組件介紹
[root@centos7 tomcat
]# ss -lnt
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:111 *:*
LISTEN 0 5 192.168.122.1:53 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 128 127.0.0.1:631 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 :::111 :::*
LISTEN 0 100 :::8080 :::*
LISTEN 0 128 :::22 :::*
LISTEN 0 128 ::1:631 :::*
LISTEN 0 100 ::1:25 :::*
LISTEN 0 1 ::ffff:127.0.0.1:8005 srever 自身監(jiān)聽的端口 對server而言 :::*
LISTEN 0 100 :::8009 :::*
[root@centos7 tomcat]# telnet 127.0.0.1 8005
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
SHUTDOWN 關(guān)閉server建議吧命令改掉
Connection closed by foreign host.
[root@centos7 tomcat]# ss -lnt
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:111 *:*
LISTEN 0 5 192.168.122.1:53 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 128 127.0.0.1:631 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 :::111 :::*
LISTEN 0 128 :::22 :::*
LISTEN 0 128 ::1:631 :::*
LISTEN 0 100 ::1:25 :::*
更改配置文件/etc/tomcat
<?xml version='1.0' encoding='utf-8'?>
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
contributor license agreements. See the NOTICE file distributed with
this work for additional information regarding copyright ownership.
The ASF licenses this file to You under the Apache License, Version 2.0
(the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<!-- Note: A "Server" is not itself a "Container", so you may not
define subcomponents such as "Valves" at this level.
Documentation at /docs/config/server.html
-->
<Server port="8005" shutdown="472e6841c2945c0755a7002620ecee95522adf1e"> #更改命令為20位的隨機數(shù)字
<Listener className="org.apache.catalina.startup.VersionLoggerListener" />
<!-- Security listener. Documentation at /docs/config/listeners.html
<Listener className="org.apache.catalina.security.SecurityListener" />
-->監(jiān)聽
<!--APR library loader. Documentation at /docs/apr.html -->
<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
<!--Initialize Jasper prior to webapps are loaded. Documentation at /docs/jasper-howto.html -->
<Listener className="org.apache.catalina.core.JasperListener" />
<!-- Prevent memory leaks due to use of particular java/javax APIs-->
<Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
<Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
<Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
<!-- Global JNDI resources 全局名稱資源此字段告訴我們到哪里獲取用戶賬戶及名稱解析機制的
Documentation at /docs/jndi-resources-howto.html
-->
<GlobalNamingResources>
<!-- Editable user database that can also be used by
UserDatabaseRealm to authenticate users
-->
<Resource name="UserDatabase" auth="Container" #name定義用戶數(shù)據(jù)庫的 auth基于容器做認證
type="org.apache.catalina.UserDatabase" 定義的類
description="User database that can be updated and saved"
factory="org.apache.catalina.users.MemoryUserDatabaseFactory" 實現(xiàn)將文件內(nèi)容保存于內(nèi)存中
pathname="conf/tomcat-users.xml" /> 通過web訪問manager的時候需要用戶認證就是通過此文件來定義的
</GlobalNamingResources>
<!-- A "Service" is a collection of one or more "Connectors" that share
a single "Container" Note: A "Service" is not itself a "Container",
so you may not define subcomponents such as "Valves" at this level.
