Tomcat之站点维护
1. tomcat配置使用
1. 默认站点根目录
tomcat的默认站点根目录webapps/ROOT,配置文件为server.xml
<Connector port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
<Host name="localhost" appBase="webapps"
unpackWARs="true" autoDeploy="true">
客户端访问:http://ip:8080
2. 使用其他jar包
包名:zhenyiku.war,放到webapps目录下,会自动解压缩
客户端访问:http://ip:8080/zhenyiku
3. 修改默认域名
<Host name="www.test.com" appBase="webapps"
unpackWARs="true" autoDeploy="true">
修改完成后,重启tomcat
4. 修改tomcat访问的默认站点目录
<Host name="www.wangjenkins.com" appBase="/home/tomcat/www" //这里的appBase后填写的是新的站点根目录,也可以还设置成webapps(若是webapps,则下面的Context一行必须设置)
unpackWARs="true" autoDeploy="true">
<Context path="" docBase="/home/tomcat/www" debug="0" reloadable="true" /> //这一行最好添加上,path后面的""里配置的是tomcat的子项目,""为空,表示是父项目
5. 同一域名下部署多个项目
<Host name="www.wangjenkins.com" appBase="webapps"
unpackWARs="true" autoDeploy="true">
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="localhost_access_log." suffix=".txt"
pattern="%h %l %u %t "%r" %s %b" />
<Context path="/huanqiu1" reloadable="true" docBase="/usr/local/tomcat7/huanqiu1"/>
<Context path="/huanqiu2" reloadable="true" docBase="/usr/local/tomcat7/huanqiu2"/>
</Host>
结论:
父项目是http://www.wangjenkins.com/8080/jenkins,站点目录是/usr/local/tomcat7/webapps,由于webapps下不是默认的ROOT,而是jenkins。所以访问的url里要带jenkins 两个子项目分别是: http://www.wangjenkins.com/8080/huanqiu1,对应的站点目录是/usr/local/tomcat7/huanqiu1 http://www.wangjenkins.com/8080/huanqiu2,对于的站点目录是/usr/local/tomcat7/huanqiu2
6. 不同域名下部署多个项目
<Host name="localhost" appBase="webapps" //这个是默认的配置区域
unpackWARs="true" autoDeploy="true">
<!-- SingleSignOn valve, share authentication between web applications
Documentation at: /docs/config/valve.html -->
<!--
<Valve className="org.apache.catalina.authenticator.SingleSignOn" />
-->
<!-- Access log processes all example.
Documentation at: /docs/config/valve.html
Note: The pattern used is equivalent to using pattern="common" -->
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="localhost_access_log." suffix=".txt"
pattern="%h %l %u %t "%r" %s %b" />
<Host name="www.beijing.com" appBase="apps"
unpackWARs="true" autoDeploy="true">
<!-- SingleSignOn valve, share authentication between web applications
Documentation at: /docs/config/valve.html -->
<!--
<Valve className="org.apache.catalina.authenticator.SingleSignOn" />
-->
<!-- Access log processes all example.
Documentation at: /docs/config/valve.html
Note: The pattern used is equivalent to using pattern="common" -->
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="localhost_access_log." suffix=".txt"
pattern="%h %l %u %t "%r" %s %b" />
<Host name="www.wangshibo.com" appBase="wang"
unpackWARs="true" autoDeploy="true">
<!-- SingleSignOn valve, share authentication between web applications
Documentation at: /docs/config/valve.html -->
<!--
<Valve className="org.apache.catalina.authenticator.SingleSignOn" />
-->
<!-- Access log processes all example.
Documentation at: /docs/config/valve.html
Note: The pattern used is equivalent to using pattern="common" -->
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="localhost_access_log." suffix=".txt"
pattern="%h %l %u %t "%r" %s %b" />
<Context path="/ops1" reloadable="true" docBase="/data/web/ops1"/>
<Context path="/ops2" reloadable="true" docBase="/data/web/ops2"/>
结论:
http://localhost:8080 对应的站点目录是/usr/local/tomcat7/webapps(假设对应站点目录下的名称都是ROOT) http://www.beijing.com:8080 对应的站点目录是/usr/local/tomcat7/apps http://www.wangshibo.com:8080 对应的站点目录是/usr/local/tomcat7/wang,并且这个项目下有两个子项目分别是http://www.wangshibo.com:8080/ops1、http://www.wangshibo.com:8080/ops2
7. Tomcat中实现IP访问控制
1. 全局配置
在server.xml中添加下面一行,重启服务器即可。
<Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="192.168.1.*" deny=""/> 此行放在<HOST>之前。2. 局部配置
1. 限制整个站点不能被访问
<Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="192.168.1.*,192.168.2.*,*.mysite.com" deny=""/>
加入到<HOST></HOST>标签中
2. 限制某个context不能访问
<Context path="/myweb" reloadable="true" docBase="/data/tomcat6/webapps/myweb"> <Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="192.168.13.110,192.168.1.*,220.250.13.21" deny=""/> </Context><Valve className="org.apache.catalina.valves.RemoteHostValve" allow="tmachine1" deny=""/> 4. 根据域名进行限制<Valve className="org.apache.catalina.valves.RemoteHostValve" allow="*.mycompany.com,*.a.com"/> 8. Tomcat上传文件问题 1. 上传文件超时 在tomcat的bin/catalina.sh文件里,添加参数:-DLandray.sys.att.expire=600 9. tomcat禁用trace,put,head,options,delete请求方式 <security-constraint>
<web-resource-collection>
<url-pattern>/*</url-pattern>
<http-method>HEAD</http-method>
<http-method>PUT</http-method>
<http-method>DELETE</http-method>
<http-method>OPTIONS</http-method>
<http-method>TRACE</http-method>
</web-resource-collection>
<auth-constraint>
</auth-constraint>
</security-constraint>
2. 在server.xml中,设置allowTrace='true'
<Connector port="8080" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" allowTrace="true"/>
一往无前虎山行,拨开云雾见光明
浙公网安备 33010602011771号