4 Preparing to Install WebCenter Sites on Apache Tomcat Application Server

This chapter contains information about configuring Tomcat to support your WebCenter Sites web application.

This chapter contains the following sections:

• Section 4.1, "Quick Reference for Setting Up Tomcat Application Server"

• Section 4.2, "Step 1: Configuring Tomcat Application Server"

• Section 4.3, "Step 2: Integrating Tomcat Application Server with a Supported Web Server"

4.1 Quick Reference for Setting Up Tomcat Application Server

This section contains the following topics:

• Section 4.1.1, "Summary of Steps"

• Section 4.1.2, "Paths and Directories Used in This Chapter"

• Section 4.1.3, "Start/Stop Commands for Tomcat"

4.1.1 Summary of Steps

You will complete the steps below as necessary for your requirements for each environment: development, content management, and delivery.

Step 1: Configuring Tomcat Application Server

1. Modify the default Tomcat ports as shown in Section 4.2.1, "Modifying Tomcat Server Ports."

2. Create and configure a data source as shown in Section 4.2.2, "Creating and Configuring a Data Source."

3. Set Java options as described in Section 4.2.3, "Setting Java Options."

4. Set the classpath as described in Section 4.2.4, "Setting the Classpath."

5. Set the URI encoding character set, as described in Section 4.2.5, "Configuring URI Encoding."

6. If the server is a part of a multi-server environment, set the jvmRoute attribute as described in Section 4.2.7, "Configuring a Tomcat Server for Load Balancing."

7. If the Tomcat server is part of a cluster environment, configure the server for clustering as described in Section 4.2.8, "Configuring a Tomcat Server for Clustering."

8. If the server will be running over SSL, configure the Tomcat server for SSL as described in Section 4.2.9, "Configuring a Tomcat Server for SSL."

Step 2: Integrating Tomcat Application Server with a Supported Web Server

This step is required if:

• You are creating a clustered environment that will be load balanced through Apache Web Server.

• You wish to place an apache WebServer in front of Tomcat.

Steps for integrating Tomcat with Apache Web Server are given in Section 4.3, "Step 2: Integrating Tomcat Application Server with a Supported Web Server."

4.1.2 Paths and Directories Used in This Chapter

Table 4-1 lists the paths and directories used in this chapter.

Table 4-1 Paths and Directories Used in Configuring Tomcat Application Server

Name	Description
<sites_install_dir>	Path to the WebCenter Sites installation directory.
<tomcat_home>	Path to the Tomcat installation directory.
<shared_dir>	Path to the shared folder on the given system. The path includes the name of the shared folder.

4.1.3 Start/Stop Commands for Tomcat

This section lists commands for starting and stopping Tomcat instances.

Note:

All commands require that CATALINA_HOME and JAVA_HOME are set to the proper directories.

To start the Tomcat instance

Run the following command:

• In UNIX:

  <tomcat_home>/bin/startup.sh
  

• In Windows:

  <tomcat_home>/bin/startup.bat
  

To stop the Tomcat instance

Run the following command:

• In UNIX:

  <tomcat_home>/bin/shutdown.sh -force
  

• In Windows:

  <tomcat_home>/bin/shutdown.bat
  

4.2 Step 1: Configuring Tomcat Application Server

In this section, you will complete the following steps:

• Section 4.2.1, "Modifying Tomcat Server Ports"

• Section 4.2.2, "Creating and Configuring a Data Source"

• Section 4.2.3, "Setting Java Options"

• Section 4.2.4, "Setting the Classpath"

• Section 4.2.5, "Configuring URI Encoding"

• Section 4.2.7, "Configuring a Tomcat Server for Load Balancing"

• Section 4.2.8, "Configuring a Tomcat Server for Clustering"

• Section 4.2.9, "Configuring a Tomcat Server for SSL"

Note:

Procedures in this section use UNIX commands.

4.2.1 Modifying Tomcat Server Ports

This section explains how to modify the default ports used by Tomcat. In order to run more than one Tomcat server on the same physical server, these ports must be changed to avoid port conflicts.

1. Shutdown the Tomcat server.

2. Open the <tomcat_home>/conf/server.xml file in a text editor and modify the following ports:

   • Shutdown port (default 8005)

     This port is used when shutting down the Tomcat server.

   • HTTP port (default 8080)

     This is the main port from which web applications will be accessible.

