|
|
Admin Guide for HP-UX Tomcat-based Servlet Engine B.5.5.23.00
TABLE OF CONTENTS
Release Notes
Overview
Setup
- Prerequisites
- IPv6-specific System Information
- Installation
- Starting and stopping
- Automatic Restart at Boot-up
- Ports used by HP-UX Tomcat-based Servlet Engine
Configuration
IPv6 Information
- Functionality Supported
- Supporting Components
- Enabling/Disabling IPv6
Troubleshooting
Known Bugs
Legal Notices
RELEASE NOTES
This release of HP-UX Tomcat-based Servlet Engine B.5.5.23.00 contains
Tomcat 5.5.23 which implements Servlet 2.4 and JSP 2.0 specifications.
This release contains Tomcat version 5.5.23. Apart from being an
implementation of new specifications of Servlet and JSP, it includes several
new features, enhancements, performance optimizations, and bug fixes over the
previous releases (Tomcat 4.1.x).
This is primarily a security and bugfix release. The following security vulnerabilities
have been fixed in this release.
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2449
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2450
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3382
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3385
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3386
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1355
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2090
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0450
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1358
Bug Fixes:
- Upgraded commons-pool package to version 1.3 to fix memory leak
- Tomcat now displays full path of the requested resource in the 404 Not Found error page
NOTE: From B.4.1.29.00 and onwards mod_jk and mod_jk2 will be shipped
with the HP-UX Apache-based Web Server Product. Please refer to the
Apache admin guide for more information.
NOTE: If you're upgrading from HP-UX Tomcat 4.1.29.x to HP-UX Tomcat-based
Servlet Engine B.5.5.23.00, the following files will have to be manually
updated (after a careful review) by the System Administrator. This
information will also be present in /var/adm/sw/swagent.log after
performing the upgrade.
% cp /opt/hpws/tomcat/newconfig/opt/hpws/tomcat/conf/server.xml \
/opt/hpws/tomcat/conf/server.xml
% cp /opt/hpws/tomcat/newconfig/opt/hpws/tomcat/conf/tomcat-users.xml \
/opt/hpws/tomcat/conf/tomcat-users.xml
% cp /opt/hpws/tomcat/newconfig/opt/hpws/tomcat/conf/web.xml \
/opt/hpws/tomcat/conf/web.xml
To preserve the behavior of newconfig, please do not use the "mv" command
instead of "cp" above.
Sample Servlets and JSPs:
The location of the sample Servlets and JSPs in this release of Tomcat has been changed.
In the previous version these were located under
/opt/hpws/tomcat/webapps/examples/servlets/ and
/opt/hpws/tomcat/webapps/examples/jsps/ respectively.
The new locations are
/opt/hpws/tomcat/webapps/servlets-examples/ and
/opt/hpws/tomcat/webapps/jsp-examples/ respectively for Servlets and JSPs.
To access the sample servlets in this release from a browser, start Tomcat and
point your browser to http://yourserver.com:8081/servlets-examples and similarily for
accessing JSPs type http://yourserver.com:8081/jsp-examples in your browser.
OVERVIEW
Tomcat is a Servlet Container and JavaServer Pages(tm) implementation. It is
a reference implementation of the Servlet 2.4 and JSP 2.0 specification.
Full Tomcat documentation can be found at /opt/hpws/tomcat/webapps/tomcat-docs/.
To access documentation from a browser, start Tomcat, and point your browser
to http://yourserver.com:8081/tomcat-docs; or if you have started
HP-UX Apache-based Web Server with the default configuration, you can access
it from http://yourserver.com/hp_docs/.
For additional information please consult:
Release notes: /opt/hpws/tomcat/RELEASE-NOTES*.txt
Configuration: /opt/hpws/tomcat/webapps/tomcat-docs/config/index.html
Developer Guide: /opt/hpws/tomcat/webapps/tomcat-docs/appdev/index.html
Online documentation can be found at:
http://jakarta.apache.org/tomcat
Documentation on Servlet specifications can be found at:
http://java.sun.com/products/servlet/
JSP specifications are located at:
http://java.sun.com/products/jsp/
SETUP
Prerequisites
When using Apache/mod_jk2 in conjunction with Tomcat, make sure that serverRoot
variable is exported and points to the correct location where the Apache
webserver is installed. This variable is exported in the script
/opt/hpws/tomcat/bin/startup.sh. This script is used to start Tomcat.
