org.apache.catalina.core.AprLifecycleListener init
INFO: APR capabilities: IPv6 [true], sendfile [true], accept filters [false], random [true].
Sep 3, 2010 10:51:54 PM org.apache.coyote.http11.Http11AprProtocol init
INFO: Initializing Coyote HTTP/1.1 on http-8782
Sep 3, 2010 10:51:54 PM org.apache.tomcat.util.net.NioSelectorPool getSharedSelector
INFO: Using a shared selector for servlet write/read
Sep 3, 2010 10:51:54 PM org.apache.coyote.http11.Http11NioProtocol init
INFO: Initializing Coyote HTTP/1.1 on http-9145
Sep 3, 2010 10:51:54 PM org.apache.coyote.ajp.AjpAprProtocol init
INFO: Initializing Coyote AJP/1.3 on ajp-8711
Sep 3, 2010 10:51:54 PM org.apache.catalina.startup.Catalina load
INFO: Initialization processed in 1081 ms

APR环境的SSL配置(ssl使用apr)

创建相关密钥：OpenSSL官方createKey

创建private key:

Private keys are generated with 'openssl genrsa' if you want a RSA
private key, or 'openssl gendsa' if you want a DSA private key.
  openssl genrsa -out privkey.pem

Creating a certificate request

3. Creating a certificate request
The certificate request is created like this:
  openssl req -new -key privkey.pem -out cert.csr

自签名

4. Creating a self-signed test certificate
  openssl req -new -x509 -key privkey.pem -out cacert.pem -days 1095

我的实际运行：

  openssl genrsa -out tomcatkey.pem
    产生文件 tomcatkey.pem
  openssl req -new -x509 -key tomcatkey.pem -out tomcatca.pem -days 1095
    产生文件 tomcatca.pem

配置APR的SSL Connector和listener，文件server.xml:

  <!--APR library loader. Documentation at /docs/apr.html -->
  <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />

  <!-- Connector配置 -->
        <Connector port="9145" SSLEnabled="true" scheme="https" secure="true" 
                URIEncoding="UTF-8"
                SSLCertificateKeyFile="${user.home}/tomcatkey.pem"
                SSLCertificateFile="${user.home}/tomcatca.pem"
                maxThreads="20"
                />

gzip压缩

直接在server.xml中配置Connector即可：

        <Connector port="9145" SSLEnabled="true" scheme="https" secure="true" 
                URIEncoding="UTF-8"
                SSLCertificateKeyFile="${user.home}/tomcatkey.pem"
                SSLCertificateFile="${user.home}/tomcatca.pem"
                maxThreads="20"
                compression="on"
                compressionMinSize="1024"
                compressableMimeType="text/html,text/xml,text/plain,text/javascript,text/css,application/x-json,application/json"
                />

jdbc

配置Context.xml

       <Context path="" docBase="${catalina.home}/atlassian-jira" reloadable="false">
          <Resource name="jdbc/JiraDS" auth="Container" type="javax.sql.DataSource"
            username="[enter db username]"
            password="[enter db password]"
            driverClassName="com.mysql.jdbc.Driver"
            url="jdbc:mysql://localhost/jiradb?useUnicode=true&amp;characterEncoding=UTF8"
            [ delete the minEvictableIdleTimeMillis and timeBetweenEvictionRunsMillis params here ]
            maxActive="20"
            validationQuery="select 1"/>

          
        </Context>

HttpOnly

配置Context中配置useHttpOnly="true"，tomcat7默认是true，对于6是false

<?xml version="1.0" encoding="UTF-8" ?>  
<Context path="/${tomcat.deployName}" docBase="${basedir}/WebRoot" useHttpOnly="true"/>

带来的问题Tomcat7新特性?cookie HttpOnly的那些事(sessionid获取麻烦了)

1
顶

4
踩

分享到：

[Android]Ubuntu 10.10 HTC G11真机调试 | 我的SQL调优方法

2011-07-23 10:51
浏览 6882
评论(1)
分类:开源软件
查看更多

1 楼孤独枫 2011-07-25

有一定的深度啊！
不知道能提供APR在windows环境下配置没有？

发表评论

您还没有登录,请您登录后再发表评论

最近访客更多访客>>

博主相关

文章分类

社区版块

存档分类

最新评论

tomcat攻略

Tomcat conf配置

tomcat-users.xml配置

web.xml静态资源编码设置

URI编码设置

APR

配置SSL

非APR的SSL配置步骤

APR环境的SSL配置(ssl使用apr)

gzip压缩

jdbc

HttpOnly

评论

发表评论

相关推荐

最近访客 更多访客>>

博主相关

文章分类

社区版块

存档分类

最新评论

tomcat攻略

Tomcat conf配置

tomcat-users.xml配置

web.xml静态资源编码设置

URI编码设置

APR

配置SSL

非APR的SSL配置步骤

APR环境的SSL配置(ssl使用apr)

gzip压缩

jdbc

HttpOnly

评论

发表评论

相关推荐

答复: 再谈一个关于final的不一致编译的低级错误

[MAVEN]web工程的调试

[jetty]jetty学习

[jetty]start.jar启动

在java中怎样执行系统命令？

[MAVEN]maven最佳实践

java点滴

[java]synchronized我的理解

[web工程]Struts2+Spring3.1+Hibernate3.6的集成

[web工程]集成struts2 mvc

[web工程]集成hibernate

[web工程]创建web工程

[分享][Hibernate]公用DAO

[经验][hibernate][自定义类型]hibernate 3.6.3中自定义类型，json类型

hibernate和jdbc加载对象性能

java远程调用通讯协议比较

svn经验

完善包注释[javadoc package-info.java]

Tomcat7新特性?cookie HttpOnly的那些事(sessionid获取麻烦了)

weblogic部署应用

最近访客更多访客>>