13.7 Configuring the Embedded Tomcat Servlet Container

[Note]Note
Virgo Nano uses the default Gemini Web configuration. The details described below may still apply.

Virgo embeds an OSGi-enhanced version of the Tomcat Servlet Container in order to provide support for deploying Java EE WARs and OSGi Web Application Bundles. You configure the embedded Servlet container using the standard Apache Tomcat configuration. The main difference is that the configuration file is called tomcat-server.xml rather than server.xml. As with the other Virgo configuration files, the tomcat-server.xml file is located in the $SERVER_HOME/configuration directory. Another difference is that not all standard Apache Tomcat configuration is supported in Virgo Server for Apache Tomcat: the restrictions are described in the remainder of this section.

Here's an extract of the default configuration distributed with the VTS.

<?xml version='1.0' encoding='utf-8'?>
<Server port="8005" shutdown="SHUTDOWN">

	<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
	<Listener className="org.apache.catalina.core.JasperListener" />
	<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />

	<Listener className="org.eclipse.virgo.web.tomcat.ServerLifecycleLoggingListener"/>

	<Service name="Catalina">
		<Connector port="8080" protocol="HTTP/1.1"
			connectionTimeout="20000"
			redirectPort="8443" />

		<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true"
			maxThreads="150" scheme="https" secure="true"
			clientAuth="false" sslProtocol="TLS"
			keystoreFile="configuration/keystore"
			keystorePass="changeit"/>

		<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />

		<Engine name="Catalina" defaultHost="localhost">
			<Realm className="org.apache.catalina.realm.JAASRealm" appName="virgo-kernel"
					userClassNames="org.eclipse.virgo.kernel.authentication.User"
					roleClassNames="org.eclipse.virgo.kernel.authentication.Role"/>

			<Host name="localhost"  appBase="webapps"
					unpackWARs="false" autoDeploy="false"
					deployOnStartup="false" createDirs="false">

				<Valve className="org.apache.catalina.valves.AccessLogValve" directory="serviceability/logs/access"
					prefix="localhost_access_log." suffix=".txt" pattern="common" resolveHosts="false"/>

				<Valve className="org.eclipse.virgo.web.tomcat.ApplicationNameTrackingValve"/>
			</Host>
		</Engine>
	</Service>
</Server>

Description of the Default Apache Tomcat Configuration

The following bullets describe the main elements and attributes in the default tomcat-server.xml file; for details about updating this file to further configure the embedded Apache Tomcat server, see the Apache Tomcat Configuration Reference.

[Tip]Relative paths

If the configured path to a directory or file does not represent an absolute path, Virgo typically interprets it as a path relative to the $SERVER_HOME directory.

  • The root element of the tomcat-server.xml file is <Server>. The attributes of this element represent the characteristics of the entire embedded Tomcat servlet container. The shutdown attribute specifies the command string that the shutdown port number receives via a TCP/IP connection in order to shut down the servlet container. The port attribute specifies the TCP/IP port number that listens for a shutdown message.

  • The <Listener> XML elements specify the list of lifecycle listeners that monitor and manage the embedded Tomcat servlet container. Each listener class is a Java Management Extensions (JMX) MBean that listens to a specific component of the servlet container and has been programmed to do something at certain lifecycle events of the component, such as before starting up, after stopping, and so on.

    The first four <Listener> elements configure standard Tomcat lifecycle listeners. The listener implemented by the org.eclipse.virgo.web.tomcat.ServerLifecycleLoggingListener class is specific to Virgo Server for Apache Tomcat and manages server lifecycle logging.

  • The <Service> XML element groups together one or more connectors and a single engine. Connectors define a transport mechanism, such as HTTP, that clients use to to send and receive messages to and from the associated service. There are many transports that a client can use, which is why a <Service> element can have many <Connector> elements. The engine then defines how these requests and responses that the connector receives and sends are in turn handled by the servlet container; you can define only a single <Engine> element for any given <Service> element.

    The sample tomcat-server.xml file above includes three <Connector> elements: one for the HTTP transport, one for the HTTPS transport, and one for the AJP transport. The file also includes a single <Engine> element, as required.

  • The first connector listens for HTTP requests at the 8080 TCP/IP port. The connector, after accepting a connection from a client, waits for a maximum of 20000 milliseconds for a request URI; if it does not receive one from the client by then, the connector times out. If this connector receives a request from the client that requires the SSL transport, the servlet container automatically redirects the request to port 8443.

  • The second connector is for HTTPS requests. The TCP/IP port that users specify as the secure connection port is 8443. Be sure that you set the value of the redirectPort attribute of your non-SSL connectors to this value to ensure that users that require a secure connection are redirected to the secure port, even if they initially start at the non-secure port. The SSLEnabled attribute specifies that SSL is enabled for this connector. The secure attribute ensures that a call to request.isSecure() from the connecting client always returns true. The scheme attribute ensures that a call to request.getScheme() from the connecting client always returns https when clients use this connector.

