cfaba9a100
by the Apache Foundation's Jakarta Project. This package provides the Apache Tomcat connector.
322 lines
12 KiB
XML
322 lines
12 KiB
XML
<?xml version="1.0" encoding="ISO-8859-1"?>
|
|
|
|
<Server>
|
|
<!-- Debug low-level events in XmlMapper startup -->
|
|
<xmlmapper:debug level="0" />
|
|
|
|
<!--
|
|
|
|
Logging:
|
|
|
|
Logging in Tomcat is quite flexible; we can either have a log
|
|
file per module (example: ContextManager) or we can have one
|
|
for Servlets and one for Jasper, or we can just have one
|
|
tomcat.log for both Servlet and Jasper. Right now there are
|
|
three standard log streams, "tc_log", "servlet_log", and
|
|
"JASPER_LOG".
|
|
|
|
Path:
|
|
|
|
The file to which to output this log, relative to
|
|
TOMCAT_HOME. If you omit a "path" value, then stderr or
|
|
stdout will be used.
|
|
|
|
Verbosity:
|
|
|
|
Threshold for which types of messages are displayed in the
|
|
log. Levels are inclusive; that is, "WARNING" level displays
|
|
any log message marked as warning, error, or fatal. Default
|
|
level is WARNING.
|
|
|
|
verbosityLevel values can be:
|
|
FATAL
|
|
ERROR
|
|
WARNING
|
|
INFORMATION
|
|
DEBUG
|
|
|
|
Timestamps:
|
|
|
|
By default, logs print a timestamp in the form "yyyy-MM-dd
|
|
hh:mm:ss" in front of each message. To disable timestamps
|
|
completely, set 'timestamp="no"'. To use the raw
|
|
msec-since-epoch, which is more efficient, set
|
|
'timestampFormat="msec"'. If you want a custom format, you
|
|
can use 'timestampFormat="hh:mm:ss"' following the syntax of
|
|
java.text.SimpleDateFormat (see Javadoc API). For a
|
|
production environment, we recommend turning timestamps off,
|
|
or setting the format to "msec".
|
|
|
|
Custom Output:
|
|
|
|
"Custom" means "normal looking". "Non-custom" means
|
|
"surrounded with funny xml tags". In preparation for
|
|
possibly disposing of "custom" altogether, now the default is
|
|
'custom="yes"' (i.e. no tags)
|
|
|
|
Per-component Debugging:
|
|
|
|
Some components accept a "debug" attribute. This further
|
|
enhances log output. If you set the "debug" level for a
|
|
component, it may output extra debugging information.
|
|
-->
|
|
|
|
<!-- if you don't want messages on screen, add the attribute
|
|
path="logs/tomcat.log"
|
|
to the Logger element below
|
|
-->
|
|
<Logger name="tc_log"
|
|
verbosityLevel = "INFORMATION"
|
|
/>
|
|
|
|
<Logger name="servlet_log"
|
|
path="logs/servlet.log"
|
|
/>
|
|
|
|
<Logger name="JASPER_LOG"
|
|
path="logs/jasper.log"
|
|
verbosityLevel = "INFORMATION" />
|
|
|
|
<!-- You can add a "home" attribute to represent the "base" for
|
|
all relative paths. If none is set, the TOMCAT_HOME property
|
|
will be used, and if not set "." will be used.
|
|
webapps/, work/ and logs/ will be relative to this ( unless
|
|
set explicitely to absolute paths ).
|
|
|
|
You can also specify a "randomClass" attribute, which determines
|
|
a subclass of java.util.Random will be used for generating session IDs.
|
|
By default this is "java.security.SecureRandom".
|
|
Specifying "java.util.Random" will speed up Tomcat startup,
|
|
but it will cause sessions to be less secure.
|
|
|
|
You can specify the "showDebugInfo" attribute to control whether
|
|
debugging information is displayed in Tomcat's default responses.
|
|
This debugging information includes:
|
|
1. Stack traces for exceptions
|
|
2. Request URI's that cause status codes >= 400
|
|
The default is "true", so you must specify "false" to prevent
|
|
the debug information from appearing. Since the debugging
|
|
information reveals internal details about what Tomcat is serving,
|
|
set showDebugInfo="false" if you wish increased security.
