SiNotes-Grid
Thursday, May 18, 2006
Use mod_proxy to connect Apache 2.0 and Tomcat
Refererced instructions :
http://tomcat.apache.org/tomcat-4.1-doc/proxy-howto.html
1. Make sure you have already configured apache with "--enable-proxy --enable-proxy-http" parameters.
2. If you have done step1, apache 2.0.58 will automatically load mod_proxy for you when startup.(if not, load mod_proxy in your httpd.conf)
3. In the "Location" directory of httpd.conf, which you want to be forwarded to tomcat, add two lines:
ProxyPass http://ktang.oerc.ox.ac.uk:8081/shibboleth2/sample.jsp
ProxyPassReverse http://ktang.oerc.ox.ac.uk:8081/shibboleth2/sample.jsp
*N.B.* use "http" or "https" aproprately. In my case, tomcat and apache reside on same machine, so I chosed to let tomcat listen on port 8081 without enabling ssl.
4.In the server.xml of your tomcat, add a http connector. You don't have to remove your existing AJP13 connector if you do have one.They can function simutinously, each of which serves some of your web applications. Just put your new connector under the same "service " directory with your AJP connector":
<Connector port="8081" className="org.apache.catalina.connector.http.HttpConnector"
maxHttpHeaderSize="81920" maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" redirectPort="443" acceptCount="100"
connectionTimeout="20000" disableUploadTimeout="true"
proxyName="ktang.oerc.ox.ac.uk"
proxyPort="8080"/>
*N.B* There's an attribute used to limit the max header size, default is also around 8K!!(just like AJP13). The only reason I changed to mod_proxy from AJP13 is to forward bigger HTTP header size(packet), therefore change this value if you need.
4. Make sure to use filer/firewall/whatever to restrict the access to your tomcat server:8081 port for security considerations.
http://tomcat.apache.org/tomcat-4.1-doc/proxy-howto.html
1. Make sure you have already configured apache with "--enable-proxy --enable-proxy-http" parameters.
2. If you have done step1, apache 2.0.58 will automatically load mod_proxy for you when startup.(if not, load mod_proxy in your httpd.conf)
3. In the "Location" directory of httpd.conf, which you want to be forwarded to tomcat, add two lines:
ProxyPass http://ktang.oerc.ox.ac.uk:8081/shibboleth2/sample.jsp
ProxyPassReverse http://ktang.oerc.ox.ac.uk:8081/shibboleth2/sample.jsp
*N.B.* use "http" or "https" aproprately. In my case, tomcat and apache reside on same machine, so I chosed to let tomcat listen on port 8081 without enabling ssl.
4.In the server.xml of your tomcat, add a http connector. You don't have to remove your existing AJP13 connector if you do have one.They can function simutinously, each of which serves some of your web applications. Just put your new connector under the same "service " directory with your AJP connector":
<Connector port="8081" className="org.apache.catalina.connector.http.HttpConnector"
maxHttpHeaderSize="81920" maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" redirectPort="443" acceptCount="100"
connectionTimeout="20000" disableUploadTimeout="true"
proxyName="ktang.oerc.ox.ac.uk"
proxyPort="8080"/>
*N.B* There's an attribute used to limit the max header size, default is also around 8K!!(just like AJP13). The only reason I changed to mod_proxy from AJP13 is to forward bigger HTTP header size(packet), therefore change this value if you need.
4. Make sure to use filer/firewall/whatever to restrict the access to your tomcat server:8081 port for security considerations.
posted by Synew # 3:32 AM 
Archives
