CCL Home Page
Up Directory CCL READMET1SB.txt
This is a log of my installation/Compilation of Apache DSO
with SSL, MM, and Tomcat 3.1 Beta 1 (source distribution) Solaris
SunOS heechee 5.7 Generic_106541-08 sun4u sparc SUNW,Ultra-250

You may want to read my FAQ on Tomcat 3.1 beta 1. since it will be
easier to follow this installation log. It is available at:
   http://www.ccl.net/cca/software/UNIX/apache/tomcat3.1b1-faq.html

This stuff if based on INSTALL file which comes with mod_ssl
and on the 
  http://www.servlets.com/soapbox/techtips/
  December 8, 1999
  "Install instructions for Apache 1.3.9 with Tomcat 3.0"
by Jason Hunter.  

If you are outside US, please look into INSTALL which comes
with mod_ssl, since you do not need RSAREF and can use more
robust code [your 8) and apache configure will be different].


2) Install Java 1.2 under Solaris if you do not have it.
   If you type
         java -version
   and it tells you that you have JDK 1.2, you are OK.
   If not you need to install. It is simple. You get a package
   from http://www.javasoft.com/:
      a) click on Products & APIs
      b) choose JAVA 2 SDK, Standard Edition
         http://www.javasoft.com/products/jdk/1.2/index.html
      c) take: Java 2 SDK SolarisTM Production Release (J2SE)
         [I really wonder whu Sun constantly changes names. It is
         some ill-advised marketing ploy which unfortunately wastes
         a lot of time of other people]. You need:

      d) You need essentially all files. I placed them in /usr/local/java
           393617 Feb  2 09:56 1.2.1_04_Developer-Guide.ps
            37347 Feb  2 09:56 1.2.1_04_Release-Notes.html
           274881 Feb  2 09:56 1.2.1_04_docs_sparc.tar.Z
         13287936 Feb  2 09:58 1.2.1_04_patches_sparc_5.5.1.tar
          4773888 Feb  2 09:58 1.2.1_04_patches_sparc_5.7.tar
            11592 Feb  2 09:58 README.sparc
         19826325 Feb  2 10:01 Solaris_JDK_1.2.1_04_sparc.bin

      e) Read the README.sparc and do what they say.
          i) chmod +x Solaris_JDK_1.2.1_04_sparc.bin
         ii) ./Solaris_JDK_1.2.1_04_sparc.bin
        iii) Move the old install directory of Java 2 (if exists):
                 mv /usr/java1.2 /usr/java1.2_previous

        iii) move the directory Solaris_JDK_1.2.1_04 just created to
             where you want it, and you better want it at /usr/java1.2
                mv Solaris_JDK_1.2.1_04 /usr/java1.2
         iv) Since my solaris is 2.7
               % uname -a
               SunOS heechee 5.7 Generic_106541-08 sun4u sparc SUNW,Ultra-250
             I used patches for it:
                tar xvf 1.2.1_04_patches_sparc_5.7.tar
             This created a directory ./5.7 with for tar.Z files in it
               284963 Oct 26 19:57 106980-05.tar.Z
              2660971 Oct 26 19:57 107078-10.tar.Z
              1308491 Oct 26 19:57 107607-01.tar.Z
               514653 Oct 26 19:57 107636-01.tar.Z
          v)  I unpacked each patch as:
                  gtar Zxvf 1xxxxxx-xx.tar.Z
              this creates a directory 1xxxxxx-xx for each patch
                  cd 1xxxxxx-xx
              and read  README.106980-05. Then run pkgadd
                    pkgadd -d . SUN*
               and answer yes.
      f) test if java installed corretly:

        java -version
        java version "1.2.1"
        Solaris VM (build Solaris_JDK_1.2.1_04, native threads, sunwjit)


   
4) Set your environment variables for Java (I am assuming you use
   some Bourne shell lookalike -- ksh or bash.

      JAVA_HOME=/usr/java1.2
      export JAVA_HOME
      PATH=/usr/local/bin:${JAVA_HOME}/bin:${PATH}
      export PATH
      CLASSPATH=${JAVA_HOME}/lib/tools.jar:${JAVA_HOME}/lib/dt.jar
      export CLASSPATH
      
5) Make top directory for Tomcat installation. I did
     /usr/local/apache_t3.1b1 but if you do some other, you
   need to remember to use it in the instructions below,
     mkdir /usr/local/apache_t3.1b1
     
6) I also make a subdirectory sources to have all needed sources
   in one place. 
     mkdir /usr/local/apache_t3.1b1/sources
     cd /usr/local/apache_t3.1b1/sources
   place there tar files, and then unpack them as shown below:

  a) apache_1.3.12.tar.gz from http://www.apache.org/dist/
     gtar zxvf apache_1.3.12.tar.gz

  b) mod_ssl-2.6.2-1.3.12.tar.gz from http://www.modssl.org
	gtar zxvf mod_ssl-2.6.2-1.3.12.tar.gz

  c) openssl-0.9.5.tar.gz from http://www.openssl.org
     gtar zxvf openssl-0.9.5.tar.gz

  d) mm-1.0.12.tar.gz from http://www.engelschall.com/sw/mm/
     gtar zxvf mm-1.0.12.tar.gz

  e) rsaref20.tar.Z -- it is no longer distributed, and I got it
     from my private museum. It is available from many places
     on the Web outside US. Search the Web FOR RSAREF 2.0.
       mkdir rsaref-2.0
       cd rsaref-2.0
       gtar Zxvf ../rsaref20.tar.Z
       cd ..

  f) tar.gz sources for tomcat 3.1 beta 1 from
    http://jakarta.apache.org/builds/tomcat/release/v3.1_beta_1/src
    jakarta-ant.tar.gz      
    jakarta-tomcat.tar.gz   
    jakarta-tools.tar.gz    
    jakarta-watchdog.tar.gz 

    I untarred them as:
        cd /usr/local/apache_t3.1b1/sources
        gtar zxvf jakarta-ant.tar.gz
        gtar zxvf jakarta-tomcat.tar.gz
        gtar zxvf jakarta-tools.tar.gz
        gtar zxvf jakarta-watchdog.tar.gz

7) Compiled RSAREF library for openssl since we are in US and RSA has
   a patent, and we cannot use the decent implementation of crypto
   libraries. If you are in Europe, you can skip this thing.
     cd /usr/local/apache_t3.1b1/sources/rsaref-2.0
     cp -rp install/unix local
     cd local
       edited makefile to have
         CC = gcc
	changed  all occurrances of cc --> $(CC)
       added -fPIC to CFLAGS
     make
     mv rsaref.a librsaref.a

8) Compiled the openssl [if you are in Europe, you need to
   check the mod_ssl INSTALL not to include RSAREF]

   cd /usr/local/apache_t3.1b1/sources/openssl-0.9.5
   sh config \
    -L/usr/local/apache_t3.1b1/sources/rsaref-2.0/local/rsaref -fPIC
   make
   make test

9) Compiled MM shared memory library
   cd /usr/local/apache_t3.1b1/sources/mm-1.0.12
   ./configure --disable-shared
   make
   cd ..

10) Configured  mod_ssl
   cd /usr/local/apache_t3.1b1/sources/mod_ssl-2.6.2-1.3.12
   EAPI_MM=../mm-1.0.12 \
     ./configure \
     --with-apache=/usr/local/apache_t3.1b1/sources/apache_1.3.12

11) Configure and make and install Apache with DSO support:
   cd /usr/local/apache_t3.1b1/sources/apache_1.3.12
   SSL_BASE=/usr/local/apache_t3.1b1/sources/openssl-0.9.5 \
   RSA_BASE=/usr/local/apache_t3.1b1/sources/rsaref-2.0/local \
   EAPI_MM=/usr/local/apache_t3.1b1/sources/mm-1.0.12 \
   ./configure --prefix=/usr/local/apache_t3.1b1 \
               --enable-module=so \
               --enable-rule=SHARED_CORE \
               --enable-module=most \
               --enable-shared=max \
               --enable-module=ssl \
               --enable-shared=ssl
   
   make
   make certificate TYPE=custom
   make install


   My entries for certificates with 
          make certificate TYPE=custom
   were defaults, no passwords, and:
    STEP 0: R
    STEP 2:
     1. Country Name              [XY]:US
     2. State or Province Name    [Snake Desert]:Ohio
     3. Locality Name             [Snake Town]:Columbus
     4. Organization Name         [Snake Oil, Ltd]:OSC
     5. Organizational Unit Name  [Cer..Authority]:Gateway
     6. Common Name               [Snake Oil CA]:heechee.ccl.net
     7. Email Address             [ca@snakeoil.dom]:jkl@ccl.net
     8. Certificate Validity      [365]:1000

    STEP 3: 3
    STEP 5:
     1. Country Name              [XY]:US
     2. State or Province Name    [Snake Desert]:Ohio
     3. Locality Name             [Snake Town]:Columbus 
     4. Organization Name         [Snake Oil, Ltd]:OSC
     5. Organizational Unit Name  [Webserver Team]:PSE
     6. Common Name               [www.snakeoil.dom]:heechee.ccl.net
     7. Email Address             [www@snakeoil.dom]:jkl@ccl.net
     8. Certificate Validity      [365]:1001
    STEP 6: 3
    STEP 7:n
    STEP 8:n

  After I created the certiricates, and did make install for apache
  I copied previous certificates, from my original install of Apache
  So I did not mess up people who already have the certificate for this
  machine.  My previous certificates where 
      /usr/local/apache_JServ1.1-SC99/conf
  And I did:
     cd /usr/local/apache_JServ1.1-SC99/conf

     gtar zcvf /usr/local/certificates.tar.gz ssl*
     cd  /usr/local/apache_t3.1b1/conf
     gtar zxvf /usr/local/certificates.tar.gz


12) edited a file in /usr/local/apache_t3.1b1/conf/httpd.conf and
    added (actually uncommented):
      ServerName heechee.ccl.net


13) Testing if Apache works:
    a) make sure other installation of apache is not running,
       or if it runs, it does not use port 80 and port 443.
       (do: ps -ef | grep httpd), and if httpd runs, kill it
       with its own apachectl script or just use 
          kill pid
       for each httpd running (do: ps -ef | grep httpd)
       
    b) start apache with:
       /usr/local/apache_t3.1b1/bin/apachectl startssl
       If you have warning, you have a problem, and try to
       do "exactly what I say" next time {:-)}.

    c) Use your browser (preferable on some other machine)
       and check if http: and https: work
       In my case, I tries URLs:
         http://heechee.ccl.net/
       and
         https://heechee.ccl.net/
       In the https case you should get a lot of windows
       which ask you for accepting the certificate.
       Just click Next to see if you can go through to the
       page.

    d) Stop apache, since you are not finshed yet.
       /usr/local/apache_t3.1b1/bin/apachectl stop

14) Compiled mod_jserv.so included in jakarta-tomcat zip archive.

    cd /usr/local/apache_t3.1b1/sources
    cd jakarta-tomcat/src/native/apache/jserv
    emacs jserv_ajpv12.c

    First, I added a correction from tomcat-dev@jakarta.apache.org list:
       In jserv_ajpv12.c in function original_uri(request_rec *r)
    the line :
       while (*last && !ap_isspace(*last)) {
    needs to be changed to
       while (*last && !ap_isspace(*last) && *last != '?') {


    cd /usr/local/apache_t3.1b1/sources
    cd jakarta-tomcat/src/native/apache/jserv
    /usr/local/apache_t3.1b1/bin/apxs -c mod_jserv.c jserv*.c 
    cp mod_jserv.so /usr/local/apache_t3.1b1/libexec
    

15) Building and installing tomcat

      cd /usr/local/apache_t3.1b1/sources/jakarta-ant
      ./bootstrap.sh
      ./build.sh
      PATH=${PATH}:/usr/local/apache_t3.1b1/sources/jakarta-ant/bin
      export PATH
      ANT_HOME=/usr/local/apache_t3.1b1/sources/jakarta-ant
      export ANT_HOME
      cd /usr/local/apache_t3.1b1/sources/jakarta-tomcat
      ./build.sh

16) Starting stand alone tomcat and testing:

    cd /usr/local/apache_t3.1b1/sources/build/tomcat/bin

    edited startup.sh to be:
-------------------- cut start --------------
#!/bin/sh
# original comments which where there 

JAVA_HOME=/usr/java1.2
export JAVA_HOME
PATH=/usr/local/bin:${JAVA_HOME}/bin:${PATH}
PATH=${PATH}:/usr/local/apache_t3.1b1/sources/build/tomcat/bin
export PATH
CLASSPATH=${JAVA_HOME}/lib/tools.jar:${JAVA_HOME}/lib/dt.jar
export CLASSPATH

BASEDIR=/usr/local/apache_t3.1b1/sources/build/tomcat/bin
export BASEDIR

$BASEDIR/tomcat.sh start "$@"
-------------------- cut end --------------

    edited shutdown.sh to be:

-------------------- cut start --------------
#!/bin/sh
# original comments which where there 

JAVA_HOME=/usr/java1.2
export JAVA_HOME
PATH=/usr/local/bin:${JAVA_HOME}/bin:${PATH}
PATH=${PATH}:/usr/local/apache_t3.1b1/sources/build/tomcat/bin
export PATH
CLASSPATH=${JAVA_HOME}/lib/tools.jar:${JAVA_HOME}/lib/dt.jar
export CLASSPATH
BASEDIR=/usr/local/apache_t3.1b1/sources/build/tomcat/bin
export BASEDIR

$BASEDIR/tomcat.sh stop "$@"
-------------------- cut end --------------

    Then I did: 

      ./startup.sh
      
    In my browser I called:
      http://heechee.ccl.net:8080/
    and it gave me the Tomcat examples page. Examples worked, so I shut down.


      ./shutdown.sh


17) Added tomcat.conf to httpd.conf by adding a line:
     Include /usr/local/apache_t3.1b1/sources/build/tomcat/conf/tomcat.conf
    at the end of /usr/local/apache_t3.1b1/conf/httpd.conf


18) In /usr/local/apache_t3.1b1/bin
    cp apachectl apache-tomcat
    and edited apache-tomcat to have a script to start/stop tomcat/apache
    
      a) At the beginning, just after "END CONFIGURATION SECTION" I added:

         TOMCAT_HOME=/usr/local/apache_t3.1b1/sources/build/tomcat
         export TOMCAT_HOME
         JAVA_HOME=/usr/java1.2
         export JAVA_HOME
         PATH=$JAVA_HOME/bin:${PATH}
         export PATH

      b) under case startssl added 2 lines after: if $HTTPD -DSSL; then

           cd $TOMCAT_HOME/bin
          ./startup.sh
         

      c) under case stop added 2 lines after:  if kill $PID ; then

           cd $TOMCAT_HOME/bin
          ./shutdown.sh

      d) changed apache-tomcat to executable :
          chmod 755 /usr/local/apache_t3.1b1/bin/apache-tomcat

19) Started the apache/tomcat as:
       /usr/local/apache_t3.1b1/bin/apache-tomcat startssl

    and checked if http://heechee.ccl.net/examples and
    https://heechee.ccl.net/examples worked. They did, so I killed the
    server with:
	/usr/local/apache_t3.1b1/bin/apache-tomcat stop

20) changed permissions/ownership on the example directories
    cd /usr/local/apache_t3.1b1/sources/build/tomcat/webapps
    chown -R root .
    chgrp -R www .
    chmod -R g+w .
    find . -type d -exec chmod g+s {} \;
    cd /usr/local/apache_t3.1b1/sources/build/tomcat/logs
    chown -R  nobody .
    chmod -R g+w .


21) Changed ports. Since we have the previous (3.1M1) version of apache/tomcat
    running, I had to change ports in this version not to collide with the
    other installation:

                    Orig       New     Files affected
    http(apache) --> 80   --> 9080  conf/httpd.conf

    https        --> 443  --> 9443  conf/httpd.conf

    http(tomcat) --> 8080 --> 9090  sources/build/tomcat/conf/server.xml
                                    sources/build/tomcat/conf/test-tomcat.xml

    tomcat/jserv --> 8007 --> 9007  sources/build/tomcat/conf/tomcat.conf
                                    sources/build/tomcat/conf/tomcat.properties
                                    sources/build/tomcat/conf/server.xml


22) After tomcat/apache is installed, the default configuration of
    mod_jserv.c and mod_rewrite_c is wrong, since mod_jserv follows
    mod_rewrite (for details look up: 
        http://www.magiccookie.com/computers/apache-jserv/
    To fix it I put mod_serv before mod_rewrite in 

       LoadModule jserv_module libexec/mod_jserv.so
       LoadModule rewrite_module     libexec/mod_rewrite.so

    and

      AddModule mod_jserv.c
      AddModule mod_rewrite.c

    and commented out the line
       # LoadModule jserv_module libexec/mod_jserv.so
    in /usr/local/apache_t3.1b1/sources/build/tomcat/conf/tomcat.conf

23) Adding other tomcat "web applications" beside "examples"
    so they can also be access via Apache Web server.
    /usr/local/apache_t3.1b1/sources/build/tomcat/webapps/ROOT
    /usr/local/apache_t3.1b1/sources/build/tomcat/webapps/test
    /usr/local/apache_t3.1b1/sources/build/tomcat/webapps/admin
    Note, I also provide for the Basic Authentication in both
    http and https. If you want to be picky, you need to disable
    the Basic Authentication on the http port since it is profoundly unsafe.
    To mount the original Tomcat directories I added following lines to:
     /usr/local/apache_t3.1b1/sources/build/tomcat/conf/tomcat.conf 

       ApJServMount /docs /root
       
       <Location /docs>
       AuthType Basic
       AuthName "For internal users only"
       AuthUserFile /usr/local/apache/auth/htpasswd
       AuthGroupFile /usr/local/apache/auth/htgroup
       AuthType Basic
       
       <Limit GET POST>
       require group demo
       </Limit>
       </Location>
       
       
       ApJServMount /test /root
       
       <Location /test>
       AuthType Basic
       AuthName "For internal users only"
       AuthUserFile /usr/local/apache/auth/htpasswd
       AuthGroupFile /usr/local/apache/auth/htgroup
       AuthType Basic
       
       <Limit GET POST>
       require group demo
       </Limit>
       </Location>
       
       ApJServMount /admin /root
       
       <Location /admin>
       AuthType Basic
       AuthName "For internal users only"
       AuthUserFile /usr/local/apache/auth/htpasswd
       AuthGroupFile /usr/local/apache/auth/htgroup
       AuthType Basic
       
       <Limit GET POST>
       require group demo
       </Limit>
       </Location>
       
    In /usr/local/apache_t3.1b1/sources/build/tomcat/conf/server.xml added:

       <Context path="/docs" docBase="webapps/ROOT" debug="0" reloadable="true" >
       </Context>

       <Context path="/admin" docBase="webapps/admin" debug="0" reloadable="true" >
       </Context>

    (note, I left the entry:
      <Context path="" docBase="webapps/ROOT" debug="0" reloadable="true" >
      </Context>

     unchanged, since it corresponds to a TOP directory of Tomcat).

    Unfortunately, this messed up the links in the original tomcat examples
    when viewed via Apache port (9080). It is because in Tomcat the URL
    to top directory / corresponds to the real directory:
      /usr/local/apache_t3.1b1/sources/build/tomcat/webapps
    while in Apache it corresponds to 
      /usr/local/apache_t3.1b1/htdocs
    Moreover, the /docs in apache corresponds to / in tomcat.

    I cleaned it up by adding following contexts
       ApJServMount /docs/examples /root
       ApJServMount /docs/test /root
       ApJServMount /docs/admin /root
    to /usr/local/apache_t3.1b1/sources/build/tomcat/conf/tomcat.conf
    and adding them to
        /usr/local/apache_t3.1b1/sources/build/tomcat/conf/server.xml
    as:

      <Context path="/docs/examples" docBase="webapps/examples" debug="0" reloadable="true" >
      </Context>
      <Context path="/docs/admin" docBase="webapps/admin" debug="0" reloadable="true" >
      </Context>
      <Context path="/docs/test" docBase="webapps/test" debug="0" reloadable="true" >
      </Context>



24) To deal with docs/examples --> /examples problem I also tried to use
    rewrite modules of apache. I have put the following lines into
       /usr/local/apache_t3.1b1/sources/build/tomcat/conf/tomcat.conf

    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteRule ^/docs/examples /examples [R]
    RewriteRule ^/docs/test /test [R]
    RewriteRule ^/docs/admin /admin [R]
    RewriteRule ^/tomcat.gif /docs/tomcat.gif [R]
    </IfModule>

    Worked perfectly!!! Note, if you do not put mod_jserv before mod_rewrite
    in module activation section of httpd.conf, the stuff will not work!!!

25) Created a script "servlet3.1b1" to compile servlets and placed it
    in /usr/local/bin directory. The script is:
============== cut ===========
#!/bin/sh

# compiling servlets for Tomcat 3.1 beta 1 installation path

JAVA_HOME=/usr/java1.2
export JAVA_HOME
TOMCAT_HOME=/usr/local/apache_t3.1b1/sources/build/tomcat
export TOMCAT_HOME
PATH=/usr/bin:${JAVA_HOME}/bin:/usr/local/bin:
export PATH
CLASSPATH=${JAVA_HOME}/lib/tools.jar:${JAVA_HOME}/lib/dt.jar:${TOMCAT_HOME}/classes
export CLASSPATH
javac $1
============== cut ===========

    To run it, you should cd to the directory where you have your servlet
    source, and then execute: 
       servlet3.1b1 MyNiceServlet.java
    You can also add more options to the the java compiler (javac) but you
    need to enclose it in quotes. For example, to have more output you can do:
       servlet3.1b1 "-verbose MyNiceServlet.java"


26) I created a skeleton of the web application called SciPortal
    and mounted it as SciPortal under Apache DocumentRoot. My $APACHE_HOME
    is /usr/local/apache_t3.1b1. I created directory SciPortal under 
    $APACHE_HOME/htdocs:
        cd /usr/local/apache_t3.1b1/htdocs
        mkdir SciPortal
        cd SciPortal
        mkdir WEB-INF
        mkdir WEB-INF/classes
        mkdir WEB-INF/lib
    I created a dummy web.xml under WEB-INF:
================== cut here ===============
<?xml version="1.0" encoding="ISO-8859-1"?>

<!DOCTYPE web-app
     PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.2//EN"
    "http://java.sun.com/j2ee/dtds/web-app_2.2.dtd">

<web-app>
</web-app>
================ cut here ====================


    I then added the following to the
     /usr/local/apache_t3.1b1/sources/build/tomcat/conf/tomcat.conf file:

        ApJServMount /SciPortal /root
        <Location /SciPortal>
        AuthType Basic
        AuthName "For internal users only"
        AuthUserFile /usr/local/apache/auth/htpasswd
        AuthGroupFile /usr/local/apache/auth/htgroup
        AuthType Basic

        <Limit GET POST>
        require group demo
        </Limit>
        </Location>
    
    This tells Apache that the requests to directory:
        /usr/local/apache_t3.1b1/htdocs/SciPortal
    (i.e., URLs location http://heechee.ccl.net:9080/SciPortal) should be
    redirected to Tomcat for processing, and that Basic Authentication
    needs be done for group defined in /usr/local/apache/auth/htgroup
    whose id/password pairs are stored in /usr/local/apache/auth/htpasswd.
    The Authentication Realm is "For internal users only".

    I also needed to tell Tomcat that we have a new Web application.
    I edited file:
      /usr/local/apache_t3.1b1/sources/build/tomcat/conf/server.xml
    and added there a piece like this:
      <Context path="/SciPortal"
       docBase="/usr/local/apache_t3.1b1/htdocs/SciPortal" debug="0"
       reloadable="true" >
      </Context>

    I then restarted apache/Tomcat as described in  19.

27) In the top directory of my web application, SciPortal,  i.e.,
         /usr/local/apache_t3.1b1/htdocs/SciPortal
    I placed a simple JSP page (junk.jsp to be precise) to test if
    the stuff mounts correctly:
=============
<HTML>
<% String user = request.getRemoteUser();
if(user == null) user = "Sorry, Basic Authentication does not work"; %>
<HEAD><TITLE>Test JSP for <%= user %></TITLE></HEAD>
<BODY>
<H1>Hello <FONT COLOR="red"><%= user %>!</H1>
</BODY>
</HTML>
=============

    It worked!!! What a relief...

    The top directory is a place to put all the images,
    *.jsp, *.css, and *.html files.
    The classes for servlets, beans, utilities,  should be placed under 
     /usr/local/apache_t3.1b1/htdocs/SciPortal/WEB-INF/classes
    For testing, I first put there a  HellowWorldExample.java (copied, but
    then altered substantially from the tomcat distribution:
======================== Cut here ========================
/* $Id: HelloWorldExample.java,v 1.1.1.1 1999/10/09 00:19:59 duncan Exp $
 *  Modifed by jkl
 */

import java.io.*;
import java.text.*;
import java.util.*;
import javax.servlet.*;
import javax.servlet.http.*;