   • Redirect port (default 8443)

     This port needs to be modified in both the HTTP and AJP connectors.

   • AJP port (default 8009)

     This port can be used for communicating with an Apache web server.

   • (SSL only) SSL HTTP port (default 8443)

     If you will be using SSL, change this port to the same value used in step 2.

3. Save the changes.

4.2.2 Creating and Configuring a Data Source

1. Choose the data source information that corresponds to the database you will be using and place the required JAR files in the <tomcat_home>/lib directory. Data source information in Table 4-2 will be used to create the data source in the next step.

   Table 4-2 Data Source Information

   Database Driver	Parameters	Values
   JTDS (third-party driver)	DriverClass Required .jar files URL	net.sourceforge.jtds.jdbcx.JtdsDataSource jtds-1.2.5 jar jdbc:jtds:sqlserver://<server>:<dbport>/<dbname> Example: jdbc:jtds:sqlserver://127.0.0.1:1433/contentDB
   DB2	DriverClass Required .jar files URL	com.ibm.db2.jcc.DB2Driver db2jcc.jar, db2cc_license_cu.jar Note: The db2jcc4.jar file is not supported. Installation will fail if the db2jcc4.jar file is used. jdbc:db2://<hostname>:<dbport>/<dbname> Example: jdbc:db2://127.0.0.1:50001/contentDB
   Oracle Thin driver	DriverClass Required .jar files URL	oracle.jdbc.driver.OracleDriver ojdbc6.jar jdbc:oracle:thin:@//<hostname>:1521/<dbname> Example: jdbc:oracle:thin:@//127.0.0.1:1521/contentDB

   
   

2. Open the <tomcat_home>/conf/server.xml file in a text editor and add the following XML code inside the Host tag, replacing any parameterized values:

   <Context path="/<sites_context_root>" docBase="<sites_context_root>" reloadable="true" crossContext="true">
             <Resource name="<jndi_name>" auth="Container" type="javax.sql.DataSource"
                       maxActive="100" maxIdle="30"
                       username="<db_user_name>"
                       password="<db_user_password>"
                       driverClassName="<db_driver_class>"
                       url="<db_url>"/>
           </Context>
   

   Sample data source for an Oracle Database:

   <Context path="/cs" docBase="cs" reloadable="true" crossContext="true">
             <Resource name="csDataSource" auth="Container" type="javax.sql.DataSource"
                       maxActive="100" maxIdle="30"
                       username="csuser"
                       password="password"
                       driverClassName="oracle.jdbc.driver.OracleDriver"
                       url="jdbc:oracle:thin:@//127.0.0.1:1521/contentDB"/>
           </Context>
   

   Note:

   In the example above the maximum allowed database connections is set to 100. While this is the recommended value, it may be changed depending on environment requirements.

3. Save the changes.

4.2.3 Setting Java Options

This section explains how to set memory arguments as well as add Java options required by WebCenter Sites.

1. Open <tomcat_home>/bin/setenv.sh in a text editor and add the line CATALINA_OPTS="<java_opts>" where <java_opts> is a space-separated list of the following options:

   • -Xms2048m -Xmx16834m

     These options set the minimum and maximum memory heap sizes. These are recommended sizes, but may be changed depending on environment requirements.

   • -XX:MaxPermSize=192m

     This option sets the maximum size of the permanent generation space. This is the recommended size, but may be changed depending on environment requirements.

   • -Dfile.encoding=UTF-8

     This option specifies UTF-8 file encoding.

   • -Dnet.sf.ehcache.enableShutdownHook=true

     This option enables the Ehcache shutdown hook.

   • -Djava.net.preferIPv4Stack=true

     This option specifies the use of IPv4 addresses.

   • -Duser.timezone=UTC

     This option is used to set the time zone for the JVM. It is recommended to set the value to UTC across all WebCenter Sites installations. However, you can set any preferable time zone as long as this value is the same for all WebCenter Sites installations. So, the complete CATALINA_OPTS should look like:

     CATALINA_OPTS="-Xms2048m -Xmx16834m -XX:MaxPermSize=192m
     -Dfile.encoding=UTF-8
     -Dnet.sf.ehcache.enableShutdownHook=true -Djava.net.preferIPv4Stack=true
     -Duser.timezone=UTC"
     

     Note:

     If Shift-JIS characters will be used, add the following option: -Dcs.useJavaURLDecoder=false

2. Save the changes.

4.2.4 Setting the Classpath

This section explains how to add paths required by WebCenter Sites to the application server classpath.

