Author: dq

How To Set Up MySQL

http://ariejan.net/2007/12/12/how-to-install-mysql-on-ubuntudebian/

https://help.ubuntu.com/11.04/serverguide/C/mysql.html

MySQL is a fast, multi-threaded, multi-user, and robust SQL database server. It is intended for mission-critical, heavy-load production systems as well as for embedding into mass-deployed software.

Get ready

sudo apt-get update
sudo apt-get dist-upgrade

Installation

To install MySQL, run the following command from a terminal prompt: 

sudo apt-get install mysql-server

During the installation process you will be prompted to enter a password for the MySQL root user.

Once the installation is complete, the MySQL server should be started automatically. You can run the following command from a terminal prompt to check whether the MySQL server is running: 

sudo netstat -tap | grep mysql

When you run this command, you should see the following line or something similar: 

tcp        0      0 localhost:mysql         *:*                     LISTEN      2556/mysqld

If the server is not running correctly, you can type the following command to start it: 

sudo /etc/init.d/mysql restart

Configuration

You can edit the /etc/mysql/my.cnf file to configure the basic settings — log file, port number, etc. For example, to configure MySQL to listen for connections from network hosts, change the bind-address directive to the server's IP address:

# — daq — bind-address = 127.0.0.1
After making a change to /etc/mysql/my.cnf the mysql daemon will need to be restarted:
sudo /etc/init.d/mysql restart
The mysql prompt
In order to get to the mysql prompt you will want to issue the command:
mysql -u root -p mysql
Where root is the MySQL administrative user (most like it is root).
You will be prompted for the MySQL administrators password. After you have successfully authenticated you will have a new prompt that looks like:
mysql>
You are now at the MySQL prompt. You only have one command to enter for this to work. You will want to enter this command carefully:
GRANT ALL PRIVILEGES ON *.* TO username@address IDENTIFIED BY “password”;
GRANT ALL PRIVILEGES ON *.* TO root@192.168.1.198 IDENTIFIED BY “QBW password”;
FLUSH PRIVILEGES;
Where username is the username on the remote machine that will be connecting, address is the IP address of the remote machine, and password is the password that will be used by the remote user.
When that command is issued successfully you should see something like:
Query OK, 0 rows affected (0.00 sec)
As long as you get Query OK, you should be good to go.
Now when you need to connect from a remote machine you will use the IP address of the MySQL server, the username you entered in the MySQL command prompt, and the username will be the username you entered in the MySQL command prompt.
That’s it. Your MySQL server is ready to accept remote connections.
Tutorial for MySQL
http://www.yolinux.com/TUTORIALS/LinuxTutorialMySQL.html
Show Grants for user "root" and on ip 192.168.1.198
select * from information_schema.user_privileges where grantee like "'root'%";
select * from information_schema.user_privileges where grantee like "%'192.168.1.198'";
Delete Grants for user "root" on ip 192.168.1.198
REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'root'@'192.168.1.198' ;
Read this again (or more like it) http://ubuntu-commands.blogspot.com/2008/11/how-do-i-enable-remote-access-to-mysql.html
Root Passsword change

If you would like to change the MySQL root password, in a terminal enter: 

sudo dpkg-reconfigure mysql-server-5.1

The mysql daemon will be stopped, and you will be prompted to enter a new password.

You may need to open port if using firewalls

You need to open port 3306 using iptables or BSD pf firewall.
A sample iptables rule to open Linux iptables firewall
/sbin/iptables -A INPUT -i eth0 -p tcp –destination-port 3306 -j ACCEPT
OR only allow remote connection from your web server located at 10.5.1.3:
/sbin/iptables -A INPUT -i eth0 -s 10.5.1.3 -p tcp –destination-port 3306 -j ACCEPT
OR only allow remote connection from your lan subnet 192.168.1.0/24:
/sbin/iptables -A INPUT -i eth0 -s 192.168.1.0/24 -p tcp –destination-port 3306 -j ACCEPT

/sbin/iptables -A INPUT -i eth0 -s 192.168.1.198 -p tcp –destination-port 3306 -j ACCEPT

Did not do these.

sudo mysqladmin -u root -h localhost password 'mypassword'
sudo mysqladmin -u root -h myhostname password 'mypassword'
update db set Host='192.168.1.198' where Db='webdb';
update user set Host='192.168.1.198' where user='webadmin';

Un-install/Remove

sudo apt-get –purge remove mysql-server mysql-common mysql-client

Resources

  • See the MySQL Home Page for more information.

  • The MySQL Handbook is also available in the mysql-doc-5.0 package. To install the package enter the following in a terminal: 

    											sudo apt-get install mysql-doc-5.0

    The documentation is in HTML format, to view them enter file:///usr/share/doc/mysql-doc-5.0/refman-5.0-en.html-chapter/index.html in your browser's address bar.

  • For general SQL information see Using SQL Special Edition by Rafe Colburn.

