It is assumed you can do all these steps as root.
Ensure you have a recent java installed. (Not covered in this document.)
Get Tomcat in binary form from http://jakarta.apache.org.
Put in /usr/local/jakarta-tomcat-5.5.9.tar.gz
cd /usr/local
tar -xzvf jakarta-tomcat-5.5.9.tar.gz
Clean up
rm jakarta-tomcat-5.5.9.tar.gz
Get apache source from http://httpd.apache.org, put in /usr/local/src/httpd-2.0.54.tar.gz
cd /usr/local/src
tar -xzvf httpd-2.0.54.tar.gz
cd httpd-2.0.54
Create a runconfigure shell script with the following contents:
#!/bin/sh
./configure --enable-mods-shared="most ssl usertrack" \
--disable-status \
--disable-userdir \
--disable-cgi \
--disable-cgid \
--disable-include \
--disable-autoindex \
--disable-asis \
--disable-imap \
--disable-actions
XXX: see if you can
--disable-dav \
--disable-dav_fs \
--disable-speling
Now run it
chmod +x runconfigure
./runconfigure
make
make install
Now go fix oversights in /usr/local/apache2/conf/httpd.conf
Change
UserDir public_html
to
# UserDir public_html
and
IndexOptions FancyIndexing VersionSort
to
# IndexOptions FancyIndexing VersionSort
and
AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
to
# AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
and
AddIconByType (TXT,/icons/text.gif) text/*
AddIconByType (IMG,/icons/image2.gif) image/*
AddIconByType (SND,/icons/sound2.gif) audio/*
AddIconByType (VID,/icons/movie.gif) video/*
to
# AddIconByType (TXT,/icons/text.gif) text/*
# AddIconByType (IMG,/icons/image2.gif) image/*
# AddIconByType (SND,/icons/sound2.gif) audio/*
# AddIconByType (VID,/icons/movie.gif) video/*
and
AddIcon /icons/binary.gif .bin .exe
AddIcon /icons/binhex.gif .hqx
AddIcon /icons/tar.gif .tar
AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
AddIcon /icons/a.gif .ps .ai .eps
AddIcon /icons/layout.gif .html .shtml .htm .pdf
AddIcon /icons/text.gif .txt
AddIcon /icons/c.gif .c
AddIcon /icons/p.gif .pl .py
AddIcon /icons/f.gif .for
AddIcon /icons/dvi.gif .dvi
AddIcon /icons/uuencoded.gif .uu
AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
AddIcon /icons/tex.gif .tex
AddIcon /icons/bomb.gif core
AddIcon /icons/back.gif ..
AddIcon /icons/hand.right.gif README
AddIcon /icons/folder.gif ^^DIRECTORY^^
AddIcon /icons/blank.gif ^^BLANKICON^^
to
# AddIcon /icons/binary.gif .bin .exe
# AddIcon /icons/binhex.gif .hqx
# AddIcon /icons/tar.gif .tar
# AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
# AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
# AddIcon /icons/a.gif .ps .ai .eps
# AddIcon /icons/layout.gif .html .shtml .htm .pdf
# AddIcon /icons/text.gif .txt
# AddIcon /icons/c.gif .c
# AddIcon /icons/p.gif .pl .py
# AddIcon /icons/f.gif .for
# AddIcon /icons/dvi.gif .dvi
# AddIcon /icons/uuencoded.gif .uu
# AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
# AddIcon /icons/tex.gif .tex
# AddIcon /icons/bomb.gif core
# AddIcon /icons/back.gif ..
# AddIcon /icons/hand.right.gif README
# AddIcon /icons/folder.gif ^^DIRECTORY^^
# AddIcon /icons/blank.gif ^^BLANKICON^^
and
DefaultIcon /icons/unknown.gif
to
# DefaultIcon /icons/unknown.gif
and
ReadmeName README.html
HeaderName HEADER.html
to
# ReadmeName README.html
# HeaderName HEADER.html
and
IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
to
# IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
Then, in apachectl, change
start|stop|restart|graceful)
$HTTPD -k $ARGV
ERROR=$?
;;
to
start|stop|restart|graceful)
$HTTPD -k $ARGV -DSSL
ERROR=$?