Documentation at /docs/config/service.html
-->
<Service name="Catalina">
<!--The connectors can use a shared executor, you can define one or more named thread pools-->
<!--
<Executor name="tomcatThreadPool" namePrefix="catalina-exec-"
maxThreads="150" minSpareThreads="4"/>
-->
<!-- A "Connector" represents an endpoint by which requests are received
and responses are returned. Documentation at :
Java HTTP Connector: /docs/config/http.html (blocking & non-blocking)
Java AJP Connector: /docs/config/ajp.html
APR (HTTP/AJP) Connector: /docs/apr.html
Define a non-SSL HTTP/1.1 Connector on port 8080
-->
<Connector port="8080" protocol="HTTP/1.1" 定義連接器實現(xiàn)的類如果是http1.0或http1.1協(xié)議版本的就是http的連接器壹置;另外他還支持ajp的 port定義連接的端口
connectionTimeout="20000" 超時時長 maxThreads=#定義最大并發(fā)連接數(shù) minSpareThreads=# 最小空閑連接數(shù)
redirectPort="8443" /> 如果用戶通過ssl重定向的話剩愧,重定向的端口
<!-- A "Connector" using the shared thread pool-->
<!--
<Connector executor="tomcatThreadPool" 連接器的配置
port="8080" protocol="HTTP/1.1" port定義監(jiān)聽的端口 protocol指定協(xié)議
connectionTimeout="20000"
redirectPort="8443" />
-->
<!-- Define a SSL HTTP/1.1 Connector on port 8443
This connector uses the BIO implementation that requires the JSSE
style configuration. When using the APR/native implementation, the
OpenSSL style configuration is required as described in the APR/native
documentation --># 此項定義是否啟用ssl會話功能
<!--
<Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol"
maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" />
-->
<!-- Define an AJP 1.3 Connector on port 8009 -->
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" /> #定義ajp協(xié)議的監(jiān)聽的端口
<!-- An Engine represents the entry point (within Catalina) that processes
every request. The Engine implementation for Tomcat stand alone
analyzes the HTTP headers included with the request, and passes them
on to the appropriate Host (virtual host).
Documentation at /docs/config/engine.html -->
<!-- You should set jvmRoute to support load-balancing via AJP ie :
<Engine name="Catalina" defaultHost="localhost" jvmRoute="jvm1">
-->
<Engine name="Catalina" defaultHost="localhost"> 如果用戶訪問的是不存的主機 默認主機
<!--For clustering, please take a look at documentation at:
/docs/cluster-howto.html (simple how to)
/docs/config/cluster.html (reference documentation) -->
<!--
<Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/>
-->
<!-- Use the LockOutRealm to prevent attempts to guess user passwords
via a brute-force attack -->
<Realm className="org.apache.catalina.realm.LockOutRealm">
<!-- This Realm uses the UserDatabase configured in the global JNDI
resources under the key "UserDatabase". Any edits
that are performed against this UserDatabase are immediately
available for use by the Realm. -->
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
resourceName="UserDatabase"/> #調(diào)用UserDatabase完成認證
</Realm>
<Host name="localhost" appBase="webapps" localhost默認主機 appBase 定義網(wǎng)站根路徑
unpackWARs="true" autoDeploy="true"> unpacKWARs如果是壓縮文件是否自動打開true表示做自動展開 autoDeploy 是否給你自動true自動部署
<!-- SingleSignOn valve, share authentication between web applications
Documentation at: /docs/config/valve.html -->
<!--
<Valve className="org.apache.catalina.authenticator.SingleSignOn" />
-->
<!-- Access log processes all example.
Documentation at: /docs/config/valve.html
Note: The pattern used is equivalent to using pattern="common" -->
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="localhost_access_log." suffix=".txt"
pattern="%h %l %u %t "%r" %s %b" />
</Host>
<Host name="www.chenxi.com" 定義的主機名 appBase="/data/webapps" 網(wǎng)頁文件根目錄
unpackWARs="true" autoDeploy="true">
</Host> 自定義一個主機
</Engine>
</Service>
</Server>
保存退出后重啟;因為添加虛擬主機
systemctl restart tomcat 如果只是更應(yīng)用程序不需要重啟挡逼,因為支持熱部署影暴,
mkdir /data/webapps -p 創(chuàng)建目錄
cd /data/webapps/
mkdir ROOT/{classes,lib,WEB-INF,META-INF} 創(chuàng)建自目錄
[root@centos7 ROOT]# vim index.jsp 創(chuàng)建測試頁
<%@ page language="java" %>
<html>
<head><title>TomcatA</title></head>
<body>
<h1><font color="red">TomcatA.magedu.com</font></h1>
<table align="centre" border="1">
<tr>
<td>Session ID</td>
<% session.setAttribute("magedu.com","magedu.com"); %>
<td><%= session.getId() %></td>
</tr>
<tr>
<td>Created on</td>
<td><%= session.getCreationTime() %></td>
</tr>
</table>
</body>
</html>
~
~
"index.jsp" 18L, 506C
進入tomcat的請求可分為兩類:
(1) standalone : 請求來自于客戶端瀏覽器错邦;
(2) 由其它的web server反代:來自前端的反代服務(wù)器;
nginx --> http connector --> tomcat
httpd(proxy_http_module) --> http connector --> tomcat
httpd(proxy_ajp_module) --> ajp connector --> tomcat
httpd(mod_jk) --> ajp connector --> tomcat
屬性:
port="8080"
protocol="HTTP/1.1"
connectionTimeout="20000"
address:監(jiān)聽的IP地址型宙;默認為本機所有可用地址撬呢;
maxThreads:最大并發(fā)連接數(shù),默認為200早歇;
enableLookups:是否啟用DNS查詢功能倾芝;
acceptCount:等待隊列的最大長度;
secure:
sslProtocol:
客戶端測試
C:\Windows\System32\drivers\etc\host 編輯
測試
編輯 tomcat-users.xml
vim tomcat-users.xml
<?xml version='1.0' encoding='utf-8'?>
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
contributor license agreements. See the NOTICE file distributed with
this work for additional information regarding copyright ownership.