Mono project – ASP.NET on Linux


ASP.NET
WineHQ (MS on Linux)
SQL Server Express Edition
Microsoft SQL Server Desktop Engine
Microsoft SQL Server Management Studio Express

Apache – Tomcat – PROXY PASS

Steps for proxy a request to SimpleServlet.com

hosts file:

$ nano /etc/hosts
127.0.0.1 SimpleServlet.com

Tomcat changes:

on my deploy, the webapps directory is: :/var/lib/tomcat6/webapps

$ nano /etc/tomcat6/server.xml

#### Inside of the <Engine> tag add below:
<!– SimpleServlet.com –>
<Host
name="SimpleServlet.com"
appBase="webapps/SimpleServlet"
unpackWARs="true"
autoDeploy="true">

<Context
path=""
docBase=""
debug="1"
reloadable="true"/>

<Valve
className="org.apache.catalina.valves.AccessLogValve"
directory="logs"
prefix="tomcat_access_"
suffix=".log"
pattern="common"
resolveHosts="false"/>
</Host>

#### After the </Engine> tag add the below.
#### Each Virtual Host Proxy must be on a different port, remember this for your SimpleServlet.com Apache2 entry
<Connector port="9282" proxyPort="80" proxyName="SimpleServlet.com"/>

Apache2:

$ sudo a2enmod proxy
$ sudo a2enmod proxy_http

$ cd /etc/apache2/sites-available
$ nano SimpleServlet.com

<VirtualHost *:80>

ServerName SimpleServlet.com

<IfModule mod_proxy.c>
ProxyRequests Off

<Proxy SimpleServlet.com>
Order deny,allow
Deny from all
Allow from all
</Proxy>

ProxyPass /index.html !
ProxyPass /sitemap.xml !
ProxyPass / http://SimpleServlet.com:9282/
ProxyPassReverse / http://SimpleServlet.com/

</IfModule>

</VirtualHost>

Restart All:

$ /etc/init.d/apache2 reload

$ a2ensite SimpleServlet.com
$ sudo /etc/init.d/tomcat6 restart
$ /etc/init.d/apache2 restart

Java setup

Java 7

sudo apt-get install openjdk-7-jre-headless

Usually this should already be everything what we have to do. Try it by typing

$ cd /usr/bin

$ln -s j2sdk1.5-sun jdk

$ JAVA_HOME="/usr/bin/java"

$ export JAVA_HOME

$ which java

$ sudo java -version

This works – Apache + Tomcat + mod_jk

Good YouTube : http://www.youtube.com/watch?v=Njx1V4ZW_g0

Good YouTube w/LoadBalance : http://www.youtube.com/watch?v=yNuuoQLw0tA

This is a compact step-by-step guide for installing Tomcat with Apache and mod_jk on a Ubuntu 10.10 system considering following components

Apache 2, MySQL 5, PHP 5, PhpMyAdmin, Sun Java JDK 1.6, Tomcat 6.0, Tomcat-Admin, mod_jk

Important note: This is just the first version of this guide. It does not consider any previous configured or installed components

…Greyed out indicates should try, not tested…

http://java.qbytesworld.com/post/-Ubuntu-Server-Setup-.aspx

Server setup would allow for skipping steps:

  • 1 as we do not want MySQL on the same server and Apache2 is in setup (needs cleaned up)
  • 2 as we do not care about PHP (and already skipping)
  • 4 as we have it in the Setup

1 LAMP – Apache, MySQL, PHP (Add Tomcat)

$ sudo apt-get install tasksel
$ sudo tasksel

Remember your MySQL password.

Now create a test page


$ sudo nano /var/www/info.php

and insert following code

<?php
phpinfo();
?>

Restart Apache

/etc/init.d/apache2 restart

and check if everything went fine

$ wget http://[MY_IP]/info.php

2 PHPMyAdmin

Install via apt-get

$ sudo apt-get install phpmyadmin

Choose Apache, and insert credentials

Now create a soft-link to make phpmyadmin-sources available in /var/www

$ sudo ln -s /usr/share/phpmyadmin /var/www/phpmyadmin

Now open a browser and see if it’s working

http://[MY_IP]/phpmyadmin

(use the credentials you defined shortly before)

3 JAVA

Due Sun’s java is not provided by the repository anymore, we have to add it manually:

$ sudo apt-get install python-software-properties
$ sudo add-apt-repository ppa:sun-java-community-team/sun-java6
$ sudo apt-get install sun-java6-jdk

Usually this should already be everything what we have to do. Try it by typing

$ sudo java -version

4 TOMCAT – Commons and Admin/Manager

Install both tomcat-common and tomcat-admin via apt-get

$ sudo apt-get install tomcat6
$ sudo apt-get install tomcat6-admin
$ sudo apt-get install tomcat6 tomcat6-admin tomcat6-common tomcat6-docs tomcat6-examples tomcat6-user

For accessing the Tomcat-admin we need to add our own manager-user

$sudo nano /etc/tomcat6/tomcat-users.xml

And add the new user

<role rolename="admin"/>
<role rolename="manager"/>
<user username="admin" password="my_secret" roles="admin,manager"/>