1. Open <tomcat_home>/bin/setenv.sh in a text editor and add the following line: CLASSPATH="<paths>" where <paths> is a colon (:) separated list of the following paths:

   1. <sites_install_dir>/bin

      This path contains the required WebCenter Sites and CAS configuration files. Without this file, the CAS web application will not start and the System Tools node in the Admin tab of the WebCenter Sites Admin interface will have reduced functionality.

   2. $JAVA_HOME/lib/tools.jar

      This JAR file is located in the JDK.

2. Save the changes.

4.2.5 Configuring URI Encoding

This section explains how to set the character set for URI encoding to UTF-8.

1. Open <tomcat_home>/conf/server.xml in a text editor and add the URIEncoding attribute to the HTTP Connector tag as follows:

   <Connector port="8080" protocol="HTTP/1.1"
       connectionTimeout="20000"
       redirectPort="8443" URIEncoding="UTF-8" />
   

2. Save the changes.

4.2.6 Configuring AJP Connectors

This section explains how to set encoding configuration for one or both HTTP and AJP connectors on the application server.

1. Ensure all the language and file encoding configuration parameters are set to be UTF-8 throughout the entire infrastructure for multilingual and special character recognition.

2. This includes the db, system variables, futuretense.ini file and the connectors as defined in the application server -including the AJP connector as needed, described in the Oracle Fusion Middleware Online Documentation Library 11g Release 1 (11.1.1.8) for WebCenter Sites installation and administration guides.

3. The above circumstance (Tomcat also using Apache webserver) was resolved by the following:

   Add URIEncoding="UTF-8" in the HTTP and AJP Connectors in $CATALINA_BASE/conf/server.xml.

4.2.7 Configuring a Tomcat Server for Load Balancing

This section explains how to configure a Tomcat server so that it may be a part of a load balancing environment.

1. Open <tomcat_home>/conf/server.xml in a text editor and add the jvmRoute attribute to the Engine tag as follows:

   <Engine name="Catalina" defaultHost="localhost" jvmRoute="jvm1">
   

2. Modify the value of jvmRoute so that it is unique from all other Tomcat servers that will be load balanced.

3. Save the changes.

4.2.8 Configuring a Tomcat Server for Clustering

This section explains how to configure a Tomcat server to be part of a cluster.

1. Open <tomcat_home>/conf/server.xml in a text editor and add the following XML code as the first thing inside the Engine tag:

   <Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"
                    channelSendOptions="8">
             <Manager className="org.apache.catalina.ha.session.DeltaManager"
                      expireSessionsOnShutdown="false"
                      notifyListenersOnReplication="true"/>
             <Channel className="org.apache.catalina.tribes.group.GroupChannel">
               <Membership className="org.apache.catalina.tribes.membership.McastService"
                           address="228.0.0.4"
                           port="45564"
                           frequency="500"
                           dropTime="3000"/>
               <Receiver className="org.apache.catalina.tribes.transport.nio.NioReceiver"
                         address="auto"
                         port="4000"
                         autoBind="100"
                         selectorTimeout="5000"
                         maxThreads="6"/>
               <Sender className="org.apache.catalina.tribes.transport.ReplicationTransmitter">
                 <Transport className="org.apache.catalina.tribes.transport.nio.PooledParallelSender"/>
               </Sender>
               <Interceptor className="org.apache.catalina.tribes.group.interceptors.TcpFailureDetector"/>
               <Interceptor className="org.apache.catalina.tribes.group.interceptors.MessageDispatch15Interceptor"/>
             </Channel>
             <Valve className="org.apache.catalina.ha.tcp.ReplicationValve"
                    filter=""/>
             <Valve className="org.apache.catalina.ha.session.JvmRouteBinderValve"/>
             <Deployer className="org.apache.catalina.ha.deploy.FarmWarDeployer"
                       tempDir="/tmp/war-temp/"
                       deployDir="/tmp/war-deploy/"
                       watchDir="/tmp/war-listen/"
                       watchEnabled="false"/>
             <ClusterListener className="org.apache.catalina.ha.session.JvmRouteSessionIDBinderListener"/>
             <ClusterListener className="org.apache.catalina.ha.session.ClusterSessionListener"/>
           </Cluster>
   

2. Modify the Membership address or port as necessary:

   • Each cluster must have a unique Membership address/port combination to avoid message conflicts.

