Versions Compared

Old Version 6

changes.mady.by.user Tim Donohue

Saved on

compared with

New Version 7

changes.mady.by.user Charlene Barina

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Typo in JkOptions

...

Check to see if the mod_jk connector is installed. Most likely (at least on Red Hat), it should be in /etc/httpd/modules/ . However, you can try to locate it using the following command:

Code Block

locate mod_jk

If there is no response, then mod_jk is not installed. Otherwise, if it is installed, you can obviously skip the next step!

...

(3) In addition, you must have the Apache Web Server development tools installed. A quick way to check for this is to check for the APache eXtenSion tool (apxs). It should probably be in /usr/sbin, if installed:

Code Block

which apxs

If apxs is missing, you can use the following command in Red Hat to install the httpd-devel RPM as root (Other distros may need to find and install this RPM through other means):

Code Block

up2date -i httpd-devel

(4) Download the latest mod_jk source from the Tomcat Download site http://jakarta.apache.org/site/downloads/downloads_tomcat.html.

(5) Unzip the contents into your home directory:

Code Block

gunzip -c jakarta-tomcat-connectors-1.2.14.1-src.tar.gz | tar -xvf -

(6) Configure the connectors with the path to the apxs file on your system:

Code Block

cd jakarta-tomcat-connectors-1.2.14.1-src
cd jk/native
./configure --with-apxs=/usr/sbin/apxs

(7) Build mod_jk with the following command:

Code Block

make

(8) Assuming all went well, the mod_jk.so file will be created in the apache-2.0 subdirectory. You need to copy this file to Apache's shared object files directory (e.g. /etc/httpd/modules/). From the same jk/native directory run the following:

Code Block

cp apache-2.0/mod_jk.so /etc/httpd/modules

(9) In addition, copy the sample workers.properties file to the Apache configuration directory (e.g. /etc/httpd/conf/). Assuming you are still in the jk/native directory, run the following commands:

Code Block

cd ../conf
cp workers.properties /etc/httpd/conf

...

Once the mod_jk connector has been installed, you will have to configure Apache to use this connector to communicate with Tomcat. First, modify the existing workers.properties file (should be in /etc/httpd/conf/ , or whereever you copied it to in Step 2 above):
You will need to modify the following Tomcat and Java home directories:

Code Block

workers.tomcat_home=tomcat
workers.java_home=java

In addition, you may need to uncomment (and possibly change) the JVM for Unix:

Code Block

# Unix - Sun VM or blackdown
worker.inprocess.jvm_lib=$(workers.java_home)$(ps)jre$(ps)lib$(ps)i386$(ps)server$(ps)libjvm.so

...

Next, you need to create a configuration file for the mod_jk module (alternatively, you could just add the following configuration directly into your Apache httpd.conf. I just like to separate things out a bit). In the /etc/httpd/conf.d/ directory (or whatever directory holds your external configuration files, which httpd.conf loads), create a file called jk.conf which has the following content (make sure to edit any paths so they are valid on your server!):

Code Block

#
# Use the JK Module to connect to Tomcat Instance
#
# Load mod_jk module
LoadModule    jk_module  modules/mod_jk.so

# Where to find workers.properties
JkWorkersFile /etc/httpd/conf/workers.properties

# Where to put jk logs
JkLogFile     /var/log/httpd/mod_jk.log

# Set the jk log level debug/error/info
JkLogLevel    info

# Select the log format
JkLogStampFormat "%a %b %d %H:%M:%S %Y "

# JkOptions indicate to send SSL KEY SIZE, 
#JkOptions     +ForwardKeySize +ForwardUICompatForwardURICompat -ForwardDirectories
# Found that these options were necessary with Apache 2.2:
JkOptions     +ForwardKeySize +ForwardUIEscapedForwardURIEscaped +ForwardDirectories

# JkRequestLogFormat set the request format 
JkRequestLogFormat     "%w %V %T"

# Send all requests for /dspace context to worker ajp13
# Note: ajp13 is defined in workers.properties and
# uses the AJP 1.3 Protocol
JkMount  /dspace/* ajp13

# ... and ditto if you want OAI
JkMount  /dspace-oai/* ajp13

#For extra security, deny direct access to any WEB-INF and META-INF directories
<LocationMatch "/WEB-INF/">
AllowOverride None
Deny from all
</LocationMatch>

<LocationMatch "/META-INF/">
AllowOverride None
Deny from all
</LocationMatch>

...

You can get a little tricky by doing something like:

Code Block

# Send all requests for root context / to worker ajp13
# Note: ajp13 is defined in workers.properties and
# uses the AJP 1.3 Protocol
JkMount  /* ajp13

# Use SetEnvIf to set "no-jk" when /cgi-bin/ is encountered.
# This is necessary so that /cgi-bin/ scripts
# are run in Apache (and not forwarded to Tomcat).
SetEnvIf Request_URI "/cgi-bin/*" no-jk

# Set "no-jk" for /anotherApp/ as well (so it is run from Apache)
SetEnvIf Request_URI "/anotherApp/*" no-jk

...

Next, you need to take a look at the Tomcat server.xml configuration file (in the /conf} subdirectory, whereever Tomcat is installed). Ensure that the following AJP 1.3 Connector is uncommented:

Code Block

<!-- Define an AJP 1.3 Connector on port 8009 -->
<Connector port="8009" UIEncoding="UTF-8" tomcatAuthentication="false"
enableLookups="false" redirectPort="8443" protocol="AJP/1.3" />

...