Finally restart Tomcat

$ sudo /etc/init.d/tomcat6 restart

Try if it works

http://[MY_IP]:8080/manager/html

5 Mod JK

Install via apt-get

$ sudo apt-get install libapache2-mod-jk

Now create our own workers.properties file for Apache.
Open or create

$ sudo nano /etc/apache2/workers.properties

and paste:

workers.tomcat_home=/var/lib/tomcat6
#workers.java_home=/usr/lib/jvm/java-6-sun
workers.java_home=/usr/lib/jvm/default-java
ps=/
# Define 1 real worker using ajp13
worker.list=worker1
# Set properties for worker1 (ajp13)
worker.worker1.type=ajp13
worker.worker1.host=localhost
worker.worker1.port=8009
worker.default.lbfactor=1
Now tell the Apache to use this worker
$ sudo nano /etc/apache2/apache2.conf

and add following lines

<IfModule>
JkWorkersFile /etc/apache2/workers.properties
# Where to put jk shared memory
# Update this path to match your local state directory or logs directory
JkShmFile /var/log/apache2/mod_jk.shm
# Where to put jk logs
# Update this path to match your logs directory location (put mod_jk.log next to access_log)
JkLogFile /var/log/apache2/mod_jk.log
# Set the jk log level [debug/error/info]
JkLogLevel info
LockFile ${APACHE_LOCK_DIR}/accept.lock
# Select the timestamp log format
JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
JkRequestLogFormat "%w %V %T"
</IfModule>

Finally configure which URLs Apache should pass through the Tomcat

Serving our Tomcat pages
$ sudo nano /etc/apache2/sites-enabled/000-default
JkMount /mytomcatwebappname* worker1
JkMount /docs* worker1
JkMount /examples* worker1
JkMount /manager* worker1
JkMount /sample* worker1
This means, that every URL that contains the key mytomcatwebappname gets handled by Tomcat instead of Apache.

(If you want to pass all requests to the Apache (instead of individual ones), just remove the line
DocumentRoot /var/www
and add following JkMounts:
JkMount / worker1
JkMount /* worker1)

Serve some Java JSP Site called QBW-Web-Parent.com

$ sudo nano /etc/apache2/sites-available/QBW-Web-Parent.com

<VirtualHost *:80>
DocumentRoot /var/lib/tomcat6/webapps/QBW-Web-Parent
ServerName QBW-Web-Parent.com
JkMount /*.jsp worker1
JkMount /* worker1
</VirtualHost>
<VirtualHost *:443>
DocumentRoot /var/lib/tomcat6/webapps/QBW-Web-Parent
ServerName QBW-Web-Parent.com
JkMount /*.jsp worker1
JkMount /* worker1
SSLEngine On
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on
# A self-signed (snakeoil) certificate can be created by installing
# the ssl-cert package. See
# /usr/share/doc/apache2.2-common/README.Debian.gz for more info.
# If both key and certificate are stored in the same file, only the
# SSLCertificateFile directive is needed.
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
</VirtualHost>

=====================================================

And last but not least, we have to enable the redirect port 8443 on Tomcat

$ sudo nano /etc/tomcat6/server.xml

And uncomment / insert / update that following line is present

<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />

Then scroll down and find: 

  </Host></Engine>

AFTER the ending </Host> tag, and BEFORE the ending </Engine> tag, insert the following:

<!– QBW-Web-Parent.com –>
<Host
name="QBW-Web-Parent.com"
appBase="webapps/QBW-Web-Parent"
unpackWARs="true"
autoDeploy="true">
<Context
path=""
docBase=""
debug="1"
reloadable="true"/>
<Valve
className="org.apache.catalina.valves.AccessLogValve"
directory="logs"
prefix="tomcat_access_"
suffix=".log"
pattern="common"
resolveHosts="false"/>
</Host>

Now we only have to restart first the Tomcat and then the Apache

$ sudo /etc/init.d/tomcat6 restart
$ sudo /etc/init.d/apache2 restart

Et voila, now it should work as expected.

http://www.javathinking.com/2007/10/tomcat-with-apache2-virtual-hosts/

http://www.debuntu.org/2006/02/22/7-virtual-hosting-using-apache-2

http://www.tequilafish.com/2007/08/02/apache-virtualhost-on-ubuntu/

6 Setup a new virtual host in Apache2

Create the folders for our new virtual host:

mkdir /var/www/server1.example.com
mkdir /var/www/server1.example.com/htdocs
mkdir /var/www/server1.example.com/logs

Then create a new site in Apache2:

vi /etc/apache2/sites-available/server1.example.com

Then add: 

<VirtualHost *:80>JkMount /* defaultServerName server1.example.comServerAdmin webmaster@server1.example.comDocumentRoot /var/www/server1.example.com/htdocsErrorLog /var/www/server1.example.com/logs/error.logCustomLog /var/www/server1.example.com/logs/access.log combined<Directory /var/www/server1.example.com/htdocs>Options -Indexes</Directory></VirtualHost>

Note: JkMount can be setup in different ways.