   • All members of a cluster must have the same values for Membership address and port.

3. Modify the Receiver port or autoBind as necessary.

   The receiver will automatically avoid port conflicts between port and port plus autoBind by binding to a free port. Modify either of these values as necessary to restrict the range of ports the receiver will use.

4. Save the changes.

4.2.9 Configuring a Tomcat Server for SSL

1. Generate a certificate:

   keytool -genkey -alias tomcat -keyalg RSA –keystore
   <tomcat_home>/keys/.keystore
   

   1. Set the -keystore parameter to the location where you want the generated keys to be stored.

   2. When prompted for the keystore password, you may use your own password, or the default changeit. If a custom password is entered, a value in the server.xml file will need to be changed (as explained in step 2).

   3. Enter your first and last name, name of organization, city, state, and country code when prompted, then click Yes to confirm.

   4. At the next prompt, "Enter key password for <tomcat> (RETURN if same as keystore password)," press Enter, as the key password must be the same as the keystore password.

2. Edit <tomcat_home>/conf/server.xml, uncomment the SSL section, and add the following attributes to the SSL connector:

   • keystoreType="JKS"

     This attribute is set to JKS for Java Keystore (the format produced by Java's keytool).

   • keystoreFile="<tomcat_home>/keys/.keystore"

     This attribute is set to the path where the .keystore file was created and the same path used in step 1.

   • keystorePass="<new_password>"

     This attribute is needed only if the keystore password used in step 1 is not changeit, and should be set to the custom password used.

3. Save the changes.

4. After starting the server, point your browser to https://<tomcat_host>:<ssl_port>.

   If your system works correctly, you will be prompted to accept the certificate. When you accept the certificate, the Tomcat index page is displayed.

4.3 Step 2: Integrating Tomcat Application Server with a Supported Web Server

This section provides guidelines for integrating Tomcat Server with your choice of supported web servers.

4.3.1 Configuring Apache HTTP Server

This section explains how to configure Apache 2.2.x or Apache 2.4.x HTTP server with the mod_proxy_ajp plugin to use this plugin with Tomcat.

1. Ensure that mod_so.c is enabled. Run <apache_home>/bin/apachectl -l. If mod_so.c is not in the list that is printed, you must rebuild your Apache with the -enable-module=so option.

2. Open <apache_home>/config/httpd.conf in a text editor and add the following at the end of the file:

   Single Server Environment

   ProxyPass /cas ajp://<tomcat_server_host>:<ajp_port>/cas
   ProxyPassReverse /cas ajp://<tomcat_server_host>:<ajp_port>/cas
   ProxyPass /<sites_context_root> ajp://<tomcat_server_host>:<ajp_port>/<sites_context_root>
   ProxyPassReverse /<sites_context_root> ajp://<tomcat_server_host>:<ajp_port>/<sites_context_root>
   

   Multi Server Environment

   <Location /balancer-manager>
       SetHandler balancer-manager
       Order Deny,Allow
       Deny from none
       Allow from all 
   </Location>
   
   <Proxy balancer://cluster>
       BalancerMember ajp://<tomcat_server_host1>:<ajp_port1> loadfactor=1 route=<jvm_route1>
       BalancerMember ajp://<tomcat_server_host2>:<ajp_port2> loadfactor=1 route=<jvm_route2>
       ProxySet stickysession=JSESSIONID
   </Proxy>
   
   ProxyPass /cas balancer://cluster/cas
   ProxyPassReverse /cas balancer://cluster/cas
   ProxyPass /<sites_context_root> balancer://cluster/<sites_context_root>
   ProxyPassReverse /<sites_context_root> balancer://cluster/<sites_context_root>
   

   Note:

   In this example, the balancer-manager allows all access. For increased security you may want to modify the values of "Deny from" and "Allow from" using the Apache documentation as reference.

   If you will be installing the AVI Sports sample site, add timeout=180 at the end of each BalancerMember line.

3. Save the changes.

4. Verify the syntax of the httpd.conf file with the following command:

   <apache_home>/bin/apachectl -t

5. Restart the web server.