API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jun 14th, 2016
118
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 18.67 KB | None | 0 0
raw download clone embed print report
  1. <?xml version="1.0" encoding="UTF-8"?>
  2. <Server>
  3.  
  4.  
  5. <!-- Comment these entries out to disable JMX MBeans support -->
  6. <!-- You may also configure custom components (e.g. Valves/Realms) by
  7. including your own mbean-descriptor file(s), and setting the
  8. "descriptors" attribute to point to a ';' seperated list of paths
  9. (in the ClassLoader sense) of files to add to the default list.
  10. e.g. descriptors="/com/myfirm/mypackage/mbean-descriptor.xml"
  11. -->
  12.  
  13. <!--
  14. <Listener className="org.apache.catalina.mbeans.ServerLifecycleListener"
  15. debug="0"/>
  16. <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener"
  17. debug="0"/>
  18. -->
  19. <!-- Global JNDI resources -->
  20. <GlobalNamingResources>
  21.  
  22. <!-- Test entry for demonstration purposes -->
  23. <Environment name="simpleValue" type="java.lang.Integer" value="30"/>
  24.  
  25. <!-- Editable user database that can also be used by
  26. UserDatabaseRealm to authenticate users -->
  27. <Resource auth="Container" description="User database that can be updated and saved" name="UserDatabase" type="org.apache.catalina.UserDatabase">
  28. </Resource>
  29. <ResourceParams name="UserDatabase">
  30. <parameter>
  31. <name>factory</name>
  32. <value>org.apache.catalina.users.MemoryUserDatabaseFactory</value>
  33. </parameter>
  34. <parameter>
  35. <name>pathname</name>
  36. <value>conf/tomcat-users.xml</value>
  37. </parameter>
  38. </ResourceParams>
  39.  
  40. </GlobalNamingResources>
  41.  
  42. <!-- A "Service" is a collection of one or more "Connectors" that share
  43. a single "Container" (and therefore the web applications visible
  44. within that Container). Normally, that Container is an "Engine",
  45. but this is not required.
  46.  
  47. Note: A "Service" is not itself a "Container", so you may not
  48. define subcomponents such as "Valves" or "Loggers" at this level.
  49. -->
  50.  
  51. <!-- Define the Tomcat Stand-Alone Service -->
  52. <Service name="Catalina">
  53.  
  54. <!-- A "Connector" represents an endpoint by which requests are received
  55. and responses are returned. Each Connector passes requests on to the
  56. associated "Container" (normally an Engine) for processing.
  57.  
  58. By default, a non-SSL HTTP/1.1 Connector is established on port 8081.
  59. You can also enable an SSL HTTP/1.1 Connector on port 8444 by
  60. following the instructions below and uncommenting the second Connector
  61. entry. SSL support requires the following steps (see the SSL Config
  62. HOWTO in the Tomcat 5 documentation bundle for more detailed
  63. instructions):
  64. * If your JDK version 1.3 or prior, download and install JSSE 1.0.2 or
  65. later, and put the JAR files into "$JAVA_HOME/jre/lib/ext".
  66. * Execute:
  67. %JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA (Windows)
  68. $JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA (Unix)
  69. with a password value of "changeit" for both the certificate and
  70. the keystore itself.
  71.  
  72. By default, DNS lookups are enabled when a web application calls
  73. request.getRemoteHost(). This can have an adverse impact on
  74. performance, so you can disable it by setting the
  75. "enableLookups" attribute to "false". When DNS lookups are disabled,
  76. request.getRemoteHost() will return the String version of the
  77. IP address of the remote client.
  78. -->
  79.  
  80. <!-- Define a non-SSL Coyote HTTP/1.1 Connector on port 8081 -->
  81. <Connector URIEncoding="UTF-8" acceptCount="100" allowTrace="false" connectionTimeout="20000" debug="3" disableUploadTimeout="true" enableLookups="false" maxSpareThreads="75" maxThreads="150" minSpareThreads="25" name="WebServer" port="8081" redirectPort="8444"/>
  82. <!-- Note : To disable connection timeouts, set connectionTimeout value
  83. to -1 -->
  84.  
  85. <!-- Note : To use gzip compression you could set the following properties :
  86.  
  87. compression="on"
  88. compressionMinSize="2048"
  89. noCompressionUserAgents="gozilla, traviata"
  90. compressableMimeType="text/html,text/xml"
  91. -->
  92.  