JkMount /* will use tomcat for all files
JkMount /*.jsp only for .jsp files
JkMount /folder/* for tomcat files in a specific directory

Enable the new virtual host we created, by running:

a2ensite server1.example.com

6 Setup a new virtual host in Tomcat6

Open up the configuration file for Tomcat6:

vi /etc/tomcat6/server.xml

Find the following lines: 

<!--<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />-->

And uncomment the connector port, like this: 

<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />

Then scroll down and find: 

  </Host></Engine>

AFTER the ending </Host> tag, and BEFORE the ending </Engine> tag, insert the following: 

<!-- server1.example.com -->

<Host

 name="server1.example.com"

 appBase="/var/www/server1.example.com"

 unpackWARs="true"

 autoDeploy="true">

 

<Context

 path=""

 docBase="htdocs"

 debug="0"

 reloadable="true"/>

 

<Valve

 className="org.apache.catalina.valves.AccessLogValve"

 directory="/var/www/server1.example.com/logs"

  prefix="tomcat_access_"

 suffix=".log"

 pattern="common"

 resolveHosts="false"/>

</Host>

Make sure you replace server1.example.com with your details in all the places.

Now lets create a Catalina folder for our new domain:

mkdir /etc/tomcat6/Catalina/server1.example.com

And copy the original context files to new domain:

cp /etc/tomcat6/Catalina/localhost/* /etc/tomcat6/Catalina/server1.example.com/

But remove the ROOT.xml file, because we don't need that one on our new domain:

rm -f /etc/tomcat6/Catalina/server1.example.com/ROOT.xml

4.5 Create a test file and test our new setup

Create a new test.jsp file for our new virtual host:

vi /var/www/server1.example.com/htdocs/test.jsp

and add: 

<html><head><title>Hello World</title></head><body><h1>Hello World</h1>Today is: <%= new java.util.Date().toString() %></body></html>

Save and exit the file.

Finally restart the services, so that the new configuration will load:

/etc/init.d/apache2 stop
/etc/init.d/tomcat6 restart
/etc/init.d/apache2 start

Then use your browser to visit http://server1.example.com/test.jsp and verify that you get the test page we just created.

You should also be able to visit http://server1.example.com/examples which is now also available on our virtual host (/docs, /manager/html and /host-manager/html should also work):

SSL on Apache2

http://java.qbytesworld.com/post/apache-tomcat-ubuntu-1104.aspx

References:

Paths:

Apache2 configuration

/etc/apache2/workers.properties
/etc/apache2/conf.d/mod_jk.conf
/etc/apache2/sites-available/server1.example.com
/var/www/server1.example.com/htdocs/

Tomca6 configuration

/etc/tomcat6/tomcat-users.xml
/etc/tomcat6/server.xml
/etc/tomcat6/Catalina/server1.example.com/

Tomca6 webapp path

/var/lib/tomcat6/webapps/QBW-Web-Parent

Tomca6 Cache

/var/cache/tomcat6/Catalina/localhost

Restart Apache2 and Tomcat6

/etc/init.d/apache2 stop
/etc/init.d/tomcat6 restart
/etc/init.d/apache2 start

Information via: http://blog.cwill-dev.com/2011/04/07/installing-apache2-and-tomcat6-with-mod_jk-on-ubuntu-10-10/

Installing Apache2 and Tomcat6 with mod_jk on Ubuntu 10.10

Published on April 7, 2011 in Java, Uncategorized and Webserver. 4 Comments Tags: , , , , .

One more time – Apache2 Tomcat6 Ubuntu

http://www.scribd.com/doc/59574695/Step-By-Step-Guide-Ubuntu-11-04-Natty-Server-Installation-and-Administration

ubuntu "11.04" "apache2" "tomcat6"

http://www.google.com/#sclient=psy&hl=en&source=hp&q=ubuntu+%2211.04%22+%22apache2%22+%22tomcat6%22&aq=f&aqi=&aql=&oq=&pbx=1&bav=on.2,or.r_gc.r_pw.&fp=dffd0c150f157a6e&biw=1280&bih=912

fedora "apache2" "tomcat6"

http://www.google.com/#sclient=psy&hl=en&source=hp&q=fedora+%22apache2%22+%22tomcat6%22&aq=f&aqi=&aql=&oq=&pbx=1&bav=on.2,or.r_gc.r_pw.&fp=dffd0c150f157a6e&biw=1280&bih=912

http://riajava.blogspot.com/2009/03/apache2-tomcat6-java-mysql-on-ubuntu.html

http://www.howtoforge.com/how-to-install-tomcat6-with-sun-java-and-apache2-integration-on-ubuntu-10.04-lucid-lynx-with-virtual-hosts

http://www.howtoforge.com/how-to-install-tomcat6-with-sun-java-and-apache2-integration-on-ubuntu-10.04-lucid-lynx-with-virtual-hosts-p2

