Tomcat5.5.x configuration finishing

http://www.eu.apache.org/dist/jakarta/tomcat-5/Http://www.apache.org/dist/jakarta/tomcat-5/v5.5.x/bin/jakarta-tomcat- 5.5.x-admin.ziphtp://www.apache.org/dist/jakarta/tomcat-5/v5.5.x/bin/jakarta-tomcat-5.5.x-compat.ziphttp: //www.apache. Org / dist / jakarta / tomcat-5 / v5.5.x / bin / jakarta-tomcat-5.5.x.ziphtp: //www.apache.org/dist/jakarta/tomcat-5/v5.5.x/ BIN / JAKARTA-TOMCAT-5.5.X-Deployer.zip put jakarta-tomcat-5.5.x.zip and jakarta-tomcat-5.5.x-compat.zip and jakarta-tomcat-5.5.x-admin.zip (Tomcat default There is no built-in admin station Tomcat's Administration Web Application IS No Longer Installed by Default. Download and Install The "admin" package to use it.) Is extracted below the same directory. For example: d: /jakarta-tomcat-5.5.x/ (if you use JDK1.4, you need to use the compat.zip to be free of this.)

2. Modify Jakarta-Tomcat-5.5.x / conf / tomcat-users.xml. Add administrator account lizongbo, password is lizongbopass. The new XML is as follows:

3. Modify Jakarta-Tomcat-5.5.x / conf / server.xml to resolve the code problem. (Add Uriencoding parameters to Connector, refer to http://blog.9cbs.net/darkxie/archive/2004/10/25/tomcatapp.aspx) (can be set to GB18030)

4. Enable support Gzip compression. (Http://www.linuxAid.com.cn/forum/showdoc.jsp?l=1&i=81169) Add the following property compression = "on" compressionminsize = "2048" NocompressionUserages = "Gozilla, Traviata "compressablemimetype =" text / html, text / xml "

5. Set the virtual host. Create a folder vhost / www.mydomain.com in Jakarta-Tomcat-5.5.x /. Then modify jakarta-tomcat-5.5.x / conf / server.xml

6. Add database driver, update mail.jar and actiovation.jar copy mysql-connector-java-3.0.16-ga-bin.jar, pg74.215.jdbc3.jar to Jakarta-Tomcat-5.5.x / common / lib / There is also a Mail.jar, JAF-1_0_2, JavaMail 1.3.2, Activation.jarmssql 2000 JDBC SP3, MSBase.jar, Msutil, Jar, MSSQLServer.jar7. Configuring SSL Reference http://jakarta.apache.org/tomcat/ Tomcat-5.5-DOC / SSL-HOWTO.HTMLD: /J2SDK1.4.2_06/bin>% ​​java_home% / bin / keytool -genkey -alias tomcat -keyalg RSA Enter keystore password: lizongbossl Your name is what is your name? [Tomcat5.5.x]: Tomcat5.5.x Your organizational unit name? [JAKARTA]: What is your organization name for JAKARTA? [Apache]: What is your city or region name? [Hzcity]: Hzcity What is your state or provincial name? [GDP]: What is the two-letter country code of GDP? [CN]: cncn = tomcat5.5.x, ou = jakarta, o = apache, l = hzcity, ST = GDP, c = CN correct? [No]: Y

Enter 's primary password (if you pass the keystore password, press Enter):

(The password must be consistent, so go directly to UserHome (eg,: c: / documents and settings / lizongbo /) to Tomcat's conf / directory. (For example: D: /jakarta-tomcat-5.5.x/conf/.keystore) Configure Jakarta-Tomcat-5.5.x / conf / server.xml plus 8. Prohibition of the file directory list, modify jakarta-tomcat-5.5.x / conf / web.xml, set the list into false

default org.apache.catalina.servlets.defaultServlet debug 0 listings true < / init-param> 1 9. Specify your own javaEncoding (refer to http://gceclub.sun.com.cn/staticContent/html/ SunOn / APP7 / APP7-DG-WebApp / CH6 / CH6-4.HTML)

jsp org.apache.jasper.servlet.jspservlet fork false javaEncoding gb18030 < / init-param> xpoweredby True 3 10. Add RAR, ISO, etc. MIME-TYPE mapping to avoid direct opening in your browser.

MHT text / x-mht RAR Application / OCTET-stream ISO application / ocTet-stream < / mime-maping> APE application / ocT-stream RMVB < / extension> Application / OCTET-stream ICO image / x-icon 10.1 Setting the HTML Static page Settings HTM < MIME-TYPE> TEXT / HTML; Charset = GB2312 HTML text / html; charSet = GB2312 11. Add Welcome-Fi Le-List, and adjust the order. index.jsp index.html index.htm < Welcome-file> default.html default.htm default.jsp

12. If your webapp needs only HTTPS way access, then in WebApp's Web.xml plus: Must https / lizongbo / * confidential Reference: http://jakarta.apache.org/tomcat/faq/security.html# httpshttp: //marc.theaimsgroup.com/?l = Tomcat-user & m = 104951559722619 & w = 213. Modify the command of the remote shutdown server. Server.xml has the following line: This allows anyone to enter "shutdown" as long as the Telnet is 8005 port, enter "shutdown", then enter the car, the server is turned off. From a secure perspective, we need to change this Shutdown directive to a string that is not easy to guess. For example, modifications are as follows: , this is only in telnet to 8006, and "lizongbo" can be turned off to close Tomcat. Note: This modification does not affect the execution of Shutdown.bat. You can turn off the server like running shutdown.bat. Reference: http://jakarta.apache.org/tomcat/faq/security.html#8005 You can refer to: http://www.cnjsp.org/document/User/tuman/valve.html

14. Configure the HTTP access log. Tomcat comes with recordable HTTP access logs have been detailed in detail the annotation below:

Then modified to: pattern =" combined "recorded log content, filedateformat =" yyyy-mm-mm-mm-mm-mm-mm-mm-mm-mm-mm-mm-mm-mm-mm-mm-mm-mm-mm-mm-mm-mm-mm-mm-mm-mm-mm-mm-mm-mm-mm-mm-mm-mm-mm-mm-mm-mm-mm-mm-mm-mm-mm-mm-mm-mm-mm-mm-mm-mm-mm-mm-mm-mm-mm-mm-mm-mm-mm-mm-mm-dd.hh " It is better, especially the website, the big visit, can consider writing FileDateFormat = "YYYY-MM-DD.HH.MM", it will be a log file per minute. And you can record your log details reference: http://jakarta.apache.org/tomcat/tomcat-5.5-doc/config/valve.htmlhttp: //jakarta.apache.org / Tomcat/tomcat-5.0-doc/config/logger.htmlhttp://jakarta.apache.org/tomcat/tomcat-5.0-doc/config/host.html#access logs can also be combined with AWSTATS to perform log statistical analysis : Http://www.chedong.com/tech/awstats.html

15. Restrict IP, limit host access, and so on. If you want to prohibit the specified IP or host name to reject some machine access, or specify some machines to access. Also supports ENGINE, HOST, OR Context, respectively, performs the following configuration: ... Reference: http: // jakarta. Apache.org/tomcat/tomcat-5.0-doc/config/context.html

16. Release WebApp to the website root directory 1. Copy directly to the root directory. 2. Because you can't create an unnamed XML file, the specified path in the XML file is also invalid (Tomcat relying on file name to judge), there must be a paragraph in Server.xml: and must delete the root directory, otherwise Tomcat is preferred to deploy the root directory as "/".

17. When restarting Tomcat's WebApp, it is forbidden to write the session into the file. Modify conf / web.xml cancel notes:

18. Enhance the generation algorithm and length of SessiIONID.

(The default is MD5, the length is 16 bits.)

19. Configuring the log: (http://jakarta.apache.org/tomcat/tomcat-5.5-doc/logging.html)

New log4j.properties in d: /jakarta-tomcat-5.5.8/common/classes/

Content: log4j.rootlogger = debug, r log4j.rapnder.r = org.apache.log4j.rollingFileAppender log4j.Appender.r.file = $ {catalina.home} /logs/tomcat5.5.log log4j.Appender.r. MaxFileSize = 10MB log4j.rapnder.r.maxbackupindex = 10 log4j.appender.r.Layout = Org.apache.log4j.patternLayout log4j.Appender.r.Layout.conversionPattern =% P% T% C -% M% N log4j. Logger.org.apache.catalina = debug, rlog4j.logger.org.apache.catalina.core.containerbase.catalina.localHost = debug, r log4j.logger.org.apache.catalina.core = debug, r log4j.logger. Org.apache.catalina.Session = debug, r Copy log4j-1.2.9.jar and commons-logging.jar to d: /jakarta-tomcat-5.5.8/common/lib20. Using Windows Domain Verification

http://jcifs.samba.org/src/docs/ntlmhttpauth.html