If you have moved the location of the webserver to another location
(using altroot utility) you will need to change the value of this variable
to point to the new location. Similarly if you are using the 32-bit version of
HP-UX Apache-based webserver for IA64, you need to export the variable in
/opt/hpws/tomcat/bin/startup.sh as follows:
export serverRoot=/opt/hpws/apache32
This environment variable comes into play primarily when using file based AF_UNIX
socket connections between Apache/mod_jk2 and Tomcat, instead of the traditional
IPaddr:Port based AF_INET connections.
Java Runtime Environment version 1.5 or higher is recommended. Tomcat 5.5.x is
designed to run on J2SE 5 or later. But you can still run it on older JVMs
with the compatibility package(bundled with HPUX-Tomcat)installed.
Tomcat 5.5.x uses Eclipse JDT compiler(which is much faster and bundled with
Tomcat) for compiling JSPs by default. So there is no need for the complete
JDK to be installed, only the JRE is enough. Ofcourse, you can use a different
compiler if you wish to by setting the "compiler" option to whatever compiler
you want in the server wide web.xml file. To do this, search for
the definition of JspServlet and add a parameter element for compiler you wish
to use as shown below:
<servlet>
<servlet-name>jsp
<servlet-class>org.apache.jasper.servlet.JspServlet
<init-param>
<param-name>compiler
<param-value>javac
</init-param>
</servlet>
You can download the JDK from: http://www.hp.com/go/java/
After downloading please change classpaths, JAVA_HOME environment variable
and the path to the Java binary to suit your Java installation.
IPv6-specific System Information
1. IPv6 support is available by default on HP-UX 11i version 2. You do not
need a separate installation of any IPv6 product.
2. Java support requires Java 1.4 or above.
For IPv6 support, you need Java 1.4 or later.
For Java 1.4, if it is not installed by default, you may need to download it
from the web. Make sure to download Java 2 version 1.4 on HP-UX 11i for
Itanium(R)Processor Family-based systems. Note that, Java 1.4 also provides
IPv4 support.
Installation
Information on installing all products of HP-UX Web Server Suite can be found in
Getting Started
The user configurable files of HP-UX Tomcat-based Servlet Engine will be saved
as per the standard HP-UX newconfig methodology. More information can be
found in the newconfig section of Getting Started.
NOTE: If you're upgrading from HP-UX Tomcat 4.1.29.x to HP-UX Tomcat-based
Servlet Engine B.5.5.23.00, please consult the release notes for manually
updating some files that may not have been updated by the newconfig process.
Starting and stopping
HP-UX Tomcat-based Servlet Engine is configured to be run as user www and
it can be used as a standalone container or in conjunction with HP-UX
Apache-based Web Server.
Note that HP-UX Tomcat-based Servlet Engine can also be started as secure
server, for more information consult ssl-howto.html.
Tomcat 5.5.x has support for administering Tomcat servlet engine (through
Tomcat Adminstrator), and managing application deployed on Tomcat (through
the Tomcat Manager). Upon starting HP-UX Tomcat-based Servlet Engine these
two management consoles will be automatically enabled, and their default
login/password are admin/hp.com.
1) In order to use standalone HP-UX Tomcat-based Servlet Engine,
run the following commands:
$ cd /opt/hpws/tomcat
$ ./bin/startup.sh
HP-UX Tomcat-based Servlet Engine will start and will listen to the
default port 8081.
2) Stopping HP-UX Tomcat-based Servlet Engine
$ cd /opt/hpws/tomcat
$ ./bin/shutdown.sh
Automatic Restart at Boot-up
If you would like to automatically restart HP-UX Tomcat-based Servlet Engine
at boot-up time, you will have to modify the specific components configuration
file:
/etc/rc.config.d/hpws_tomcatconf
- To automatically start HP-UX Tomcat-based Servlet Engine servlet engine at
boot-up time.