Apache 2.2 and Tomcat 6 Integration

Published by admin on October 2, 2007 07:47 pm under Linux
It is possible to use Apache as the web listener for Tomcat. I have heard several reasons why people do this. The reason I did this is so that I can use Apache to handle security for my web application. This entry will describe the process of connecting Apache to Tomcat using mod_jk.
First you will need to download the latest source for the following applications:
Apache 2.2 (2.2.4 at the time of writing)
Tomcat 6 (6.0.26 at the time of writing)
mod_jk (1.2.22 at the time of writing)
Set the following environment variables. I would recommend placing them in your .bash_profile or .profile. If you place them in either of these files source the file immediately.
# Install Java
apt-get install sun-java6-jdk openjdk-6-jdk
sudo apt-get install sun-java6-jdk openjdk-6-jdk
add-apt-repository "deb http://archive.canonical.com/ubuntu lucid partner"
sudo su
java -version
# Tomcat env settings
export JAVA_OPTS="-Xms512m -Xmx1024m"
export JAVA_HOME=/usr/lib/jvm/java-6-sun-1.6.0.26
export CATALINA_HOME=/home/davidq/tmp/apache-tomcat-6.0.32
JAVA_OPTS sets the minimum and maximum memory that will be available to the JVM running Tomcat. JAVA_HOME and CATALINA_HOME are used by several Tomcat scripts. This configuration will use the Sun JDK version 1.6. You can see that JAVA_HOME points to jdk1.6.0.
Extract the contents of each of the previous in a directory.
cd /home/yourusername/tmp
tar zxvf httpd-2.2.4.tar.gz
tar zxvf apache-tomcat-6.0.13.tar.gz -C /home/davidq/tmp
tar zxvf tomcat-connectors-1.2.22-src.tar.gz

The apache-tomcat-6.0.13 directory will be extracted to /home/davidq/tmp. You can extract it wherever you would like by changing the argument for -C. There is a tiny bit of configuration for Tomcat. vi /home/davidq/tmp/apache-tomcat-6.0.13/conf/tomcat-users.xml and place the following between the tomcat-users tags:
<role rolename="manager"/>

<role rolename="manager-gui"/>

<user username="tomcat" password="s3cret" roles="manager,manager-gui"/>

cd to the httpd-2.2.4 directory
./configure –"prefix=/home/davidq/tmp/apache" –"with-included-apr" –"with-mpm=worker"
make
make install
Notice the –with-mpm=worker? We need this for mod_jk. There are some entries that need to be added to the httpd.conf for mpm worker. vi /home/davidq/tmp/apache/conf/httpd.conf and add the following beneath the “ServerRoot" block:
# worker MPM
# StartServers: initial number of server processes to start
# MaxClients: maximum number of simultaneous client connections
# MinSpareThreads: minimum number of worker threads which are kept spare
# MaxSpareThreads: maximum number of worker threads which are kept spare
# ThreadsPerChild: constant number of worker threads in each server process
# MaxRequestsPerChild: maximum number of requests a server process serves
<IfModule worker.c>
ServerLimit 16
StartServers 2
MaxClients 150
MinSpareThreads 25
MaxSpareThreads 75
ThreadsPerChild 25
</IfModule>
You will want to change “Listen 80″ to “Listen 8079″ because you wont be able to start Apache on port 80 unless you are root. By default Tomcat listens on 8080.
Also in the httpd.conf file look for the LoadModule section and append the following to that section:
LoadModule jk_module modules/mod_jk.so
Include “/home/davidq/tmp/apache/conf/mod_jk.conf"
You will also need to configure Apache for your web application. Here are just some examples. They will be referenced again in the mod_jk section.
Alias /jktest /home/davidq/tmp/jktest
<Directory /home/davidq/tmp/jktest>
Options FollowSymLinks Includes
DirectoryIndex index.html
AddHandler server-parsed shtml
order allow,deny
allow from all
</Directory>
<Location /jktest/TestServlet>
<Limit POST>
Order deny,allow
Deny from all
Allow from localhost
Satisfy any
</Limit>
</Location>
The mod_jk connector needs to be installed now. Here are the steps:
cd to the tomcat-connectors-1.2.22-src/native directory
./configure –"with-apxs=/home/davidq/tmp/apache/bin/apxs"
make
make install
vi /home/davidq/tmp/apache/conf/mod_jk.conf and add the following:
<IfModule mod_jk.c>
JkShmFile /home/davidq/tmp/apache/logs/jk-runtime-status
JkLogFile /home/davidq/tmp/apache/logs/mod_jk.log
JkLogLevel info
JkWorkersFile /home/davidq/tmp/apache/conf/workers.properties
JkMount /jktest/*.jsp wkr01
JkMount /jktest/TestServlet wkr01
</IfModule>
vi /home/davidq/tmp/apache/conf/workers.properties and add the following:
# workers.properties – ajp13
#
# List workers
worker.list=wkr01
#
# Define ajp13 worker
worker.wkr01.type=ajp13
worker.wkr01.host=localhost
worker.wkr01.port=8009
worker.wkr01.connection_pool_size=25
worker.wkr01.connection_pool_minsize=13
We need to create a test jsp file so that we can ensure the connector is working. First make a directory /home/davidq/tmp/jktest. After the directory is created, vi /home/davidq/tmp/jktest/testfile.jsp and paste the following in it:
<HTML>
<HEAD>
<TITLE>mod_jk test</TITLE>
</HEAD>
<BODY>
<%out.println("Hello World");%> !
</BODY>
</HTML>
Now we need to create a context file for our application. vi /home/davidq/tmp/jktest/jktest.xml and paste the following in it:
<?xml version=’1.0′ encoding=’utf-8′?>
<Context displayName="JkTest" docBase="/home/davidq/tmp/jktest" path="/jktest" workDir="work/Catalina/localhost/jktest">
</Context>
To start Tomcat and Apache run the following:
/home/davidq/tmp/apache-tomcat-6.0.13/bin/startup.sh
/home/davidq/tmp/apache/bin/apachectl start
With Tomcat started you will need to configure the jktest context. Enter the following URL in your browser. When you are prompted for a username and password, enter tomcat for the username and s3cret for the password.
http://yourmachine:8080/manager/html
After logging in look to the bottom of the page for a section named “Deploy". Fill in the following fields and click Deploy.
Context Path (optional): /jktest
XML Configuration file URL: file:/home/davidq/tmp/jktest/jktest.xml
WAR or Directory URL: LEAVE BLANK
Now all you need to do is test. You should be able to access testfile.jsp via the following URL:
http://yourservername.domain.com:8079/jktest/testfile.jsp