    The maxThreads attribute specifies that the servlet container creates a maximum of 150 request processing threads, which determines the maximum number of simultaneous requests that can be handled. The clientAuth attribute specifies that the servlet container does not require a certificate chain unless the client requests a resource protected by a security constraint that uses CLIENT-CERT authentication.

    The keystoreFile attribute specifies the name of the file that contains the servlet container’s private key and public certificate used in the SSL handshake, encryption, and decryption. You use an alias and password to access this information. In the example, this file is $SERVER_HOME/configuration/keystore. The keystorePass attributes specify the password used to access the keystore.

  • The third AJP Connector element represents a Connector component that communicates with a web connector via the AJP protocol.

  • The engine has a logical name of Catalina; this is the name used in all log and error messages so you can easily identify problems. The value of the defaultHost attribute refers to the name of a <Host> child element of <Engine>; this host processes requests directed to host names on this servlet container.

  • The <Realm> child element of <Engine> represents a database of users, passwords, and mapped roles used for authentication in this service. Virgo Web Server uses an implementation of the Tomcat 6 Realm interface that authenticates users through the Java Authentication and Authorization Service (JAAS) framework which is provided as part of the standard J2SE API.

    With the JAASRealm, you can combine practically any conceivable security realm with Tomcat's container managed authentication. For details, see Realm Configuration.

  • The <Host> child element represents a virtual host, which is an association of a network name for a server (such as www.mycompany.com) with the particular server on which Catalina is running. The servlet container unpacks Web applications into a directory hierarchy if they are deployed as WAR files.

    Note that multiple <Host> elements are not supported in Virgo Server for Apache Tomcat.

  • Finally, the org.apache.catalina.valves.AccessLogValve valve creates log files in the same format as those created by standard web servers. The servlet container creates the log files in the $SERVER_HOME/serviceability/logs/access directory. The log files are prefixed with the string localhost_access_log., have a suffix of .txt, use a standard format for identifying what should be logged, and do not include DNS lookups of the IP address of the remote host.

Connector Configuration

The Virgo Server for Apache Tomcat supports the configuration of any connector supported by Apache Tomcat. See the default configuration above for syntax examples, and for further details of the configuration properties supported for various <Connector> implementations, consult the official Tomcat HTTP Connector documentation.

[Tip]Configuring SSL for Tomcat

The Virgo Server for Apache Tomcat distribution includes a preconfigured $SERVER_HOME/configuration/keystore file that contains a single self-signed SSL Certificate. The password for this keystore file is changeit. This keystore file is intended for testing purposes only. For detailed instructions on how to configure Tomcat’s SSL support, consult the official Tomcat SSL Configuration HOW-TO.

Cluster Configuration

Virgo Server for Apache Tomcat supports standard Apache Tomcat cluster configuration. By default, clustering of the embedded servlet container is disabled, and the default configuration does not include any clustering information. See Tomcat Clustering/Session Replication HOW-TO for detailed information about enabling and configuring clustering.

Default web.xml Configuration

Java Servlet specification enables web applications to provide deployment descriptor (web.xml) in the WEB-INF directory. Apache Tomcat introduces a default web.xml which is similar to web application's web.xml, but provides configurations that are applied to all web applications. When deploying a web application, Apache Tomcat uses the default web.xml file as a base configuration. If the web application provides its own configurations via web.xml (the one located in the web application's WEB-INF) or annotations, they overwrite the default ones. In Virgo Server for Apache Tomcat you can also provide default configurations for all web applications. If you want to change/extend the default configurations, you can provide the default web.xml file located in the VTS_HOME/configuration directory.

[Tip]Tip
Be careful when changing/extending the default web.xml as this will affect all web applications.

Here's an extract of the default configuration distributed with the VTS.

<?xml version="1.0" encoding="ISO-8859-1"?>
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
    version="3.0">

    <servlet>
        <servlet-name>default</servlet-name>
        <servlet-class>org.apache.catalina.servlets.DefaultServlet</servlet-class>
        <init-param>
            <param-name>debug</param-name>
            <param-value>0</param-value>
        </init-param>
        <init-param>
            <param-name>listings</param-name>
            <param-value>false</param-value>
        </init-param>
        <load-on-startup>1</load-on-startup>
    </servlet>

    <servlet>
        <servlet-name>jsp</servlet-name>
        <servlet-class>org.apache.jasper.servlet.JspServlet</servlet-class>
        <init-param>
            <param-name>fork</param-name>
            <param-value>false</param-value>
        </init-param>
        <init-param>
            <param-name>xpoweredBy</param-name>
            <param-value>false</param-value>
        </init-param>
        <load-on-startup>3</load-on-startup>
    </servlet>

