Add a reverse proxy, to add a layer of security, allow fine control over your site's URL, and provide a layer for additional network modules.
Most sites choose to configure their VIVO system with an Apache HTTPD web server to accept requests and then proxy them to the VIVO Tomcat context. This will make Vitro available at
. It will also allow the use of external authentication.
Setup HTTPD to send all of the requests that it receives to Tomcat's AJP connector. This can be done in HTTPD 2.x with a simple directive in httpd.conf:
ProxyPass / ajp://localhost:8009/
There are at least 2 ways to do this, along with a 3rd method that hasn't been documented yet.
In the tomcat webapps directory, create a symbolic link called ROOT to vivo. This will redirect all requests to root to the vivo application.
cd /usr/local/tomcat/webapps rm -rf ROOT ln -s vivo ROOT ls -latr vivosolr vivo ROOT -> vivo
Modify the <Host> in Tomcat server.xml (located in
[tomcat root]/conf/) so that the context path is empty to allow VIVO to be served from the root path. Locate the
<Host name="localhost"...> directive and update as follows:
<Host name="localhost" appBase="webapps" DeployOnStartup="false" unpackWARs="true" autoDeploy="false" xmlValidation="false" xmlNamespaceAware="false"> <Alias>example.com</Alias> <Context path="" docBase="/usr/local/tomcat/webapps/vitro" reloadable="true" cookies="true" > <Manager pathname="" /> </Context> ...
After setting up the above, it is recommended that you modify the Tomcat AJP connector parameters in server.xml. Look for the <connector> directive and add the following properties:
connectionTimeout="20000" maxThreads="320" keepAliveTimeout="20000"
Note: the value for maxThreads (320) is equal or greater than the value for MaxClients in the apache's
3. in the tomcat/conf directory - create a ROOT.xml with the context element as stated above. This was suggested, but somebody needs to verify and complete this document.