;;
Then run
cd /usr/local/apache2/conf
mkdir ssl.crt
mkdir ssl.key
openssl req -new -x509 -days 365 -keyout ./ssl.key/server.key -out ./ssl.crt/server.crt -subj '/CN=Test-Only Certificate'
cp ssl.key/server.key ssl.key/server.key.org
openssl rsa -in ssl.key/server.key.org -out ssl.key/server.key
chmod 400 ssl.key/server.key
Now get the tomcat connectors from http://jakarta.apache.org/site/downloads/downloads_tomcat-connectors.cgi and put it in /usr/local/src/jakarta-tomcat-connectors-current-src.tar.gz
Now
tar -xzvf jakarta-tomcat-connectors-1.2.14.1-src.tar.gz
cd jakarta-tomcat-connectors-1.2.14.1-src/jk/native
Make a runconfigure:
#!/bin/sh
./configure \
--enable-prefork \
--enable-shared=jk \
--with-apxs=/usr/local/apache2/bin/apxs \
--with-java-home=/usr/local/jdk1.5.0_04
Run it:
chmod +x runconfigure
./runconfigure
make
make install
Now edit httpd.conf:
First, at end of LoadModule stanza, add
LoadModule jk_module modules/mod_jk.so
Then change
DocumentRoot "/usr/local/apache2/htdocs"
to
DocumentRoot "/usr/local/jakarta-tomcat-5.5.9/webapps/ROOT"
Then change
DirectoryIndex index.html index.html.var
to
DirectoryIndex index.html index.html.var index.jsp
and
<Directory "/usr/local/jakarta-tomcat-5.5.9/webapps/ROOT">
to
<Directory "/usr/local/jakarta-tomcat-5.5.9/webapps/ROOT">
Then, at the bottom of httpd.conf, add
<Directory "/usr/local/jakarta-tomcat-5.5.9/webapps/ROOT/WEB-INF">
Deny from all
</Directory>
# NOTE that this Alias directive
# Alias /jsp-examples "/usr/local/jakarta-tomcat-5.5.9/webapps/jsp-examples"
# is better than this Alias directive
# Alias /jsp-examples/ "/usr/local/jakarta-tomcat-5.5.9/webapps/jsp-examples/"
# because the user could type in the dir name *without* the trailing slash,
# and we still need the Alias to work!
Alias /jsp-examples "/usr/local/jakarta-tomcat-5.5.9/webapps/jsp-examples"
<Directory "/usr/local/jakarta-tomcat-5.5.9/webapps/jsp-examples">
Options Indexes MultiViews
AllowOverride None
Order allow,deny
Allow from all
</Directory>
<Directory "/usr/local/jakarta-tomcat-5.5.9/webapps/jsp-examples">
Deny from all
</Directory>
Alias /servlets-examples "/usr/local/jakarta-tomcat-5.5.9/webapps/servlets-examples"
<Directory "/usr/local/jakarta-tomcat-5.5.9/webapps/servlets-examples">
Options Indexes MultiViews
AllowOverride None
Order allow,deny
Allow from all
</Directory>
<Directory "/usr/local/jakarta-tomcat-5.5.9/webapps/servlets-examples/WEB-INF">
Deny from all
</Directory>
Alias /tomcat-docs "/usr/local/jakarta-tomcat-5.5.9/webapps/tomcat-docs"
<Directory "/usr/local/jakarta-tomcat-5.5.9/webapps/tomcat-docs">
Options Indexes MultiViews
AllowOverride None
Order allow,deny
Allow from all
</Directory>
<Directory "/usr/local/jakarta-tomcat-5.5.9/webapps/tomcat-docs/WEB-INF">
Deny from all
</Directory>
Alias /webdav "/usr/local/jakarta-tomcat-5.5.9/webapps/webdav"
<Directory "/usr/local/jakarta-tomcat-5.5.9/webapps/webdav">
Options Indexes MultiViews
AllowOverride None
Order allow,deny
Allow from all
</Directory>
<Directory "/usr/local/jakarta-tomcat-5.5.9/webapps/webdav/WEB-INF">
Deny from all
</Directory>
Alias /balancer "/usr/local/jakarta-tomcat-5.5.9/webapps/balancer"
<Directory "/usr/local/jakarta-tomcat-5.5.9/webapps/balancer">
Options Indexes MultiViews
AllowOverride None
Order allow,deny
Allow from all
</Directory>
<Directory "/usr/local/jakarta-tomcat-5.5.9/webapps/balancer/WEB-INF">
Deny from all
</Directory>
JkWorkerProperty worker.list=ajp13w
JkWorkerProperty worker.ajp13w.type=ajp13
JkWorkerProperty worker.ajp13w.host=localhost
JkWorkerProperty worker.ajp13w.port=8009
JkLogFile /usr/local/apache2/logs/mod_jk.log
JkLogLevel info
JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
JkRequestLogFormat "%w %V %T"
JkOptions +ForwardKeySize
JkOptions +ForwardURICompatUnparsed
JkOptions +ForwardDirectories
JkShmFile /usr/local/apache2/conf/jk.shm
JkMount /*.jsp ajp13w
JkMount /servlets-examples/servlet/* ajp13w
XXX: put in stuff on making apache start/stop with system. And tomcat start/stop with system. Note that CATALINA_HOME needs to be explicitly set in catalina.sh when you copy it to /etc/rc.d/init.d; it gets confused being so far away from home ;-)
cd /etc/rc.d/init.d
[root@ophelia init.d]# cp /usr/local/jakarta-tomcat-5.5.9/bin/catalina.sh ./catalina
[root@ophelia init.d]# vi catalina
[root@ophelia init.d]# chkconfig --add catalina
[root@ophelia init.d]# chkconfig --level 345 catalina on
[root@ophelia init.d]# chkconfig --list catalina
catalina 0:off 1:off 2:off 3:on 4:on 5:on 6:off
In server.xml, change
<!-- Define a non-SSL HTTP/1.1 Connector on port 8080 -->
<Connector port="8080" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" redirectPort="8443" acceptCount="100"
connectionTimeout="20000" disableUploadTimeout="true" />
to
<!-- Define a non-SSL HTTP/1.1 Connector on port 8080 -->
<!--
<Connector port="8080" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" redirectPort="8443" acceptCount="100"
connectionTimeout="20000" disableUploadTimeout="true" />
-->