  93. <!-- Define a SSL Coyote HTTP/1.1 Connector on port 8444 -->
  94. <!---
  95. <Connector port="8444" name="SSL"
  96. maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
  97. enableLookups="false" disableUploadTimeout="true"
  98. acceptCount="100" debug="0" scheme="https" secure="true"
  99. clientAuth="false" sslProtocol="TLS"
  100. keystoreFile="./conf/server.keystore"
  101. keystorePass="adventnet" connectionTimeout="-1"/>
  102. -->
  103. <!-- Define a Coyote/JK2 AJP 1.3 Connector on port 8009 -->
  104. <!--
  105. <Connector port="8009"
  106. enableLookups="false" redirectPort="8444" debug="0"
  107. protocol="AJP/1.3" />
  108. -->
  109. <!-- Define a Proxied HTTP/1.1 Connector on port 8082 -->
  110. <!-- See proxy documentation for more information about using this. -->
  111. <!--
  112. <Connector port="8082"
  113. maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
  114. enableLookups="false"
  115. acceptCount="100" debug="0" connectionTimeout="20000"
  116. proxyPort="80" disableUploadTimeout="true" />
  117. -->
  118.  
  119. <!-- This connector is to check the status of the radius service-->
  120. <Connector acceptCount="100" allowTrace="false" connectionTimeout="-1" debug="0" disableUploadTimeout="true" enableLookups="false" maxSpareThreads="75" maxThreads="150" minSpareThreads="25" port="8495"/>
  121.  
  122. <!-- An Engine represents the entry point (within Catalina) that processes
  123. every request. The Engine implementation for Tomcat stand alone
  124. analyzes the HTTP headers included with the request, and passes them
  125. on to the appropriate Host (virtual host). -->
  126.  
  127. <!-- You should set jvmRoute to support load-balancing via JK/JK2 ie :
  128. <Engine name="Standalone" defaultHost="localhost" debug="0" jvmRoute="jvm1">
  129. -->
  130.  
  131. <!-- Define the top level container in our container hierarchy -->
  132. <Engine debug="0" defaultHost="localhost" name="Catalina">
  133.  
  134. <!-- The request dumper valve dumps useful debugging information about
  135. the request headers and cookies that were received, and the response
  136. headers and cookies that were sent, for all requests received by
  137. this instance of Tomcat. If you care only about requests to a
  138. particular virtual host, or a particular application, nest this
  139. element inside the corresponding <Host> or <Context> entry instead.
  140.  
  141. For a similar mechanism that is portable to all Servlet 2.4
  142. containers, check out the "RequestDumperFilter" Filter in the
  143. example application (the source for this filter may be found in
  144. "$CATALINA_HOME/webapps/examples/WEB-INF/classes/filters").
  145.  
  146. Request dumping is disabled by default. Uncomment the following
  147. element to enable it. -->
  148. <!--
  149. <Valve className="org.apache.catalina.valves.RequestDumperValve"/>
  150. -->
  151.  
  152. <!-- Global logger unless overridden at lower levels -->
  153. <!--Logger className="org.apache.catalina.logger.FileLogger"
  154. prefix="catalina_log." suffix=".txt"
  155. timestamp="true"/-->
  156.  
  157. <!-- Because this Realm is here, an instance will be shared globally -->
  158.  
  159. <!-- This Realm uses the UserDatabase configured in the global JNDI
  160. resources under the key "UserDatabase". Any edits
  161. that are performed against this UserDatabase are immediately
  162. available for use by the Realm. -->
  163. <!--Realm className="org.apache.catalina.realm.UserDatabaseRealm"
  164. debug="0" resourceName="UserDatabase"/-->
  165.  
  166. <!-- Comment out the old realm but leave here for now in case we
  167. need to go back quickly -->
  168. <!--
  169. <Realm className="org.apache.catalina.realm.MemoryRealm" />
  170. -->
  171.  
  172. <!-- Replace the above Realm with one of the following to get a Realm
  173. stored in a database and accessed via JDBC -->
  174.  
  175. <!--
  176. <Realm className="org.apache.catalina.realm.JDBCRealm" debug="99"
  177. driverName="org.gjt.mm.mysql.Driver"
  178. connectionURL="jdbc:mysql://localhost/authority"
  179. connectionName="test" connectionPassword="test"
  180. userTable="users" userNameCol="user_name" userCredCol="user_pass"
  181. userRoleTable="user_roles" roleNameCol="role_name" />
  182. -->
  183.  
