Tomcat
The Definitive Guide
SECOND EDITION
Jason Brittain with Ian F. Darwin
Beijing
•
Cambridge
•
Farnham
•
Köln
•
Paris
•
Sebastopol
•
Taipei
•
Tokyo
Tomcat: The Definitive Guide, Second Edition
by Jason Brittain with Ian F. Darwin
Copyright © 2008 O’Reilly Media, Inc. All rights reserved.
Printed in the United States of America.
Published by O’Reilly Media, Inc., 1005 Gravenstein Highway North, Sebastopol, CA 95472.
O’Reilly books may be purchased for educational, business, or sales promotional use. Online editions
are also available for most titles (safari.oreilly.com). For more information, contact our
corporate/institutional sales department: (800) 998-9938 or corporate@oreilly.com.
Editor:
Simon St.Laurent
Production Editor:
Loranah Dimant
Copyeditor:
Nancy Reinhardt
Proofreader:
Loranah Dimant
Indexer:
Tolman Creek Design
Cover Designer:
Karen Montgomery
Interior Designer:
David Futato
Illustrator:
Jessamyn Read
Printing History:
June 2003: First Edition.
October 2007: Second Edition.
Nutshell Handbook, the Nutshell Handbook logo, and the O’Reilly logo are registered trademarks of
O’Reilly Media, Inc. Tomcat: The Definitive Guide, the image of a snow leopard, and related trade dress
are trademarks of O’Reilly Media, Inc.
Java and all Java-based trademarks and logos are trademarks or registered trademarks of Sun
Microsystems, Inc., in the United States and other countries. O’Reilly Media, Inc. is independent of Sun
Microsystems.
Many of the designations used by manufacturers and sellers to distinguish their products are claimed as
trademarks. Where those designations appear in this book, and O’Reilly Media, Inc. was aware of a
trademark claim, the designations have been printed in caps or initial caps.
While every precaution has been taken in the preparation of this book, the publisher and authors
assume no responsibility for errors or omissions, or for damages resulting from the use of the
information contained herein.
This book uses RepKover
™
, a durable and flexible lay-flat binding.
ISBN-10: 0-596-10106-6
ISBN-13: 978-0596-10106-0
[M]
v
Table of Contents
Preface
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
ix
1. Getting Started with Tomcat
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
1
Installing Tomcat 1
Starting, Stopping, and Restarting Tomcat 17
Automatic Startup 29
Testing Your Tomcat Installation 34
Where Did Tomcat Come From? 35
2. Configuring Tomcat
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
38
A Word About Using the Apache Web Server 38
Relocating the Web Applications Directory 39
Changing the Port Number from 8080 42
Java VM Configuration 51
Changing the JSP Compiler 54
Managing Realms, Roles, and Users 55
Controlling Sessions 70
Accessing JNDI and JDBC Resources 75
Servlet Auto-Reloading 78
Customized User Directories 78
Tomcat Example Applications 80
Common Gateway Interface (CGI) 80
The Tomcat Admin Webapp 82
vi | Table of Contents
3. Deploying Servlet and JSP Web Applications in Tomcat
. . . . . . . . . . . . . . . . .
86
Layout of a Web Application 93
Deploying an Unpacked Webapp Directory 95
Deploying a WAR File 100
Hot Deployment 106
Working with WAR Files 107
The Manager Webapp 108
Automation with Apache Ant 111
Symbolic Links 124
4. Tomcat Performance Tuning
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
126
Measuring Web Server Performance 127
External Tuning 153
Internal Tuning 156
Capacity Planning 164
Additional Resources 167
5. Integration with the Apache Web Server
. . . . . . . . . . . . . . . . . . . . . . . . . . . .
169
The Pros and Cons of Integration 170
Installing Apache httpd 174
Apache Integration with Tomcat 177
Tomcat Serving HTTP over the APR Connector 194
6. Tomcat Security
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
201
Securing the System 202
Multiple Server Security Models 204
Using the SecurityManager 205
Granting File Permissions 208
Setting Up a Tomcat chroot Jail 213
Filtering Bad User Input 224
Securing Tomcat with SSL 241
7. Configuration
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
259
server.xml 260
web.xml 316
tomcat-users.xml 333
catalina.policy 333
catalina.properties 334
context.xml 335
- 1
- 2
前往页