[FrontPage] [TitleIndex] [WordIndex

Apache Tomcat

Contents

  1. Compatibility
    1. Tomcat bugs
    2. Class loader leaks
    3. Apache Tomcat 4.x
    4. Apache Tomcat 5.0
    5. Apache Tomcat 5.5
    6. Apache Tomcat 6.0
  2. Useful to know
    1. How to redirect startpage if Tomcat is used as http webserver
    2. Securing Webapps
  3. Development

1. Compatibility

See deegreeCompatibility for compatibility information.

1.1. Tomcat bugs

Important Note:

Some Tomcat versions have a known bug ( https://issues.apache.org/bugzilla/show_bug.cgi?id=44494 ) that affects deegree. Please don't use the following versions:

The problem concerns large POST-requests (greater than 8k) like the WFS Philosopher-Insert example (Insert.xml). The request gets truncated and won't be recognized as a valid XML document.

The bug has been fixed in later versions (5.5.27/6.0.18).

1.2. Class loader leaks

Don't use the 0.4.0 branch of deegree 3 with tomcat versions >= 6.0.24. More information about the rather experimental code that has been integrated into this minor version update can be found here. For deegree 2 and deegree 3 trunk some problems have been fixed, but more problems may occur after more extensive testing, so use with care (and report any problems).

1.3. Apache Tomcat 4.x

1.4. Apache Tomcat 5.0

1.5. Apache Tomcat 5.5

In a Proxy environment, the following tests worked fine:

See the bug report here for more information.

During the tests some more infos about proxy listing in Java. Be aware of tick marking in the different environments! Against the Java Sun documentation in, use the following:

1.6. Apache Tomcat 6.0

2. Useful to know

2.1. How to redirect startpage if Tomcat is used as http webserver

Modify index.html in webapps/ROOT as follows: 

<html>
  <head><meta http-equiv="refresh" content="0;URL=http://www.mydomain.de/myportal"></head>
  <body> </body>
</html>

2.2. Securing Webapps

To secure your webapp you should add the following code snippet to your <webapp-dir>/WEB-INF/web.xml file: 

<!-- Define reference to the user database for looking up roles -->
  <resource-env-ref>
    <description>
      Link to the UserDatabase instance from which we request lists of
      defined role names.  Typically, this will be connected to the global
      user database with a ResourceLink element in server.xml or the context
      configuration file for the web application.
    </description>
    <resource-env-ref-name>users</resource-env-ref-name>
    <resource-env-ref-type>
      org.apache.catalina.UserDatabase
    </resource-env-ref-type>
  </resource-env-ref>

  <!-- Define a Security Constraint on this Application -->
  <security-constraint>
    <web-resource-collection>
      <web-resource-name>APPLICATIONNAME</web-resource-name>
      <url-pattern>/*</url-pattern>
    </web-resource-collection>
    <auth-constraint>
       <role-name>YOURROLENAME</role-name>
    </auth-constraint>
  </security-constraint>

<!-- Define the Login Configuration for this Application -->
  <login-config>
    <auth-method>BASIC</auth-method>
    <realm-name>YOURREALMNAME</realm-name>
  </login-config>

  <!-- Security roles referenced by this web application -->
  <security-role>
    <description>
      The role that is required to log in to the Application
    </description>
    <role-name>YOURROLENAME</role-name>
  </security-role>

Now add the role and users to your <tomcat-dir>/conf/tomcat-users.xml: 

<tomcat-users>
...
  <role rolename="YOURROLENAME"/>
  <user username="YOURUSER" password="YOURPASSWORD" roles="YOURROLENAME"/>
</tomcat-users>

This is mostly taken from the tomcat's manager application. You may also have a look at the corresponding files in your tomacat direcotry and the Apache Tomcat Documentation.

3. Development

If you develop with deegree and tomcat you may like to read: TomcatRemoteDebugging

2018-04-20 12:03