  184. <!--
  185. <Realm className="org.apache.catalina.realm.JDBCRealm" debug="99"
  186. driverName="oracle.jdbc.driver.OracleDriver"
  187. connectionURL="jdbc:oracle:thin:@ntserver:1521:ORCL"
  188. connectionName="scott" connectionPassword="tiger"
  189. userTable="users" userNameCol="user_name" userCredCol="user_pass"
  190. userRoleTable="user_roles" roleNameCol="role_name" />
  191. -->
  192.  
  193. <!--
  194. <Realm className="org.apache.catalina.realm.JDBCRealm" debug="99"
  195. driverName="sun.jdbc.odbc.JdbcOdbcDriver"
  196. connectionURL="jdbc:odbc:CATALINA"
  197. userTable="users" userNameCol="user_name" userCredCol="user_pass"
  198. userRoleTable="user_roles" roleNameCol="role_name" />
  199. -->
  200. <Realm allRolesMode="strictAuthOnly" appName="MickeyLite" className="com.adventnet.authentication.realm.CustomJAASRealm" roleClassNames="com.adventnet.authentication.RolePrincipal" userClassNames="com.adventnet.authentication.UserPrincipal">
  201. </Realm>
  202.  
  203. <!-- Define the default virtual host
  204. Note: XML Schema validation will not work with Xerces 2.2.
  205. -->
  206. <Host appBase="webapps" autoDeploy="false" debug="0" name="localhost" unpackWARs="true" xmlNamespaceAware="false" xmlValidation="false">
  207.  
  208. <!-- Defines a cluster for this node,
  209. By defining this element, means that every manager will be changed.
  210. So when running a cluster, only make sure that you have webapps in there
  211. that need to be clustered and remove the other ones.
  212. A cluster has the following parameters:
  213.  
  214. className = the fully qualified name of the cluster class
  215.  
  216. name = a descriptive name for your cluster, can be anything
  217.  
  218. debug = the debug level, higher means more output
  219.  
  220. mcastAddr = the multicast address, has to be the same for all the nodes
  221.  
  222. mcastPort = the multicast port, has to be the same for all the nodes
  223.  
  224. mcastFrequency = the number of milliseconds in between sending a "I'm alive" heartbeat
  225.  
  226. mcastDropTime = the number a milliseconds before a node is considered "dead" if no heartbeat is received
  227.  
  228. tcpThreadCount = the number of threads to handle incoming replication requests, optimal would be the same amount of threads as nodes
  229.  
  230. tcpListenAddress = the listen address (bind address) for TCP cluster request on this host,
  231. in case of multiple ethernet cards.
  232. auto means that address becomes
  233. InetAddress.getLocalHost().getHostAddress()
  234.  
  235. tcpListenPort = the tcp listen port
  236.  
  237. tcpSelectorTimeout = the timeout (ms) for the Selector.select() method in case the OS
  238. has a wakup bug in java.nio. Set to 0 for no timeout
  239.  
  240. printToScreen = true means that managers will also print to std.out
  241.  
  242. expireSessionsOnShutdown = true means that
  243.  
  244. useDirtyFlag = true means that we only replicate a session after setAttribute,removeAttribute has been called.
  245. false means to replicate the session after each request.
  246. false means that replication would work for the following piece of code:
  247. <%
  248. HashMap map = (HashMap)session.getAttribute("map");
  249. map.put("key","value");
  250. %>
  251. replicationMode = can be either 'synchronous' or 'asynchronous'.
  252. * Synchronous means that the thread that executes the request, is also the
  253. thread the replicates the data to the other nodes, and will not return until all
  254. nodes have received the information.
  255. * Asynchronous means that there is a specific 'sender' thread for each cluster node,
  256. so the request thread will queue the replication request into a "smart" queue,
  257. and then return to the client.
  258. The "smart" queue is a queue where when a session is added to the queue, and the same session
  259. already exists in the queue from a previous request, that session will be replaced
  260. in the queue instead of replicating two requests. This almost never happens, unless there is a
  261. large network delay.
  262. -->
  263.  
  264. <!-- When uncommenting the cluster, REMEMBER to uncomment the replication Valve below as well
  265.  
  266.  
  267. <Cluster className="org.apache.catalina.cluster.tcp.SimpleTcpCluster"
  268. name="FilipsCluster"
  269. debug="10"
  270. serviceclass="org.apache.catalina.cluster.mcast.McastService"
  271. mcastAddr="228.0.0.4"
  272. mcastPort="45564"
  273. mcastFrequency="500"
  274. mcastDropTime="3000"
  275. tcpThreadCount="2"
  276. tcpListenAddress="auto"
  277. tcpListenPort="4001"
  278. tcpSelectorTimeout="100"
  279. printToScreen="false"
  280. expireSessionsOnShutdown="false"
  281. useDirtyFlag="true"
  282. replicationMode="synchronous"
  283. />
  284. -->
  285. <!--
  286. When configuring for clustering, you also add in a valve to catch all the requests
  287. coming in, at the end of the request, the session may or may not be replicated.
