Welcome to my Tomcat tutorials website!

mercoledì 30 aprile 2014

Tomcat session timeout

Tomcat session timeout is defined into the CATALINA_HOME/conf/web.xml file by the following directive:
<web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee"
    xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">

You can however override the default session timeout by setting in your application's WEB-INF/web.xml file the session timeout as well.

The number in session-timeout tag is in minutes. To make it unlimited or no time out, simply set the number to -1 and restart your Tomcat Service.
<web-app version="2.5" xmlns="http://java.sun.com/xml/ns/javaee"
    xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">


Tomcat configuration files

A Tomcat distribution contains the following configuration files which are necessary for proper administration of the Web server. Let's see in detail each file:

  • catalina.policy : This file contains the security policy permissions for Tomcat 7. It enforces the security policy permissions by JVM on the web application.
  • catalina.properties : This file describes the shared definition of the server, shared loader, and JARs, which need to be scanned at the time of the server startup.
  • server.xml : This is the main configuration file for Tomcat and it mainly contains the Connector port configuration. It holds critical information, such as the IP address, port, virtual host, context path, and so on.
  • tomcat-users.xml : This file is used for authentication, authorization, and role-based definitions. It is used to implement a database of users/passwords/roles for authentication and container-managed security. To add/remove users or assign/unassign roles to existing users, edit this file.
  • logging.properties : As the name suggests, it defines the logging properties of the Tomcat instances (such as startup logs).
  • web.xml : This file contains the default values for all web applications loaded into this instance of Tomcat, at the time of startup of the Tomcat instance. If a web application has its own deployment descriptor, its content will always override the configuration settings specified in this default descriptor.
  • context.xml : The contents of this file will load with every application. Configuration of parameters such as session persistence, Comet connection tracking, and so on, are done here.

Yum install tomcat on Linux

This tutorial shows how to perform a Tomcat 7 installation using the yum installation utility.
The pre-requisite for installing Tomcat is that you have a JDK on your machine, if you haven't got one, you can install it by executing as root user:
[root@localhost ~]#  yum install java
Next you can start installing Tomcat. There are at least two ways for installing it:

Installation option 1:

Move to http://tomcat.apache.org/ and download the latest stable release of Tomcat. Once done, unzip it to a folder where you have writing permissions:
[tomcat@localhost ~] $ unzip apache-tomcat-7.0.53.zip

Once installed, you can start Tomcat by executing from the TOMCAT_HOME/bin folder:
[tomcat@localhost ~] $ startup.sh

Installation option 2:

You can use the yum utility for installing Tomcat. At the time of writing, just Tomcat 6 is available on the yum repository. You can install it by running:
[root@localhost ~]# yum install tomcat6 tomcat6-webapps tomcat6-admin-webapps

The tomcat6-webapps is not mandatory as it contains some sample applications. The tomcat6-admin-webapps should be installed as it contains the administration application which is deployed as a web application. 
Once installed, you can include it as a service which starts at boot and start it:

[root@localhost ~]#  chkconfig tomcat6 on
[root@localhost ~]#  service tomcat6 start

Checking that Tomcat is running

The simplest way to check that Tomcat is running is by surfing to the address http://localhost:8080 which should show the welcome page:
If you are going to check it by shell, you can use the following methods to check that Tomcat is running:
[tomcat@localhost ~] service tomcat6 status
tomcat6 (pid 4470) is running...                           [  OK  ]

[tomcat@localhost ~] netstat -nlp | grep 8080
tcp        0      0 :::8080                     :::*                        LISTEN      4470/java           

[tomcat@localhost ~] ps -ef | grep tomcat
tomcat   1937     1  1 11:04 ?        00:00:08 /usr/lib/jvm/jre/bin/java
                                                       . . . . . . .

Where has yum installed Tomcat ?

If you have used yum to install Tomcat, the following defaults have been user for Tomcat installation:
Tomcat Service Config: /etc/tomcat6 (main config directory)
Release Notes        : /usr/share/doc/tomcat*
Bin Directory        : /usr/share/tomcat6
Webapps              : /var/lib/tomcat6/webapps
Logs                 : /var/log/tomcat6 

venerdì 25 aprile 2014

Tomcat Access logs

Access logs are customized logs, which record all requests processed by the server giving information about:

  • The user that has accessed the application
  • What components of the application are accessed
  • Remote IP and so on

These logs play a vital role in traffic analysis of many applications to analyze the bandwidth requirement and they also help in troubleshooting the application under a heavy load. These logs are configured in  server.xml in  TOMCAT_HOME/conf .
You can configure access logs according to the environment and your auditing requirements. Let's see the pattern format of the access logs and understand how we can customize the logging format:

And now some explanation about the parameters contained in the AccessLogValve:

  • Class Name: This parameter defines the class name used for the generation of logs. By default, Apache Tomcat 7 uses the  org.apache.catalina.valves.AccessLogValve class for the access logs.
  • Directory: This parameter defines the directory location for the log file. All the log files are generated in the log directory— TOMCAT_HOME/logs —but we can customize the log location based on our environment setup and then update the directory path in the definition of the access logs.
  • Prefix: This parameter defines the prefix of the access log filename, that is, by default, the access log files are generated by the name  localhost_access_log.yy-mm-dd.txt .
  • Suffix: This parameter defines the file extension of the log file. Currently it is in  .txt format.
  • Pattern: This parameter defines the format of the log file. The pattern is a combination of values defined by the administrator, for example,  %h = remote host address. 

How to change Tomcat port

By default, Tomcat runs on port 8080 using the HTTP protocol. As this port is well known by developers, it is easier for hackers to hit the port and trap the server. So it's always recommended to change the connector port and also the AJP port, which runs on 8009, to secure Tomcat.
Connectors are configured in server.xml in the conf directory of your Tomcat installation.

Before changing Tomcat port, you should verify that the port is not being used by other services. You can check the following operating system configuration files in order to avoid port conflict between the two services.

Linux: /etc/services
Windows: C:\Windows\System32\drivers\etc\services

domenica 13 aprile 2014

Tomcat users configuration

Configuring Tomcat users is required in order to be able to use Tomcat Manager application. The main configuration file for tomcat users is tomcat-users.xml that resides in the conf folder of Tomcat 7. In this file, user roles and their authentication are configured.
Here is for example how to configure it to add one user named tomcat that has all roles required to manage the manager GUI application and the Manager script shell:


tomcat connectiontimeout configuration

Apache tomcat contains a connectionTimeout parameter which defines the amount of time Tomcat will wait for three things:

  • The total amount of time it takes to receive an HTTP GET request.
  • The total amount of time between receipt of TCP packets on a POST or PUT request.
  • The total amount of time between ACKs on transmissions of TCP packets in responses.

Changing the connectionTimeout

In some cases it might be necessary to increase it especially if the response takes too much to be completed on the server, leaving the connection without a response. To increase the connection timeout on tomcat server follow the following steps :

1. Open the file server.xml residing in TOMCAT_HOME/conf/.
2. Set the variable connectionTimeout in it to Value in Milliseconds.(i.e 1000 milliseconds = 1 second)

For example :

If connectionTimeout is not defined, the default value is 60000 (i.e. 60 seconds); however the standard server.xml that ships with Tomcat sets this to 20000 (i.e. 20 seconds).
You can use a value of -1 to indicate no (i.e. infinite) timeout.

Do not set this value to extreme values to avoid hanging your server threads for too much. On the other hand setting it to a value too low, might cause rejecting some of your requests,

Tomcat Maven plugin tutorial

This tutorial will show you how you can create a Web application with Maven and deploy it using Maven plugin for Tomcat in a matter of minutes. The prerequisite is that you have installed in your machine:
  • Apache Maven 2.X or 3.X 
  • Apache Tomcat 7.X  
  • JDK 1.6 or higher 
We will show how to create the project from Eclipse IDE. From Eclipse File menu choose to create a New | Maven Project:

In the next screen make sure that the option Create a Simple project (Skip archetype selection) is unchecked and select a Workspace for your project:

Click Next. In the following screen choose an archetype for your project. There are plenty of available Maven archetype that are suitable for a Web application to be executed on Tomcat. We would suggest to use the maven-archetype-webapp that will create a startup skeleton for your Web projects:

Finally in the last screen choose a GroupId for your project. Choose an ArtifactId that will match to the Eclipse project name. Select a Version and a Package for your project:

Click finish. Now a basic project will be included in your Eclipse Package explorer:

Configuring Tomcat Maven plugin

In order to be able to deploy/undeploy your project using Maven, we will add Tomcat Maven plugin to our pom.xml:


As you can see, Maven tomcat plugin is based on Maven tomcat7-maven-plugin. If you are using tomcat6 there is a corresponding tomcat6-maven-plugin. Within the plugin configuration we have included some configuration details to reach Tomcat Manager application. The most important part is the Manager URL which needs to be set to: http://localhost:8080/manager/text
Next, mind to include the username and password as contained in the tomcat-users.xml file:


That's all. In order to build and deploy your application on tomcat 7 using Maven shell, just issue:
mvn tomcat7:deploy 
As you can see from Tomcat 7 console, the application is now deployed: