How do I run Apache (httpd) and Tomcat together? - web-services

I recently got projects that runs on Struts and I am expecting more JSP coming ahead.
After googling the question, I was led to blogs of people who tried to do the same. Those blogs weren't exactly a step by step procedure of how they did it but more like a reference in case they
need to do something the same in the future. In some cases, the author didn't exactly say if he
was successful in his attempt to run both aforementioned services together.
Unfortunately, I can't follow their "instructions" as I have plenty of PHP projects
configured (upload directories, classpaths etc...) to run on my test server and I don't have the luxury of time to reconfigure them all
in case I mess up with the httpd server. And for honesty's sake, I haven't tried a single step on running them together for the same reason of being hesitant to update configuration files.
I'm not sure if this adds to the complexity but I am running both services thru xampp (with tomcat being a xampp add-on) for portability purposes.
I know that I can just stop my Apache service whenever I am working on JSP but hey this
is an oppurtunity to try something new and I just can't let it slip. Further, it would really be
convenient for both services to just run automatically on startup which would really increase
my productivity as I won't have to manually switch between services when needed.
Hope there's someone on SO who rode the same boat.
edit:
Tomcat Version is 6.0.20
Httpd Version is 2.2.14

Have Tomcat listen on a port other than 80
Follow a guide to set up mod_proxy to redirect requests for a certain location to Tomcat, such as this one.
If you're really just testing, skip the second step and just access the server via a different port for Tomcat.
edit: See also http://httpd.apache.org/docs/2.2/mod/mod_proxy_ajp.html on setting up mod_proxy_ajp.

You neglected to mention what version of Tomcat you're using and you also didn't mention whether you actually looked at the Tomcat documentation to answer the question.
I'd suggest starting here: http://tomcat.apache.org/connectors-doc/webserver_howto/apache.html and look into setting up mod_jk.

If you want to use apache/ httpd to serve the request from PHP as well as any other server running on different port let say tomcat on port 8080 you can use apache/ httpd to act as a "proxy" and map a URL which will be served by another server. This is done using ProxyPass ProxyPassReverse configuration.
For example:
If you want http://localhost/php to be served by PHP and http://localhost/tomcat to be served by tomcat then you will have to make following changes in httpd.config/ apache.config [apache2.config depending on version of apache you are using]:
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
LoadModule proxy_http_module modules/mod_proxy_http.so
# Uncomment these to proxy FTP or HTTPS
#LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
#LoadModule proxy_connect_module modules/mod_proxy_connect.so
<VirtualHost *:80>
# Your domain name
# ServerName Domain_NAME_HERE
ProxyPreserveHost On
ProxyPass /tomcat http://localhost:8080/
ProxyPassReverse /tomcat http://localhost:8080/
# The location of the HTML files, and access control information
DocumentRoot /var/www
<Directory /var/www>
Options -Indexes
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
In case you are running httpd on centos and you may get error Apache Mod_proxy '[Error] (13)Permission Denied', then follow this link which says execute the following command:
/usr/sbin/setsebool -P httpd_can_network_connect 1
I would recommand you to read mod_proxy.
Ref: Redhat mod_proxy configuration

Related

How to use Cloudflare's free SSL to force https on my Django application on Apache+mod_wsgi stack?

I wanted to use the free SSL (DNS) service provided by Cloudflare in my Django Application running on Apache + mod_wsgi stack. I can find setup examples for Nginx + uWSGI stack, but not for Apache + mod_wsgi stack so far. I was following this answer here https://stackoverflow.com/a/27650503/2051292 . But I couldn't convert the workaround from Nginx configuration to Apache/mod_wsgi. I'm facing few problems,
Even I use https to visit the web pages clicking on any of the internal links or submitting login/registration forms goes only to http pages.
(I actually want all the links to goto the https pages)
On the web page forms (login, registration) I'm getting CSRF Failed 403 Access Forbidden error. And I login at https page, but after verification the redirects to a http page with CSRF error.
Sometimes tweaking the configuration leads to redirect loop.
Would like to know the working configuration for using cloudflare free SSL with Apache + mod_wsgi stack and the Django settings also for the setup
EDIT: In case if you don't know, this is how Cloudflare's free SSL works.
I don't have an SSL certificate with me, I'm trying to use the free SSL by using the Flexible SSL. i.e. The connection from user to Cloudflare DNS will be https and the connection between Cloudflare and my server will be http.
Note: Currently I'm NOT using any middleware like django-sslify . But using it will help any other way. I'm okay with that also.
While I don't know the specifics of using Cloudflare, it should be the same Apache configuration once you have the appropriate certificates nave figured out the proxy settings mentioned in the other answer. Here's an example Apache configuration I have used for hosting Django with mod_wsgi and mod_ssl under CentOS. Under this configuration, we don't even listen to port 80. This assumes your web site is hosted at https://example.com/mysite, and that it is deployed to /var/www/html/mysite under the user mysiteuser with a virtualenv called mysitevenv:
LoadModule wsgi_module modules/mod_wsgi.so
LoadModule ssl_module modules/mod_ssl.so
WSGISocketPrefix /var/run/wsgi
NameVirtualHost *:443
Listen 443
<VirtualHost *:443>
ServerName example.com
ErrorLog /home/mysiteuser/apache_errors.log
WSGIDaemonProcess mysite-https python-home=/home/mysiteuser/.virtualenvs/mysitevenv
WSGIScriptAlias /mysite /var/www/html/mysite/mysite/wsgi.py process-group=mysite-https application-group=mysite-https
WSGIProcessGroup so-https
Alias /mysite/static/ /var/www/html/mysite/static/
SSLENGINE on
SSLCertificateFile /etc/pki/tls/certs/localhost.crt
SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
SSLProtocol all -SSLv2
</VirtualHost>

django apps on nginx running separately from apache

I am installing production server for my django apps and I can not make it work. My configuration files can be found here.
Basically I have apache2 installed and running on port 80 for my php applications. I want to run my django apps on nginx with uwsgi, apart from apache2. So I am running nginx on port 8000.
When I open http://IP:8000/ I can see my site properly.
1. But how do I set it up with domain name?
I've set A tag in dns to IP. Now it hits apache2 "it works" page because it hits port 80 on default? So I need to proxy pass all requests to my domain.com? Something like this?
/etc/apache2/sites-enabled/domain.com:
<VirtualHost *:80>
ServerName domain.com
ProxyPreserveHost On
ProxyPass / http://IP:8000
</VirtualHost>
It does not work, so how do I pass all domain requests from apache to nginx?
2. How do I add another domain name? (new app)
Do I just create new socket file for new app, keep it on port 8000 and nginx will decide depending on domain name what conf file to use?
I have not found any similar tutorials, nginx usually handles static files and sends requests to apache2. However I want it other way.
Thanks for your answer. To make it work I had to set apache proxy like this:
<VirtualHost *:80>
ServerName www.domain.com
ProxyPreserveHost On
ProxyPass /static http://XX.XX.XX.XX:8000/static
ProxyPassReverse /static http://XX.XX.XX.XX:8000/static
ProxyPass / http://XX.XX.XX.XX:8000
ProxyPassReverse / http://XX.XX.XX.XX:8000
RewriteEngine On
RewriteCond %{REQUEST_URI} ^(.(?!\.css|js|gif|png|jpg|ico))*$
RewriteRule /(.*) http://XX.XX.XX.XX:8000/$1 [P,L]
</VirtualHost>
and enable proxy_http:
sudo a2enmod proxy
sudo a2enmod proxy_http
sudo service apache2 restart
1. How do you set it up with domain name?
In the server block of your nginx conf file set the server_name:
server {
listen 8000;
server_name www.my-django-domain-one.foobar;
#rest of your config regarding forwarding to django...
}
Your site will be available at http://www.my-django-domain-one.foobar:8000.
2. How do you add another domain name? (new app)
Nginx will not decide anything based on the conf filename. Create a new conf file or use the existing one (only matters in the sense of how you want to organize your configs)
server {
listen 8000;
server_name www.my-django-domain-two.foobar;
#rest of your config regarding forwarding to django...
}
However, I recommend an approach involving only one web server. Opinions on which to use vary of course but both of them can do what you want to achieve on their own. You add unnecessary complexity to your setup (e.g. two servers to keep patched) and -depending on your traffic- it may even have a significant impact on your performance.
Check out this tutorial to see how you could make your php apps work with nginx and php-fpm.

Django project doesn't show up with Apache and mod_wsgi

I've installed Apache and mod_wsgi on windows xp service pack 3 and added these line to my httpd.conf :
WSGIScriptAlias / "C:/Documents and Settings/X/My Documents/Downloads/Foo/Foo/wsgi.py"
WSGIPythonPath "C:/Documents and Settings/X/My Documents/Downloads/Foo"
<Directory "C:/Documents and Settings/X/My Documents/Downloads/Foo/Foo">
<Files wsgi.py>
Require all granted
</Files>
</Directory>
but when I open localhost on my firefox, it shows Apache's It Works! message, what should I do to run my project on localhost ?
EDIT :
I checked and recognized that my project's path is not included in PYTHONPATH. Isn't the line WSGIPythonPath ... expected to add the address to PYTHONPATH ?
Alright, so my setup is in linux so this is not tested on windows, but:
I did not see your LoadModule statement
File: httpd.conf
LoadModule wsgi_module modules/mod_wsgi.so
modwsgi wont work without that.
Also: the your grant statement seems a bit suspicious.
In the wsgi configuration guide suggests using a Directory directive for allowing this access to your mod_wsgi application.
<Directory "C:/Documents and Settings/X/My Documents/Downloads/Foo/Foo/">
Order allow,deny
Allow from all
</Directory>
Finally:
Make your life easy down the road.
configure apache in worker mode
configure mod_wsgi in daemon mode.
profit
Might I suggest watching this PyCon talk Making Apache suck less for hosting Python web applications from 'the-man' Graham. I wish I knew all of that stuff years ago.
Note: To figure out if you have apache in mpm worker mode.
httpd.exe -V
look for the "Server MPM" value of worker.
Django runs on port 8000 so you'll want to do two things. First, you need to run the server by entering into your console python manage.py runserver. Second, you need to direct your browser to localhost:8000.
As an aside, you don't need Apache to run a simple, local development environment. Django has its own server built in that you can leverage.

Running apache bloodhound on apache2 web server

I am trying to run to apache bloodhound tracker on apache2 web server. I am using 0.7 version of the blood hound. I followed the website https://issues.apache.org/bloodhound/wiki/BloodhoundInstall
Blood hound is running on port 8000.
But the problem is I am not able to run the blood hound on port 80, so that if I hit bloodhound.mydomain.com, I should get bloodhound. I have mentioned my apache2 webserver setting file as specified in the website
/etc/apache2/sites-available/bloodhound
<VirtualHost *:8080>
WSGIDaemonProcess bh_tracker user=ubuntu python-path=/home/ubuntu/bloodhound-0.7/installer/bloodhound/lib/python2.7/site-packages
WSGIScriptAlias /bloodhound /home/ubuntu/bloodhound-0.7/installer/bloodhound/site/cgi-bin/trac.wsgi
<Directory /home/ubuntu/bloodhound-0.7/installer/bloodhound/site/cgi-bin>
WSGIProcessGroup bh_tracker
WSGIApplicationGroup %{GLOBAL}
Order deny,allow
Allow from all
</Directory>
<LocationMatch "/bloodhound/[^/]+/login">
AuthType Digest
AuthName "ubuntu"
AuthDigestDomain /bloodhound
AuthUserFile /home/ubuntu/bloodhound-0.7/installer/bloodhound/environments/main/bloodhound.htdigest
Require valid-user
</LocationMatch>
</VirtualHost>
After adding the above file, its not running on either of the ports 8000 and also 8080 also.
How do I make it run. Kindly help me. By the way I am using ubuntu ec2 instance.
By golly I think I've figured it out! I've been stuck right about where you are on my own Bloodhound port configuration for days.
n3storm is correct: the whole magic of setting up mod_wsgi is that you no longer need to manually start bloodhound with that
tracd port=8080 /ridiculously/long/path/to/bloodhound/installer/bloodhound/environments/main
command. Instead, mod_wsgi runs all that python for you the moment your web browser requests http://[host]:8080/bloodhound, meaning your Bloodhound server is ready to serve the moment it's turned on.
The pain is how many interlocking config files are involved, and how many tiny things can break down the whole process. I don't really know python, I just barely understand Apache, and I'm 70% confident I've accidentally opened some gaping security that I don't understand, but here's my understanding of the mod_wsgi + Apache + Bloodhound domino chain. Paths are for my Apache 2.4 installation on Ubuntu 14.04.1 LTS:
1. You load http://[host]:8080/bloodhound
For this to work, I needed to edit /etc/apache2/ports.conf so that Apache is actually listening on port 8080. So add the line
Listen 8080
to /etc/apache2/ports.conf
Now visiting http://[host]:8080/bloodhound should at least show you something from Apache. For me, it was a HTTP Error 403: Forbidden page, and next up is my home remedy for the Error 403 blues!
2. Apache triggers bloodhound.conf
FULL PATH: /etc/apache2/sites-available/bloodhound.conf
Technically, Apache is looking in /etc/apache2/sites-enabled/ for a matching VirtualHost rule but you set this up by creating/editing .conf files in /sites-availabe/ and then activating them with the Apache command
a2ensite [sitename].conf
So. Apparently, Apache 2.4 changed its access control syntax for .conf files. So, to stop the Error 403ing, I changed
Order deny,allow
Allow from all
in /etc/apache2/sites-available/bloodhound.conf to
Require all granted
And then once again you should restart Apache with
sudo apachectl graceful
or
sudo /etc/init.d/apache2 graceful
or maybe
sudo service apache2 restart
I'm not sure, they all seem to work equally but I suppose the graceful ones are nice because they don't shut down your server or something important like that.
3. bloodhound.conf triggers trac.wsgi
FULL PATH: /ridiculously/long/path/to/bloodhound/installer/bloodhound/site/cgi-bin/trac.wsgi
After figuring out that ton of other things, I realized that, in the end, the default script that Bloodhound generates worked fine for me:
import os
def application(environ, start_request):
if not 'trac.env_parent_dir' in environ:
environ.setdefault('trac.env_path', '/usr/local/bloodhound/installer/bloodhound/environments/main')
if 'PYTHON_EGG_CACHE' in environ:
os.environ['PYTHON_EGG_CACHE'] = environ['PYTHON_EGG_CACHE']
elif 'trac.env_path' in environ:
os.environ['PYTHON_EGG_CACHE'] = \
os.path.join(environ['trac.env_path'], '.egg-cache')
elif 'trac.env_parent_dir' in environ:
os.environ['PYTHON_EGG_CACHE'] = \
os.path.join(environ['trac.env_parent_dir'], '.egg-cache')
from trac.web.main import dispatch_request
return dispatch_request(environ, start_request)
4. trac.wsgi serves up the HTML files for Bloodhound
Isn't the internet just magical?
By using Apache mod_wsgi you don't need Bloodhound running apart anymore. Is mod_wsgi what makes Bloodhound running. You should use standard apache port in this case.
Also, I guess you should use a ServerName directive at Virtualhost (or is it you only serve one host?)

Can I serve one django app from 2 different apache vhosts?

I've got a django app that's currently available at dev.mydomain.com, and I'm about to move it to clientsdomain.com. I'm on Ubuntu so I'll run a2dissite dev.mydomain.com and then a2ensite clientsdomain.com.
My vhost files are identical except for the server name -
<VirtualHost 8.8.8.4>
ServerName dev.mydomain.com
#....
</virtualHost>
and
<VirtualHost 8.8.8.4>
ServerName clientdomain.com
#....
</virtualHost>
(obviously that's not my ip address)
I just want to know if I actually have to take down the dev vhost before I run my app from the live vhost. Can I run them both together? Are there any risks to having them up at the same time (if that's even possible).
Each Django application will serve requests coming in to its corresponding VirtualHost. So no, in theory they can run in parallel.
However, you don't get into much detail about your setup. For example, are they backed by the same database? In this case, you do realize the problem, right?