New to Tomcat in the cloud? Print

  • 25

Overview

If you are new to JavaPipe's Java hosting you probably want to know where everything is within your virtual account.

Each package comes with its very own Apache Tomcat container. There is nothing special about this container, it is a vanilla download direct from Apache.org. The only thing unique is that we handle the port configurations so that all the tomcats on the server will work well together. So please ask if you think you need to change the ports in tomcat/conf/server.xml

We also ask that you do not change the memory allocations for your heap or permgen within tomcat configuration. Doing so will result in eviction from our servers.

Now that thats out of the way, lets talk about where things are so that you can get started.

Files and Paths

/home/username/yourdomain.com/tomcat

This 'tomcat' folder is a shortcut/alias to the actual apache tomcat within the same directory. This symlink is for your convenience and will also break your tomcat if you remove it.

You'll notice in your public_html directory you'll see the following directories.

/home/username/public_html
  • assets - This is for storing static files, files that do not change often. Often developers with to leave out the static files so they dont have package this in their war file.
  • web - For your PHP applications. You can find out more about this here: How to host PHP with Tomcat in the Cloud 
  • webapps - this is shortcut to your tomcat/webapps directory. This is where you want to upload your Web Archives (WAR) files.
  • .well-known - This directory is for letsencrypt SSL. Please don't delete unless you don't plan on using letsencrypt.

Please Note: If you are using any of these folder names in your application, please let us know as we will need to remove them from your configuration to avoid conflict with your app.

You have 2 ways to upload your webapps war file. You can use your Tomcat Control within SiteWorx to upload war file into your webapps directory, or you can use SFTP/SCP. Using Tomcat Control is probably the easiest method if you are not comfortable with SSH/SFTP/FTP and so on. Click here to learn more about Tomcat Control

Lastly, As we mentioned above the tomcat installation is a vanilla copy directly from tomcat.apache.org so we do not include mysql/mariadb connectors or other jars for frameworks like Spring. Please include these jars yourself in your webapp's classpath ie: WEB-INF/lib

If you want your site to load a particular application, this can be easily accommodated by adding a context to your server.xml: How to use your webapp instead ROOT or /folder

Stopping and Starting Tomcat.

You can stop and start your container the using Apache Tomcat's ./startup.sh and ./shutdown.sh commands via shell or you can use Tomcat Control within your SiteWorx control panel.

Click here to find out more about Tomcat Control.

How to Start or shutdown Tomcat directly via Shell Method:

First you connect to your account via SSH.

1) Start Tomcat:

$ cd yourdomain.com/tomcat/bin
$ ./startup.sh

Please Note: ALWAYS do shutdown.sh before startup.sh to make sure you don't already have an instance running.

2) Stop Tomcat:

$ cd yourdomain.com/tomcat/bin
$ ./shutdown.sh

Tomcat Manager

Tomcat Manager is a web based interface for montoring your tomcat stats. It also includes tools for deploying your war files and stopping and starting individual applications.

How to configure and access Tomcat Manager

NodeJS

You can host your nodejs within your Javapipe tomcat as well by packaging the nodejs app using npm run build and uploading it as a war file to your webapps directory. Please see KB article for more information: Run NodeJS on JavaPIpe Tomcat

Realm

A Users Realm is a "database" of usernames and passwords that identify valid users of a web application (or set of web applications), plus an enumeration of the list of roles associated with each valid user. You can think of roles as similar to groups in Unix-like operating systems, because access to specific web application resources is granted to all users possessing a particular role (rather than enumerating the list of associated usernames). A particular user can have any number of roles associated with their username.

First you need to decide which Realm method that you wish to use. Memory Realm, JDBC or JNDI and so on. Then you will need to ssh into your server.xml file and uncomment the appropriate Realm that suites your needs.

Memory Realm uses a text file in tomcat/conf/ called tomcat-users.xml

(these roles and passwords can be updated using the Tomcat Administrator)

<!--?xml version='1.0' encoding='utf-8'?--><br>
<tomcat-users><br>
<role rolename="manager"/>
<user username="admin" password="PASS" roles="manager,admin"/>
</tomcat-users>

Roles identify the protected directory in the web.xml in the WEB-INF directory. So if a role is added under roles for the user, they are granted access with that user and password.

To protect the directory in a webapp, you add the requirements in the web.xml deployment descriptor of that webapp:

    <security-constraint>
<display-name>Example Security Constraint</display-name>

<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>

<!-- Define the context-relative URL(s) to be protected -->
<url-pattern>/jsp/security/protected/*</url-pattern>

<!-- If you list http methods, only those methods are protected -->
<http-method>DELETE</http-method>

<http-method>GET</http-method>

<http-method>POST</http-method>

<http-method>PUT</http-method>

</web-resource-collection>

<auth-constraint>

<!-- Anyone with one of the listed roles may access this area -->
<role-name>tomcat</role-name>

<role-name>role1</role-name>

</auth-constraint>

</security-constraint>

The role to protect the directory 'secret' is 'protect. Using login admin/passwd or user2/tomcat can access that directory.

Type of login is set to BASIC for popup HTTP Auth, others are DIGEST for digest enpred string which is also HTTP and FORM for web page type form requesting authentication.

JDBCRealm uses database for user login information instead of a text file like MemoryRealm. You can use either MySQL or PostgreSQL. There are examples in the server.xml. Just uncomment the one you want and enter your database login details.

    <realm debug="99" classname="org.apache.catalina.realm.JDBCRealm">
driverName="org.gjt.mm.mysql.Driver"
connectionURL="jdbc:mysql://localhost/authority?user=dbuser&amp;password=dbpass"
userTable="users" userNameCol="user_name" userCredCol="user_pass"
userRoleTable="user_roles" roleNameCol="role_name"/&gt;
</realm>

Everything else is set the same way except the roles and login information is stored in your database:

    create table users (
user_name varchar(15) not null primary key,
user_pass varchar(15) not null
);

create table user_roles (
user_name varchar(15) not null,
role_name varchar(15) not null,
primary key (user_name, role_name)
);

As they say there is more than one way to skin a cat. There is more than one way to protect a cat using Realm. JNDIRealm, JAASRealm and different methods of authentication. For more information on Realm - apache.tomcat.org

MySQL/MariaDB

We use the database provided by CentOS distribution which is MariaDB. MariaDB is a fork of MySQL after Oracle bought out Sun Microsystems.

With Mariadb you will need to use their connectorj and mariadb connection string code.

More information how to configure your database connection string for MariaDB.

Will My Site Work on Port 80?

Yes, once your have entered our nameservers for your domain to point to our server and it has propagated fully, it will then work with port 80. The preview link with special port number that we provide to you in your Tomcat Setup Email is only to be used in the beginning until your domain name begins working. There on after, you no longer need to provide that special port in the url.


Was this answer helpful?

« Back