|
|
-->
|
|
<ContextManager debug="0" workDir="work" showDebugInfo="true" >
|
|
<!-- ==================== Interceptors ==================== -->
|
|
|
|
<!--
|
|
ContextInterceptor className="org.apache.tomcat.context.LogEvents"
|
|
-->
|
|
|
|
<ContextInterceptor className="org.apache.tomcat.context.AutoSetup" />
|
|
|
|
<ContextInterceptor
|
|
className="org.apache.tomcat.context.WebXmlReader" />
|
|
|
|
<!-- Uncomment out if you have JDK1.2 and want to use policy
|
|
<ContextInterceptor
|
|
className="org.apache.tomcat.context.PolicyInterceptor" />
|
|
-->
|
|
|
|
<ContextInterceptor
|
|
className="org.apache.tomcat.context.LoaderInterceptor" />
|
|
<ContextInterceptor
|
|
className="org.apache.tomcat.context.DefaultCMSetter" />
|
|
<ContextInterceptor
|
|
className="org.apache.tomcat.context.WorkDirInterceptor" />
|
|
|
|
<!-- Request processing -->
|
|
<!-- Session interceptor will extract the session id from cookies and
|
|
deal with URL rewriting ( by fixing the URL ). If you wish to
|
|
suppress the use of cookies for session identifiers, change the
|
|
"noCookies" attribute to "true"
|
|
-->
|
|
<RequestInterceptor
|
|
className="org.apache.tomcat.request.SessionInterceptor"
|
|
noCookies="false" />
|
|
|
|
<!-- Find the container ( context and prefix/extension map )
|
|
for a request.
|
|
-->
|
|
<RequestInterceptor
|
|
className="org.apache.tomcat.request.SimpleMapper1"
|
|
debug="0" />
|
|
|
|
<!-- Non-standard invoker, for backward compat. ( /servlet/* )
|
|
You can modify the prefix that is matched by adjusting the
|
|
"prefix" parameter below. Be sure your modified pattern
|
|
starts and ends with a slash.
|
|
|
|
NOTE: This prefix applies to *all* web applications that
|
|
are running in this instance of Tomcat.
|
|
-->
|
|
<RequestInterceptor
|
|
className="org.apache.tomcat.request.InvokerInterceptor"
|
|
debug="0" prefix="/servlet/" />
|
|
|
|
<!-- "default" handler - static files and dirs. Set the
|
|
"suppress" property to "true" to suppress directory listings
|
|
when no welcome file is present.
|
|
|
|
NOTE: This setting applies to *all* web applications that
|
|
are running in this instance of Tomcat.
|
|
-->
|
|
<RequestInterceptor
|
|
className="org.apache.tomcat.request.StaticInterceptor"
|
|
debug="0" suppress="false" />
|
|
|
|
<!-- Plug a session manager. You can plug in more advanced session
|
|
modules.
|
|
-->
|
|
<RequestInterceptor
|
|
className="org.apache.tomcat.session.StandardSessionInterceptor" />
|
|
|
|
<!-- Check if the request requires an authenticated role.
|
|
-->
|
|
<RequestInterceptor
|
|
className="org.apache.tomcat.request.AccessInterceptor"
|
|
debug="0" />
|
|
|
|
<!-- Check permissions using the simple xml file. You can
|
|
plug more advanced authentication modules.
|
|
-->
|
|
<RequestInterceptor
|
|
className="org.apache.tomcat.request.SimpleRealm"
|
|
debug="0" />
|
|
|
|
<!-- UnComment the following and comment out the
|
|
above to get a JDBC realm.
|
|
Other options for driverName:
|
|
driverName="oracle.jdbc.driver.OracleDriver"
|
|
connectionURL="jdbc:oracle:thin:@ntserver:1521:ORCL"
|
|
connectionName="scott"
|
|
connectionPassword="tiger"
|
|
|
|
driverName="org.gjt.mm.mysql.Driver"
|
|
connectionURL="jdbc:mysql://localhost/authority"
|
|
connectionName="test"
|
|
connectionPassword="test"
|
|
|
|
"connectionName" and "connectionPassword" are optional.
