Home
[WAS] - Tomcat, Glassfish
Wednesday, August 26, 2020
How to installing Hudson on GlassFish server?
We can deploy Hudson on GlassFish, TomCat or JBoss server. This article, I only show install on GlassFish server run on Window.
Prepares:
1. GlassFish. download glassfish
2. Hudson. download hudson
I. GlassFish server
Ref:
1. http://teckchillies.com/install-remove-java-glassfish-as-a-windows-service/
2. https://javaee.github.io/glassfish/doc/5.0/quick-start-guide.pdf
1. Extract glassfish-x.x.zip
2. Go to \glassfish5\bin and open terminal.
start domain
#asadmin start-domain
#asadmin stop-domain
start/stop database
#asadmin start-database
#adadmin stop-database
4. Open web browsers
5. Access to URL to open Glassfish console.
URL localhost:4848
Make GlasshFish as window service
#create windows service
asadmin create-service --name domain1
#Change service display name
sc config domain1 DisplayName= "GlassFish 4"
II. TOMCAT server
1. Config access tomcat home page from local network
Open apache-tomcat-8.5.61/conf/server.xml and add 'address' attribute as below:
<Connector port="8080" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" address="0.0.0.0" />
Note: Remember to check firewall on server and client.
2. Config Tomat as service in Centos
Ref:
Step 1: Install OpenJDK
$ sudo yum install java-1.8.0-openjdk
$ ll /usr/lib/jvm/jre (check jre)
Step 2: Create tomcat user
$ groupadd tomcat
$ groupadd tomcat
$ useradd -M -s /bin/nologin -g tomcat -d /opt/tomcat tomcat
Step 3: Install Tomcat
- Download tomcat.tar.gz for linux. (http://tomcat.apache.org/download-80.cgi)
- Upload to /tmp
- Unzip tomcat:
$mkdir /opt/tomcat
$tar xvf apache-tomcat-8*.tar.gz -C /opt/tomcat --strip-components=1
Step 4: Update permission for /opt/tomcat
$cd /opt/tomat
$chgrp -R tomcat /opt/tomcat
$chmod -R g+r conf
$chmod g+x conf
$ chown -R tomcat webapps/ work/ temp/ logs/
Step 5: Make Systemd Unit File
#!/bin/bash # chkconfig: 345 80 20 [Unit] Description=Apache Tomcat Web Application Container After=syslog.target network.target [Service] Type=forking Environment=JAVA_HOME=/usr/lib/jvm/jre Environment=CATALINA_PID=/opt/tomcat/temp/tomcat.pid Environment=CATALINA_HOME=/opt/tomcat Environment=CATALINA_BASE=/opt/tomcat Environment='CATALINA_OPTS=-Xms512M -Xmx1024M -server -XX:+UseParallelGC' Environment='JAVA_OPTS=-Djava.awt.headless=true -Djava.security.egd=file:/dev/./urandom' ExecStart=/opt/tomcat/bin/startup.sh ExecStop=/bin/kill -15 $MAINPID User=tomcat Group=tomcat UMask=0007 RestartSec=10 Restart=always [Install] WantedBy=multi-user.target
$ systemctl daemon-reload
$ systemctl status tomcat
$systemctl enable tomcat
Step 6: Open browser and try to access: localhost:8080
3. Config Tomat as service in Centos
Step 1: Config tomat user
$ vi /opt/tomcat/conf/tomcat-users.xml
<tomcat-users>
<role rolename="manager-gui"/>
<role rolename="manager-script"/>
<role rolename="manager-jmx"/>
<role rolename="manager-status"/>
<user username="admin" password="your password" roles="manager-gui,manager-script,manager-jmx,manager-status"/>
</tomcat-users>Step 2: Config Manager App, Host Manager App
$vi /opt/tomcat/webapps/manager/META-INF/context.xml
$vi /opt/tomcat/webapps/host-manager/META-INF/context.xml
Change as below:
- Comment to allow all public IP can access tomcat interface
OR
- Enter allow="your ip"
<Context antiResourceLocking="false" privileged="true" >
<!--<Valve className="org.apache.catalina.valves.RemoteAddrValve"
allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" />-->
</Context>Step 3: Restart Tomcat
$ systemctl restart tomcat
How to Enable SSL tomcat?
$ keytool -genkey -keyalg RSA -noprompt -alias tomcat -dname "CN=localhost, OU=NA, O=NA, L=NA, S=NA, C=NA" -keystore keystore.jks -validity 9999 -storepass changeme -keypass changeme
Config in conf/server.xml, find <Connector port=8443>
certificateKeyAlias="tomcat"
certificateKeystoreFile="/path/to/my/keystore.jks"
certificateKeystorePassword="changeme"How to redirect HTTP to HTTPS
Edit server.xml
Edit web.xml
====
<security-constraint>
<web-resource-collection>
<web-resource-name>vcare-service</web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
====================================================================
How to restrict access, Tomcat Manager
#1: Server status : webapps/manager
#2: Manager App : webapps/manager
#3: Host Manager: /webapps/host-manager
If you want to restrict ip access for each apps:
$ vi /host-manager/META-INFO/context.xml
<Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="x.x.x.x,y.y.y.y,z.z.z.*" />
Allow localhost to access via default port while other addresses are accessible via 1234:
<Valve className="org.apache.catalina.valves.RemoteAddrValve"
addConnectorPort="true"
allow="127\.\d+\.\d+\.\d+;\d*|::1;\d*|0:0:0:0:0:0:0:1;\d*|.*;1234"/>
is updating...
Bài liên quan
Comments[ 0 ]
Post a Comment