SSL apache tomcat ubuntu 11.04

http://www.howtoforge.com/how-to-set-up-an-ssl-vhost-under-apache2-on-ubuntu-9.10-debian-lenny

This article explains how you can set up an SSL vhost under Apache2 on Ubuntu 9.10 and Debian Lenny so that you can access the vhost over HTTPS (port 443). SSL is short for Secure Sockets Layer and is a cryptographic protocol that provides security for communications over networks by encrypting segments of network connections at the transport layer end-to-end. We use the mod_ssl Apache module here to provide strong cryptography for Apache2 via SSL by the help of the Open Source SSL toolkit OpenSSL.

This document comes without warranty of any kind! I do not issue any guarantee that this will work for you!

1 Preliminary Note

I'm assuming that you have a working LAMP setup on your Ubuntu 9.10 or Debian Lenny box, as shown in these tutorials:

I will set up SSL for my vhost v in this tutorial – hostmauritius.com is a domain that I own – replace it with your own domain. I will show how to use a self-signed certificate (this will result in a browser warning when you access https://v) and how to get a certificate from a trusted certificate authority (CA) such as Verisign, Thawte, Comodo, etc. – with a certificate from a trusted CA, your visitors won't see any browser warnings, as is the case with a self-signed certificate. I will use a certificate from CAcert.org – these certificates are free, but are not recognized by all browsers, but it should give you the idea how to install a certificate from a trusted CA.

It is important to know that you can have just one SSL vhost per IP address – if you want to host multiple SSL vhost, you need multiple IP addresses!

I'm running all the steps in this tutorial with root privileges, so make sure you're logged in as root. On Ubuntu, run

sudo su

to become the root user.

2 Enabling mod_ssl

To enable apache's SSL module, run…

a2enmod ssl

… and restart Apache:

/etc/init.d/apache2 restart

Apache should now be listening on port 443 (HTTPS):

netstat -tap | grep https

root@server1:~# netstat -tap | grep https
tcp6 0 0 [::]:https [::]:* LISTEN 1238/apache2
root@server1:~#

3 Setting Up The Vhost

I will now create the vhost server1.example.com with the document root /var/www/server1.example.com. First I create that directory:

mkdir /var/www/server1.example.com

Apache comes with a default SSL vhost configuration in the file /etc/apache2/sites-available/default-ssl. We use that file as a template for the server1.example.com vhost…

cp /etc/apache2/sites-available/default-ssl /etc/apache2/sites-available/server1.example.com-ssl

… and open /etc/apache2/sites-available/server1.example.com-ssl:

vi /etc/apache2/sites-available/server1.example.com-ssl

Make sure you use the correct IP address in the <VirtualHost xxx.xxx.xxx.xxx:443> line (192.168.0.100 in this example); Also fill in the correct ServerAdmin email address and add the ServerName line. Adjust the paths in the DocumentRoot line and in the <Directory > directives, if necessary: 

									<IfModule mod_ssl.c>
			<VirtualHost 192.168.0.100:443>
			ServerAdmin
			webmaster@hostmauritius.com
			ServerName server1.example.com:443
			DocumentRoot /var/www/server1.example.com
			<Directory />
			Options FollowSymLinks
			AllowOverride None
			</Directory>
			
									<Directory /var/www/server1.example.com/>   Options
			Indexes FollowSymLinks MultiViews   AllowOverride None   Order allow,deny
			allow from all   </Directory>   ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/   <Directory
			
									#   SSL
			Engine Switch:
			#   Enable/Disable SSL for this virtual host.
			SSLEngine  on
			#   A  self-signed (snakeoil) certificate can be created by installing
			#   the ssl-cert package. See
			#   /usr/share/doc/apache2.2-common/README.Debian.gz for more info.
			#   If both key and certificate are stored in the same file, only the
			#   SSLCertificateFile directive is needed.
			
						SSLCertificateFile    /etc/ssl/certs/ssl-cert-snakeoil.pem
			SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
			
			
									#   Server Certificate Chain:
			#   Point SSLCertificateChainFile at a file containing the
			#   concatenation of PEM encoded CA certificates which form the
			#   certificate chain for the server certificate. Alternatively
			#   the referenced file can be the same as SSLCertificateFile
			#   when the CA certificates are directly appended to the server
			#   certificate for convinience.

As you see, this vhost uses the default self-signed snakeoil certificate that comes with Ubuntu/Debian:

SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key

Now disable the default SSL vhost (if it is enabled), enable the server1.example.com vhost and reload apache:

a2dissite default-ssl
a2ensite server1.example.com-ssl
/etc/init.d/apache2 reload

Now open a browser and go to your new SSL vhost (https://server1.example.com in this case). Because we are using Debian's/Ubuntu's default self-signed certificates, we should get a warning that the connection is untrusted (to use that web site anyway, click on I Understand the Risks and follow the instructions in your browser):

4 Creating A Self-Signed Certificate

Until now, we've used Debian's/Ubuntu's default self-signed certificate. I will now show you how to create your own self-signed certificate. With this certificate, you will still get browser warnings, but this certificate is required to get a trusted certificate from a trusted CA later on.

Make sure that the package ssl-cert is installed:

aptitude install ssl-cert

You can now create a self-signed certificate for server1.example.com as follows:

make-ssl-cert /usr/share/ssl-cert/ssleay.cnf /etc/ssl/private/server1.example.com.crt

You will be asked for the hostname:

Host name: <– server1.example.com

This will create the self-signed certificate and the private key in one file, /etc/ssl/private/server1.example.com.crt:

cat /etc/ssl/private/server1.example.com.crt 

															-----BEGIN RSA PRIVATE KEY-----
			MIICXgIBAAKBgQDWuQUCXjDucCdKnowwclux0Tb392+I/KSLkqp4bY577U4EcS0V
			J28eWIYOTiA38UDteLMXZSFyzWtq1QREzU0sPeQXWjJ/r6sDGSNlOFxnBJlg/ll2
			2JHTeMZQZ4QoLejaS8SBU2v8mQFIZrvT+/RUsAyFNVvfVA+dm5bQS9dH5QIDAQAB
			AoGBAMBwsfydTl1kRtKpphsFYwjK6Ojz6hJr20z79axZBAotdG6mwDDlVsFrtTm8
			
															60M4BWjPdDLTgFbTpCHrKBhBp5cJqgSXntd2i2JjOFpIQSlinGJ6HncFEC3AAxeE
			PVTH77k2sVckwQ5tnOVX6gGuYt5E5wd3J43mLyyHCpFXz4dBAkEA/O4q2CpCXlT0
			Mklt/8rlzzIhxyoOuPI3WH+lr5tO3LSNpLbzW74l/lTvFhCbQCKsb3eyZVhzE+f+
			9ZJM+ao5kwJBANlUJPyc2bYpY2124c83rYtK6Xth9c+sxxUdWbkkyEdaF1ixlR+r
			8Qoze+ISHBr9DCZWbQGZirwoX/+qufvFA6cCQHECcT44U4MWbi1xxaY+n8Od4J2+
			Wumjv7rY/cyile/i9E6eN8nMAenLRTAUp2lWlLkRQDIr/O7t/2r1vVLoDeUCQQCO
			5R+opS0U9CO27srMZ+yIwMnB4Ygxc4Y24OSEsqWpHJhrLeBCQdir/2v+GjA2oplh
			f8QOoDkzPEzamxPMch7TAkEAyLke88CR1awZQQnTGKho6g5npdGgntjBVO+ZEl18
			PfCIyGk5bsLrAsprgS+Xp5SSQfAG2fUatpXqsYGBO8q2dA==
			-----END RSA PRIVATE KEY-----
			-----BEGIN CERTIFICATE-----
			MIIBqzCCARQCCQDDCFjQ7Ii1gjANBgkqhkiG9w0BAQUFADAaMRgwFgYDVQQDEw93
			d3cuZXhhbXBsZS5jb20wHhcNMTAwMTEyMTY1NDI2WhcNMjAwMTEwMTY1NDI2WjAa
			MRgwFgYDVQQDEw93d3cuZXhhbXBsZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0A
			MIGJAoGBANa5BQJeMO5wJ0qejDByW7HRNvf3b4j8pIuSqnhtjnvtTgRxLRUnbx5Y
			hg5OIDfxQO14sxdlIXLNa2rVBETNTSw95BdaMn+vqwMZI2U4XGcEmWD+WXbYkdN4
			xlBnhCgt6NpLxIFTa/yZAUhmu9P79FSwDIU1W99UD52bltBL10flAgMBAAEwDQYJ
			KoZIhvcNAQEFBQADgYEAJ/tYRc3CImo2c4FyG+UJTUIgu+p8IcMH9egGaMc335a5
			IwA2BBsiS3YAux8mteE2N03Nae6wTVbgEl8J68z1XyzklGtC/EG7ygtnOlfFTJWn
			U5HMaGOGBvOnFViF4e/DuBs7VPePKzqF2mmKIeAvoMA5GTH/iA4yJIFlgHhCMU8=
			-----END CERTIFICATE-----

I will now split up that file in two, the private key /etc/ssl/private/server1.example.com.key and the self-signed certificate /etc/ssl/certs/server1.example.com.pem:

vi /etc/ssl/private/server1.example.com.key

This file must contain the part beginning with —–BEGIN RSA PRIVATE KEY—– and ending with —–END RSA PRIVATE KEY—–: 