/**
 * The simplest possible servlet.
 *
 * @author James Duncan Davidson
 */

public class HelloWorldExample extends HttpServlet {


    public void doGet(HttpServletRequest request,
                      HttpServletResponse response)
        throws IOException, ServletException
    {
        response.setContentType("text/html");
        PrintWriter out = response.getWriter();

        out.println("<html>");
        out.println("<head>");

        String title = request.getRemoteUser();

        out.println("<title>" + title + "</title>");
        out.println("</head>");
        out.println("<body bgcolor=\"yellow\">");
        out.println("<H1>Hello " + title + "</H1>");
        out.println("</body>");
        out.println("</html>");

    }
}

======================== Cut here ========================


    I compiled this thing with my fancy compilation script as:
      servlet3.1b1 HelloWorldExample.java
    and then checked if it worked by doing the URL
       https://heechee.ccl.net:9443/SciPortal/servlet/HelloWorldExample
    Worked again.
    Then I tried to remap the servlet to something else to find out
    if my <TT>/usr/local/apache_t3.1b1/htdocs/SciPortal/WEB-INF/web.xml</TT>
    was working.

-------------- cut here -----------
<?xml version="1.0" encoding="ISO-8859-1"?>

<!DOCTYPE web-app
     PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.2//EN"
    "http://java.sun.com/j2ee/dtds/web-app_2.2.dtd">

<web-app>
  <servlet>
    <servlet-name>Hello</servlet-name>
    <servlet-class>HelloWorldExample</servlet-class>
  </servlet>
  <servlet-mapping>
    <servlet-name>Hello</servlet-name>
    <url-pattern>/Hi</url-pattern>
  </servlet-mapping>
</web-app>
-------------- cut here -----------

   I restarted the Apache as:
   
	/usr/local/apache_t3.1b1/bin/apache-tomcat stop
	/usr/local/apache_t3.1b1/bin/apache-tomcat startssl

   and tried:
       https://heechee.ccl.net:9443/SciPortal/Hi
   Worked like CHARMM. 

   Of course, them same servlet used with the Tomcat web server on 9090
   displayed: Hello null, since Tomcat was not doing any authentication.


28) Since this web site will only work with HTTPS and Basic Authentication
    it was time to disable Tomcat port 9090, and the 9080 HTTP port of
    Apache. The Tomcat server is easy to disable. In the 
     /usr/local/apache_t3.1b1/sources/build/tomcat/conf/server.xml
    I commented out the Connector as:

<!--
      <Connector
          className="org.apache.tomcat.service.SimpleTcpConnector">
        <Parameter name="handler"
           value="org.apache.tomcat.service.http.HttpConnectionHandler"/>
        <Parameter name="port" value="9090"/>
      </Connector>
-->

   and then restated Apache/Tomcat as:

        /usr/local/apache_t3.1b1/bin/apache-tomcat stop
        /usr/local/apache_t3.1b1/bin/apache-tomcat startssl

   checked with the browser: 
        http://heechee.ccl.net:9090/SciPortal/Hi
   and the port was indeed dead.

   Then I was messing up the 
      /usr/local/apache_t3.1b1/conf/httpd.conf

   To block the connections on the 9080 port carrying the plain HTTP
   unencrypted traffic I commented the following lines in the body 
   of httpd.conf:
        # Port 9080
   and
        # Listen 9080
   (but I left Listen 9443).
   Then I restarted the server and tried
     http://heechee.ccl.net/SciPortal/Hi
     http://heechee.ccl.net:9090/SciPortal/Hi
     http://heechee.ccl.net:9080/SciPortal/Hi
     http://heechee.ccl.net:9443/SciPortal/Hi
     https://heechee.ccl.net:9443/SciPortal/Hi
   Only the last one worked, the rest was refused. 

29) The last chores I did at this stage (i.e., before installing
    the real contents), was to change the UserId and GroupId which
    runs the Apache Server. The server will be running not as nobody
    (default setting), but as user webrun and group webrun.
    The webrun is a real userid to which  developers have access.
    The webrun group contains only user webrun. I change all files
    in /usr/local/apache_t3.1b1/logs to webrun.webrun and edited the
    httpd.conf and set
        User webrun
        Group webrun

Modified: Mon Apr 3 00:14:34 2000 GMT
Page accessed 14952 times since Mon Apr 3 03:12:29 2000 GMT