Digital Sanctum

software development, technology and other square topics

Archive for the ‘Tomcat’ Category

Restricting Access to Tomcat via IP Address or Hostname

without comments

To restrict access to a standalone Tomcat instance by IP address:

<Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="127.0.0.1"/>

The above will restrict access to the surrounding Engine, Host, or Context element in /conf/server.xml. You may also specify a comma separated list of ip addresses instead of a single address.

If you want to deny access to one or more IP addresses, you would do something like this:

<Valve className="org.apache.catalina.valves.RemoteAddrValve" deny="127.0.0.1"/>

To restrict by host name:

<Valve className="org.apache.catalina.valves.RemoteHostValve" allow="yahoo.com"/>

You use the same allow or deny attributes and the RemoteHostValve class instead of RemoteAddrValve.

Written by Shane

November 5th, 2008 at 6:05 pm

Posted in Tomcat

Tomcat and Log4J

with one comment

After battling with several different configurations when it comes to logging and Tomcat 5.5.x, I decided to put together this guide for a simplistic approach. This assumes that you would like to use Log4J for both Tomcat’s internal logging as well as your deployed web application’s logging needs.

For the impatient, here are the steps:

  1. Place a log4j.properties file which uses the RollingFileAppender in common/classes.
  2. Add your log4j.jar to the common/lib directory.
  3. Add commons-logging.jar (1.0.4 or later) and log4j.jar to your application’s WEB-INF/lib directory.
  4. Add a log4j.properties OR log4j.xml file to your application’s WEB-INF/classes directory.

Read the rest of this entry »

Written by Shane

January 19th, 2008 at 11:10 pm

Posted in Software Development, Tomcat

20 Tips for Using Tomcat in Production

with 14 comments

TomcatI’ve been working with Apache Tomcat for years and always seem to stumble upon new information related to the proper setup and configuration for a production environment. I’ve decided to put the instructions and tips I’ve collected together in one place.

So here are some helpful hints for running Tomcat in a production environment:

Read the rest of this entry »

Written by Shane

August 18th, 2007 at 10:54 pm

Posted in Software Development, Tomcat, Tutorials

3 Ways to Run a Servlet Container on Port 80 as Non-Root

with 3 comments

This is a very brief outline of how to run the Apache Tomcat servlet container on port 80 (the standard web server port) on a Linux operating system. The steps illustrated here are specific to Tomcat but similar steps can be implemented for other servlet containers.

The issue is that the linux kernel has a security precaution built in to the kernel to only allow the root user to bind to a port under 1024. Since it’s a bad idea to run a network server as root, most startup scripts bind to the initial listening socket, then drop down to a non-privileged user. Since Tomcat is written in Java, it does not have the ability to switch users like this.

Read the rest of this entry »

Written by Shane

February 17th, 2007 at 2:10 pm

Posted in Linux, Software Development, Tomcat, Tutorials