|
|
-->
|
|
<!--
|
|
<RequestInterceptor
|
|
className="org.apache.tomcat.request.JDBCRealm"
|
|
debug="99"
|
|
driverName="sun.jdbc.odbc.JdbcOdbcDriver"
|
|
connectionURL="jdbc:odbc:TOMCAT"
|
|
userTable="users"
|
|
userNameCol="user_name"
|
|
userCredCol="user_pass"
|
|
userRoleTable="user_roles"
|
|
roleNameCol="role_name" />
|
|
-->
|
|
|
|
<!-- Loaded last since JSP's that load-on-startup use request handling -->
|
|
<ContextInterceptor
|
|
className="org.apache.tomcat.context.LoadOnStartupInterceptor" />
|
|
|
|
<!-- ==================== Connectors ==================== -->
|
|
|
|
<!-- Normal HTTP -->
|
|
<!--
|
|
<Connector className="org.apache.tomcat.service.PoolTcpConnector">
|
|
<Parameter name="handler"
|
|
value="org.apache.tomcat.service.http.HttpConnectionHandler"/>
|
|
<Parameter name="port"
|
|
value="8080"/>
|
|
</Connector>
|
|
-->
|
|
|
|
<!--
|
|
Uncomment this for SSL support.
|
|
You _need_ to set up a server certificate if you want this
|
|
to work, and you need JSSE.
|
|
1. Add JSSE jars to CLASSPATH
|
|
2. Edit java.home/jre/lib/security/java.security
|
|
Add:
|
|
security.provider.2=com.sun.net.ssl.internal.ssl.Provider
|
|
3. Do: keytool -genkey -alias tomcat -keyalg RSA
|
|
RSA is essential to work with Netscape and IIS.
|
|
Use "changeit" as password. ( or add keypass attribute )
|
|
You don't need to sign the certificate.
|
|
|
|
You can set parameter keystore and keypass if you want
|
|
to change the default ( user.home/.keystore with changeit )
|
|
-->
|
|
<!--
|
|
<Connector className="org.apache.tomcat.service.PoolTcpConnector">
|
|
<Parameter name="handler"
|
|
value="org.apache.tomcat.service.http.HttpConnectionHandler"/>
|
|
<Parameter name="port"
|
|
value="8443"/>
|
|
<Parameter name="socketFactory"
|
|
value="org.apache.tomcat.net.SSLSocketFactory" />
|
|
</Connector>
|
|
-->
|
|
|
|
<!-- Apache AJP12 support. This is also used to shut down tomcat.
|
|
-->
|
|
<Connector className="org.apache.tomcat.service.PoolTcpConnector">
|
|
<Parameter name="handler"
|
|
value="org.apache.tomcat.service.connector.Ajp12ConnectionHandler"/>
|
|
<Parameter name="port" value="8007"/>
|
|
</Connector>
|
|
|
|
<!-- ==================== Special webapps ==================== -->
|
|
<!-- You don't need this if you place your app in webapps/
|
|
and use defaults.
|
|
For security you'll also need to edit tomcat.policy
|
|
|
|
Defaults are: debug=0, reloadable=true, trusted=false
|
|
(trusted allows you to access tomcat internal objects
|
|
with FacadeManager ), crossContext=true (allows you to
|
|
access other contexts via ServletContext.getContext())
|
|
|
|
If security manager is enabled, you'll have read perms.
|
|
in the webapps dir and read/write in the workdir.
|
|
-->
|
|
|
|
<!--
|
|
<Context path="/examples"
|
|
docBase="webapps/examples"
|
|
crossContext="false"
|
|
debug="0"
|
|
reloadable="true" >
|
|
</Context>
|
|
-->
|
|
|
|
<!-- Admin context will use tomcat.core to add/remove/get info about
|
|
the webapplications and tomcat internals.
|
|
By default it is not trusted - i.e. it is not allowed access to
|
|
tomcat internals, only informations that are available to all
|
|
servlets are visible.
|
|
|
|
If you change this to true, make sure you set a password.
|
|
-->
|
|
|
|
<!--
|
|
<Context path="/admin"
|
|
docBase="webapps/admin"
|
|
crossContext="true"
|
|
debug="0"
|
|
reloadable="true"
|
|
trusted="false" >
|
|
</Context>
|
|
-->
|
|
|
|
<!-- Virtual host example -
|
|
In "127.0.0.1" virtual host we'll reverse "/" and
|
|
"/examples"
|
|
(XXX need a better example )
|
|
(use "http://127.0.0.1/examples" )
|
|
<Host name="127.0.0.1" >
|
|
<Context path=""
|
|
docBase="webapps/examples" />
|
|
<Context path="/examples"
|
|
docBase="webapps/ROOT" />
|
|
</Host>
|
|
-->
|
|
<Context path=""
|
|
docBase="/var/www/htdocs" />
|
|
</ContextManager>
|
|
</Server>
|