Tomcat installation

The Yttrium web application needs a web server that implements the Servlet 2.4 and JSP 2.0 specifications. Tomcat is such a webserver.

In this section specific updates of this server are highlighted.

SECURITY PROPERTIES

When starting you web server, take care that you give it enough memory. Also do not forget to set the security property used by JAAS' login module:

 -Djava.security.auth.login.config=/home/jw/yttrium/security.properties -Xmx640m -XX:MaxPermSize=128m

The login module security.properties should look like:

security.jaas.rdbms {
        be.m8n.security.jaas.rdbms.RdbmsLoginModule required driver="org.gjt.mm.mysql.Driver" url="jdbc:mysql://localhost/jaas?user=root&password=moonmoon" debug="true";
};

security.jaas.hibernate {
        be.m8n.hibernate.jaas.HibernateLoginModule required driver="org.gjt.mm.mysql.Driver" url="jdbc:mysql://localhost/yttrium?user=m8n&password=M00nmoon" debug="true";
};

Is this really needed? I believe it is not.

SSL

You must create an SSL connector. This is required to enable the https protocol. Since we are using the Java 2 Platform, Edition 5.0, no extra libraries need to be downloaded.

You must create a JKS keystore:

keytool -genkey -alias tomcat -keyalg RSA

Using the keytool you'll have to enter a password, then define the enity and end with the aliases password, for example 'secret'.

In the conf/server.xml of your Tomcat server you must add (or update) a new connector:

<Connector port="8443" maxHttpHeaderSize="8192"
           maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
           enableLookups="false" disableUploadTimeout="true"
           acceptCount="100" scheme="https" secure="true"
           clientAuth="false" sslProtocol="TLS"  
           keystorePass="secret"/>

Do not forget to set the password value to the correct one! This example uses the 8443 port for the https. Currently you'll have to set the these parameters in the web.xml:

    <!-- The http and https ports used by the http/https switch tag -->
    <context-param>
        <param-name>http-port</param-name>
        <param-value>8080</param-value>
    </context-param>
    <context-param>
        <param-name>https-port</param-name>
        <param-value>8443</param-value>
    </context-param>

(Re)Start the server and check if the https connection works.

For more information on SSL on Tomcat look at the Tomcat howto.