															-----BEGIN CERTIFICATE-----
			MIIBqzCCARQCCQDDCFjQ7Ii1gjANBgkqhkiG9w0BAQUFADAaMRgwFgYDVQQDEw93
			d3cuZXhhbXBsZS5jb20wHhcNMTAwMTEyMTY1NDI2WhcNMjAwMTEwMTY1NDI2WjAa
			MRgwFgYDVQQDEw93d3cuZXhhbXBsZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0A
			MIGJAoGBANa5BQJeMO5wJ0qejDByW7HRNvf3b4j8pIuSqnhtjnvtTgRxLRUnbx5Y
			hg5OIDfxQO14sxdlIXLNa2rVBETNTSw95BdaMn+vqwMZI2U4XGcEmWD+WXbYkdN4
			xlBnhCgt6NpLxIFTa/yZAUhmu9P79FSwDIU1W99UD52bltBL10flAgMBAAEwDQYJ
			KoZIhvcNAQEFBQADgYEAJ/tYRc3CImo2c4FyG+UJTUIgu+p8IcMH9egGaMc335a5
			IwA2BBsiS3YAux8mteE2N03Nae6wTVbgEl8J68z1XyzklGtC/EG7ygtnOlfFTJWn
			U5HMaGOGBvOnFViF4e/DuBs7VPePKzqF2mmKIeAvoMA5GTH/iA4yJIFlgHhCMU8=
			-----END CERTIFICATE-----

The key must be readable and writable by root only:

chmod 600 /etc/ssl/private/server1.example.com.key

vi /etc/ssl/certs/server1.example.com.pem

This file must contain the part beginning with —–BEGIN CERTIFICATE—– and ending with —–END CERTIFICATE—–: 

															-----BEGIN CERTIFICATE-----
			MIIBqzCCARQCCQDDCFjQ7Ii1gjANBgkqhkiG9w0BAQUFADAaMRgwFgYDVQQDEw93
			d3cuZXhhbXBsZS5jb20wHhcNMTAwMTEyMTY1NDI2WhcNMjAwMTEwMTY1NDI2WjAa
			MRgwFgYDVQQDEw93d3cuZXhhbXBsZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0A
			MIGJAoGBANa5BQJeMO5wJ0qejDByW7HRNvf3b4j8pIuSqnhtjnvtTgRxLRUnbx5Y
			hg5OIDfxQO14sxdlIXLNa2rVBETNTSw95BdaMn+vqwMZI2U4XGcEmWD+WXbYkdN4
			xlBnhCgt6NpLxIFTa/yZAUhmu9P79FSwDIU1W99UD52bltBL10flAgMBAAEwDQYJ
			KoZIhvcNAQEFBQADgYEAJ/tYRc3CImo2c4FyG+UJTUIgu+p8IcMH9egGaMc335a5
			IwA2BBsiS3YAux8mteE2N03Nae6wTVbgEl8J68z1XyzklGtC/EG7ygtnOlfFTJWn
			U5HMaGOGBvOnFViF4e/DuBs7VPePKzqF2mmKIeAvoMA5GTH/iA4yJIFlgHhCMU8=
			-----END CERTIFICATE-----

Now we can delete the /etc/ssl/private/server1.example.com.crt file:

rm -f /etc/ssl/private/server1.example.com.crt

Next we adjust our SSL vhost to use the new private key and the self-signed certificate:

vi /etc/apache2/sites-available/server1.example.com-ssl 

			[...]
			#   A self-signed (snakeoil) certificate can be created by installing
			#   the ssl-cert package. See
			#/usr/share/doc/apache2.2-common/README.Debian.gz for more info.
			#   If both key and certificate are stored in the same file, only the
			#   SSLCertificateFile directive is needed.
			
			SSLCertificateFile  /etc/ssl/certs/server1.example.com.pem
			
			SSLCertificateKeyFile /etc/ssl/private/server1.example.com.key
			
			SSLEngine  on

Reload Apache:

/etc/init.d/apache2 reload

The SSL vhost will now use your new private key and self-signed certificate for encryption (but because it is a self-signed certificate, you will still get the browser warning when you access https://server1.example.com).

WebFraction – Tomcat

You need to modify it to create a new ROOT directory.

This will display a default application instead of the ROOT.war (Tomcat, it's working page).

Copy the Root directory to tomcat.

Paste the below red into server.xml after installing and uploading your war.

<Host name="localhost" appBase="webapps"
unpackWARs="true" autoDeploy="true">

<Context path="" docBase="QBW-Web-Base">
<!– Default set of monitored resources –>
<WatchedResource>WEB-INF/web.xml</WatchedResource>
<!– Uncomment this to disable session persistence across Tomcat restarts –>
<!–
<Manager pathname="" />
–>
<!– Uncomment this to enable Comet connection tacking (provides events
on session expiration as well as webapp lifecycle) –>
<!–
<Valve className="org.apache.catalina.valves.CometConnectionManagerValve" />
–>
</Context>

WebFraction memory limitation

You will also need to modify catalina.sh

if [ -z "$LOGGING_MANAGER" ]; then
JAVA_OPTS="$JAVA_OPTS -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Xmx40m -Xms10m -Xss64k"
else
JAVA_OPTS="$JAVA_OPTS $LOGGING_MANAGER -Xmx40m -Xms10m -Xss64k"
fi

Tag Cloud