Set the HPWS_TOMCAT_START variable to 1. If you do not desire
this feature, set the HPWS_TOMCAT_START variable to 0. The line
below shows how to turn it on.
HPWS_TOMCAT_START=1
The startup scripts expect HP-UX Tomcat-based Servlet Engine to be
located in the HPWS_TOMCAT_HOME directory.
If you desire to use Java other than the default one which is installed at the
standard location /opt/java1.5, you may have to point JAVA_HOME
to the new location. The default entry for JAVA_HOME is shown below:
JAVA_HOME=/opt/java1.5
If you want to use Java 1.4 with the compatibility package, make sure to change
the JAVA_HOME variable to point to your Java 1.4 installation(eg:/opt/java1.4).
By default, the HP-UX Tomcat-based Servlet Engine is started as
root. However this can cause potential security risks in a production
environment. For a discussion about this problem, consult this section.
Ports used by HP-UX Tomcat-based Servlet Engine
In the default configuration HP-UX Tomcat-based Servlet Engine uses the
following ports:
8005 - Shutdown Service
8009 - AJP 1.3 Connector
8081 - HTTP 1.1 Connector
These ports can be changed in the server.xml shipped with the HP-UX
Tomcat-based Servlet Engine.
Additionally the following ports are also set in server.xml but their
connectors are disabled by default:
8082 - Proxied HTTP/1.1 Connector
8443 - SSL HTTP/1.1 Connector
CONFIGURATION
There are several configuration files that are used by HP-UX Tomcat-based
Servlet Engine.
1) /opt/hpws/tomcat/conf/server.xml
Main HP-UX Tomcat-based Servlet Engine configuration file, see
/opt/hpws/tomcat/webapps/tomcat-docs/config/index.html for
full documetation.
2) /opt/hpws/tomcat/conf/setenv.sh
This file can be used to set HP-UX Tomcat-based Servlet Engine's environment.
For example you can set additional parameters used by JVM when running HP-UX
Tomcat-based Servlet Engine.
3) /opt/hpws/tomcat/conf/tomcat-users.xml
This file defines the users and the roles that can use the Tomcat
Administration and the Tomcat Manager (both provided by ASF).
IPV6 INFORMATION
IPv6 stands for "Internet Protocol Version 6", the "next generation"
protocol designed by the IETF to replace the current version Internet
Protocol Version 4 (IPv4). The new IPv6 addresses the current problem of
and network configuration.
IPv6 is only supported on the HP-UX Tomcat-based Servlet Engine for HP-UX
11i version 2.
Functionality Supported
Since HP-UX Tomcat-based Servlet Engine is dependent on other products such as
Java, it may or may not work the same as it does in its IPv4 version.
A. Complete Support
The following components work on IPv6 platform, and all the functionality
of IPv6 is also implemented.
- HTTP core functionality
- Servlets / JSPs
- SSI
- CGI (C-based and shell script)
B. Partial Support
Although the following components works on IPv6 platform, they may not
behave correctly for networking calls related to IPv6 address, due to
a lack of underlying support.
- CGI (Perl-based)
CGI scripts written in Perl will return failure for any calls to
gethostbyname() for the IPv6 addresses, as Perl does not support IPv6.
Hence, perl-based CGI is supported only in IPv4 mode.
TROUBLESHOOTING
- Starting HP-UX Tomcat-based Servlet Engine as user other than www
-------------------------------------------------
HP-UX Tomcat-based Servlet Engine is set up to start as user www. If you want
to change it and designate a different user (e.g., tomcat) follow these steps:
1) Change permissions on your webapps so that they are accessible by the
user tomcat.
2) Change permissions on the /opt/hpws/tomcat/conf so that they are accessible
by the user tomcat.
3) Change permissions on the /opt/hpws/tomcat/logs so that the tomcat
user can write to it.
4) Change permissions on /opt/hpws/tomcat/work so that the tomcat
user can write to it and all sub-directories.