  288. A session is replicated if and only if all the conditions are met:
  289. 1. useDirtyFlag is true or setAttribute or removeAttribute has been called AND
  290. 2. a session exists (has been created)
  291. 3. the request is not trapped by the "filter" attribute
  292.  
  293. The filter attribute is to filter out requests that could not modify the session,
  294. hence we don't replicate the session after the end of this request.
  295. The filter is negative, ie, anything you put in the filter, you mean to filter out,
  296. ie, no replication will be done on requests that match one of the filters.
  297. The filter attribute is delimited by ;, so you can't escape out ; even if you wanted to.
  298.  
  299. filter=".*\.gif;.*\.js;" means that we will not replicate the session after requests with the URI
  300. ending with .gif and .js are intercepted.
  301. -->
  302. <!--
  303. <Valve className="org.apache.catalina.cluster.tcp.ReplicationValve"
  304. filter=".*\.gif;.*\.js;.*\.jpg;.*\.htm;.*\.html;.*\.txt;"/>
  305.  
  306. -->
  307. <!-- Normally, users must authenticate themselves to each web app
  308. individually. Uncomment the following entry if you would like
  309. a user to be authenticated the first time they encounter a
  310. resource protected by a security constraint, and then have that
  311. user identity maintained across *all* web applications contained
  312. in this virtual host. -->
  313. <Valve className="org.apache.catalina.authenticator.SingleSignOn" debug="0"/>
  314.  
  315. <!-- Access log processes all requests for this virtual host. By
  316. default, log files are created in the "logs" directory relative to
  317. $CATALINA_HOME. If you wish, you can specify a different
  318. directory with the "directory" attribute. Specify either a relative
  319. (to $CATALINA_HOME) or absolute path to the desired directory.
  320. -->
  321. <!--Valve className="org.apache.catalina.valves.AccessLogValve"
  322. directory="logs" prefix="localhost_access_log." suffix=".txt"
  323. pattern="common" resolveHosts="false"/-->
  324. <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" pattern="%u %U %S &quot;%{Referer}i&quot; %a %A %m %t %D %b %s &quot;%{User-Agent}i&quot;" prefix="access_log." resolveHosts="false" rotatable="false" suffix="txt"/>
  325. <!-- Logger shared by all Contexts related to this virtual host. By
  326. default (when using FileLogger), log files are created in the "logs"
  327. directory relative to $CATALINA_HOME. If you wish, you can specify
  328. a different directory with the "directory" attribute. Specify either a
  329. relative (to $CATALINA_HOME) or absolute path to the desired
  330. directory.-->
  331. <Logger className="org.apache.catalina.logger.FileLogger" directory="logs" prefix="localhost_log." suffix=".txt" timestamp="true"/>
  332. <!-- <Logger className="com.adventnet.mfw.log.TomcatLog"
  333. directory="logs" prefix="localhost_log." suffix=".txt"
  334. timestamp="true"/>-->
  335.  
  336. <!-- Define properties for each web application. This is only needed
  337. if you want to set non-default properties, or have web application
  338. document roots in places other than the virtual host's appBase
  339. directory. -->
  340.  
  341. <!-- Tomcat Root Context -->
  342. <Context debug="0" docBase="/adap" path="" useHttpOnly="true"/>
  343. <Context appBase="webapps" debug="0" docBase="../help/" path="/help" reloadable="true" useHttpOnly="true"/>
  344. <Context appBase="webapps" debug="0" docBase="/adap/GPODetails/" path="/GPODetails" reloadable="true" useHttpOnly="true"/>
  345.  
  346. </Host>
  347.  
  348. </Engine>
  349.  
  350. <Connector SSLEnabled="true" URIEncoding="UTF-8" acceptCount="100" ciphers="TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA256,TLS_RSA_WITH_AES_256_CBC_SHA" clientAuth="false" connectionTimeout="20000" debug="0" disableUploadTimeout="true" enableLookups="false" keystoreFile="./conf/ssb.keystore" keystorePass="redlin" maxSpareThreads="75" maxThreads="150" minSpareThreads="25" name="SSL" port="8444" scheme="https" secure="true" sslProtocol="TLS" sslProtocols="TLSv1"/>
  351. </Service>
  352.  
  353. </Server>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!