The ASF licenses this file to You under the Apache License, Version 2.0
(the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<tomcat-users>
<!--
NOTE: By default, no user is included in the "manager-gui" role required
to operate the "/manager/html" web application. If you wish to use this app,
you must define such a user - the username and password are arbitrary. It is
strongly recommended that you do NOT use one of the users in the commented out
section below since they are intended for use with the examples web
application.
-->
<!--
NOTE: The sample user and role entries below are intended for use with the
examples web application. They are wrapped in a comment and thus are ignored
when reading this file. If you wish to configure these users for use with the
examples web application, do not forget to remove the <!.. ..> that surrounds
them. You will also need to set the passwords to something appropriate.
-->
<!--
<role rolename="tomcat"/>
<role rolename="role1"/>
<user username="tomcat" password="<must-be-changed>" roles="tomcat"/>
<user username="both" password="<must-be-changed>" roles="tomcat,role1"/>
<user username="role1" password="<must-be-changed>" roles="role1"/>
-->
<role rolename="manager-gui"/> 定義一個組
<role rolename="admin"/> 定義另一個組
<user name="chenxi" password="123.com" roles="manager-gui,admin"/> 定義一個用戶綁定兩個組
<!-- <role rolename="admin"/> -->
<!-- <role rolename="admin-gui"/> -->
<!-- <role rolename="admin-script"/> -->
<!-- <role rolename="manager"/> -->
<!-- <role rolename="manager-gui"/> -->
<!-- <role rolename="manager-script"/> -->
<!-- <role rolename="manager-jmx"/> -->
<!-- <role rolename="manager-status"/> -->
<!-- <user name="admin" password="adminadmin" roles="admin,manager,admin-gui,admin-script,manager-gui,manager-script,mana
ger-jmx,manager-status" /> --></tomcat-users>
提示輸入用戶及密碼 用戶就是chenxi上面文件中定義的箭跳,密碼123.com
輸入用戶名及密碼之后登陸
[root@centos7 /]# cd data/
[root@centos7 data]# mkdri chenxi/webapps/{classes,lib,WEB-INF,META-INF}
[root@centos7 data]# cd chenxi/webapps/ROOT/
[root@centos7 ROOT]# vi index.jsp
<%@ page language="java" %>
<html>
<head><title>TomcatB</title></head>
<body>
<h1><font color="blue">TomcatB.magedu.com</font></h1>
<table align="centre" border="1">
<tr>
<td>Session ID</td>
<% session.setAttribute("magedu.com","magedu.com"); %>
<td><%= session.getId() %></td>
</tr>
<tr>
<td>Created on</td>
<td><%= session.getCreationTime() %></td>
</tr>
</table>
</body>
</html>
定義主機并點擊ads
定義winds的host主機
客戶機測試
臨時停止應(yīng)用程序
image.png
有點小奇怪居然調(diào)到主頁年
啟動應(yīng)用程序
客戶端測試