5) Find and replace all instances of the string "www" with "tomcat" in
/opt/hpws/tomcat/bin/startup.sh
For example on a clean install as root do the following
$ cd /opt/hpws/tomcat
$ mkdir work
$ chown -R tomcat:other work webapps logs conf
$ sed "s/www/tomcat/" /opt/hpws/tomcat/bin/startup.sh > /opt/hpws/tomcat/bin/
startup.sh.new
$ mv /opt/hpws/tomcat/bin/startup.sh.new /opt/hpws/tomcat/bin/startup.sh
$ chmod 755 /opt/hpws/tomcat/bin/startup.sh
Note that it is not recommended to start HP-UX Tomcat-based Servlet Engine
as root user. It will result in root owning the Java process that runs
HP-UX Tomcat-based Servlet Engine. Therefore this process will have access
to system resources. This might be a security issue. In the production
enviroment it is recommended that HP-UX Tomcat-based Servlet Engine be
started and stopped by a user such as www.
- Permission denied errors running JSPs with HP-UX Tomcat-based Servlet Engine
-------------------------------------------------
JSPs automatically create directories and files in the tomcat/work
directory. These directories have the write permissions for the user
& group of the user who started HP-UX Tomcat-based Servlet Engine initially.
The write permissions are not granted to others (rwxrwxr-x).
Subsequently, if "other" users - those who do not belong to the above
group - try to start HP-UX Tomcat-based Servlet Engine, they will not have
permissions to write in the work directory.
SOLUTION:
Either always start HP-UX Tomcat-based Servlet Engine as the same user or
always start HP-UX Tomcat-based Servlet Engine with users who belong to the
same group. Note that it is not recomended to use root to start HP-UX
Tomcat-based Servlet Engine (to avoid security holes).
- <error-page> directive doesn't work with IE 5.0 and above
-------------------------------------------------
IE 5.0 and above has a new feature which may replace a site's own error messages
with its in-built error pages. This occurs if the error page from the site is less
than a particular size. For most errors, this is 512 bytes. If the error page from
the site is more than 512 bytes, IE will display the site's customized error message
(defined by the <error-page> directive in the deployment descriptor- web.xml),
otherwise it will not display it. For a few statuses (403, 405 and 410),
the cut-off size is 256 bytes.
SOLUTION:
The solution to this problem is to ensure that the size of all the custom error
pages in the application is more than 512 bytes.
KNOWN BUGS
See the Release Notes in /opt/hpws/tomcat directory.
***************************************************************************
LEGAL NOTICES
The information in this document is subject to change without notice.
WARRANTY DISCLAIMER
HEWLETT-PACKARD MAKES NO WARRANTY OF ANY KIND WITH REGARD TO THIS
INFORMATION, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. Hewlett-Packard
shall not be liable for errors contained herein or for direct, indirect,
special, incidental or consequential damages in connection with the
furnishing, performance or use of this material.
RESTRICTED RIGHTS LEGEND
Use, duplication or disclosure by the U.S. Government is subject to
restrictions as set forth in subparagraph (c) (1) (ii) of the Rights in
Technical Data and Computer Software clause at DFARS 252.227-7013 for DOD
agencies. Rights for non-DOD U.S. Government Department and Agencies are
as set forth in FAR 52.227-19 (c)(1,2).
COPYRIGHT NOTICES
Copyright 2001-2007 Hewlett-Packard Development Company, L.P.
This document contains information which is protected by copyright.
All Rights Reserved. Reproduction, adaptation, or translation without
prior written permission is prohibited, except as allowed under the
copyright laws.
TRADEMARK NOTICES
UNIX is a registered trademark in the United States and other countries,
licensed exclusively through X/Open Company Limited.
Java and all Java-based trademarks and logos are trademarks or
registered trademarks of Sun Microsystems, Inc. in the U.S. and
other countries.
ACKNOWLEDGEMENTS
This product includes software developed by the Apache Software Foundation.
This documentation is based on information from the Apache Software Foundation
(http://www.apache.org).
|