    <servlet-mapping>
        <servlet-name>default</servlet-name>
        <url-pattern>/</url-pattern>
    </servlet-mapping>

    <servlet-mapping>
        <servlet-name>jsp</servlet-name>
        <url-pattern>*.jsp</url-pattern>
    </servlet-mapping>

    <servlet-mapping>
        <servlet-name>jsp</servlet-name>
        <url-pattern>*.jspx</url-pattern>
    </servlet-mapping>

    <session-config>
        <session-timeout>30</session-timeout>
    </session-config>

    <mime-mapping>
        <extension>abs</extension>
        <mime-type>audio/x-mpeg</mime-type>
    </mime-mapping>
    ......
    <mime-mapping>
        <extension>ppt</extension>
        <mime-type>application/vnd.ms-powerpoint</mime-type>
    </mime-mapping>

    <welcome-file-list>
        <welcome-file>index.html</welcome-file>
        <welcome-file>index.htm</welcome-file>
        <welcome-file>index.jsp</welcome-file>
    </welcome-file-list>

</web-app>

The following bullets describe the main elements in the default web.xml file.

  • The <Servlet> XML element declares a given servlet and its configurations. The sample web.xml file above includes two <Servlet> elements.

    • The default servlet serves static resources and processes the requests that are not mapped to any servlet. For details about default servlet configuration, see the Apache Tomcat Default Servlet Reference..

    • The jsp servlet serves the requests to JavaServer Pages. It is mapped to the URL pattern "*.jsp" and "*.jspx". For details about jsp servlet configuration, see the Apache Tomcat Jasper 2 JSP Engine..

  • The <servlet-mapping> XML element specifies the mapping between the servlet and URL pattern.

  • The <session-config> XML element defines the session configuration for one web application. The sample web.xml file above specifies that the session timeout for all web applications will be 30 minutes by default.

  • The <mime-mapping> XML element defines a mapping between a filename extension and a mime type. When serving static resources, a "Content-Type" header will be generated based on these mappings.

  • The <welcome-file-list> XML element specifies a list of welcome files. When a request URI refers to a directory, the default servlet looks for a "welcome file" within that directory. If the "welcome file" exists it will be served, otherwise 404 status or directory listing will be returned, depending on the default servlet configuration.

Context Configuration

Virgo Server for Apache Tomcat supports standard Apache Tomcat web application context configuration. The Apache Tomcat Configuration Reference has a section on The Context Container which describes the mechanism that is used in VTS for searching context configuration files and details the context configuration properties.

Context configuration files may be placed in the following locations, where [enginename] is the name of Tomcat's engine ('Catalina' by default) and [hostname] names a virtual host ('localhost' by default), both of which are configured in tomcat-server.xml:

  • $SERVER_HOME/configuration/context.xml provides the default context configuration file for all web applications.

  • The $SERVER_HOME/configuration/[enginename]/[hostname] directory may contain:

    • The default context configuration for all web applications of a given virtual host in the file context.xml.default.

    • Individual web applications' context configuration files as described in the Apache Tomcat Configuration Reference. For example, the context for a web application with context path foo may be configured in foo.xml.

Note that the following context configuration features are not supported in Virgo Server for Apache Tomcat:

  • Custom class loaders.

  • Specifying the context path. This is specified using the Web-ContextPath header in the web application's MANIFEST.MF file.

  • Specifying the document base directory.

JSP Compilation

By default Apache Tomcat compiles JSP files in web applications agains Java 1.6. In order to enable JSP compilation against Java 1.7 for your web application, additional init parameters (compilerSourceVM and compilerTargetVM) should be added for the org.apache.jasper.servlet.JspServlet configuration. For details about org.apache.jasper.servlet.JspServlet configuration, see the Apache Tomcat Jasper 2 JSP Engine. org.apache.jasper.servlet.JspServlet configuration can be provided with the web application's web.xml.

<?xml version="1.0" encoding="ISO-8859-1"?>
<servlet>
    <servlet-name>jsp</servlet-name>
    <servlet-class>org.apache.jasper.servlet.JspServlet</servlet-class>
    <init-param>
        <param-name>compilerSourceVM</param-name>
        <param-value>1.7</param-value>
    </init-param>
    <init-param>
        <param-name>compilerTargetVM</param-name>
        <param-value>1.7</param-value>
    </init-param>
    <init-param>
        <param-name>fork</param-name>
        <param-value>false</param-value>
    </init-param>
    <init-param>
        <param-name>xpoweredBy</param-name>
        <param-value>false</param-value>
    </init-param>
    <load-on-startup>3</load-on-startup>
</servlet>
<servlet-mapping>
    <servlet-name>jsp</servlet-name>
        <url-pattern>*.jsp</url-pattern>
        <url-pattern>*.jspx</url-pattern>
    </servlet-mapping>