LDP
/
LDP
mirror of https://github.com/tLDP/LDP
0
1
Fork 0
Code Releases Activity
LDP/LDP/howto/docbook/MMBase-Inst-HOWTO/MMBase-Inst-HOWTO.xml

3113 lines
86 KiB
XML
Raw Blame History

<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"
>
<article id="MMBase-Inst-HOWTO">
<!--
<artheader>
<title>
<application class="software">MMBase</application> Installation HOWTO
</title>
<author>
<firstname>Adrian</firstname>
<surname>Offerman</surname>
<affiliation>
<address>
<ulink url="http://www.offerman.net/">http://www.offerman.net/</ulink>
</address>
</affiliation>
</author>
</artheader>
-->
<articleinfo>
<title>
<application class="software">MMBase</application> Installation HOWTO
</title>
<author>
<firstname>Adrian</firstname>
<surname>Offerman</surname>
<affiliation>
<address>
<email>tldp@NOSPAM.offerman.net</email>
</address>
</affiliation>
</author>
<copyright>
<year>2003 - 2006</year>
<holder role="http://www.offerman.net/">Adrian Offerman</holder>
</copyright>
<pubdate>June 25, 2006</pubdate>
<releaseinfo>minor corrections</releaseinfo>
<!-- Most recent revision goes at the top; list in descending order -->
<revhistory id="revhistory">
<revision>
<revnumber>0.3.5</revnumber>
<date>2006-06-25</date>
<authorinitials>AO</authorinitials>
<revremark>Tomcat init script</revremark>
</revision>
<revision>
<revnumber>0.3.4</revnumber>
<date>2005-09-18</date>
<authorinitials>AO</authorinitials>
<revremark>minor corrections</revremark>
</revision>
<revision>
<revnumber>0.3.2</revnumber>
<date>2005-01-25</date>
<authorinitials>AO</authorinitials>
<revremark>MMBase 1.7.3, Java 1.5.0-01</revremark>
</revision>
<revision>
<revnumber>0.3.1</revnumber>
<date>2004-12-26</date>
<authorinitials>AO</authorinitials>
<revremark>Email module</revremark>
</revision>
<revision>
<revnumber>0.3.0</revnumber>
<date>2004-12-25</date>
<authorinitials>AO</authorinitials>
<revremark>MMBase 1.7.2, Tomcat 5.5.4, Java 1.5.0, MySQL Connector/J 3.0.16-ga, Jikes 1.22</revremark>
</revision>
<revision>
<revnumber>0.2.6</revnumber>
<date>2004-07-27</date>
<authorinitials>AO</authorinitials>
<revremark>minor additions</revremark>
</revision>
<revision>
<revnumber>0.2.5</revnumber>
<date>2004-02-28</date>
<authorinitials>AO</authorinitials>
<revremark>Creative Commons copyright license adjusted</revremark>
</revision>
<revision>
<revnumber>0.2.4</revnumber>
<date>2004-01-22</date>
<authorinitials>AO</authorinitials>
<revremark>Creative Commons copyright license; minor additions and corrections</revremark>
</revision>
<revision>
<revnumber>0.2.3</revnumber>
<date>2003-12-26</date>
<authorinitials>AO</authorinitials>
<revremark>minor additions and corrections</revremark>
</revision>
<revision>
<revnumber>0.2.2</revnumber>
<date>2003-12-20</date>
<authorinitials>AO</authorinitials>
<revremark>copyright adjusted</revremark>
</revision>
<revision>
<revnumber>0.2.1</revnumber>
<date>2003-12-18</date>
<authorinitials>AO</authorinitials>
<revremark>minor corrections</revremark>
</revision>
<revision>
<revnumber>0.2.0</revnumber>
<date>2003-12-15</date>
<authorinitials>AO</authorinitials>
<revremark>JK 2 Connector setup added</revremark>
</revision>
<revision>
<revnumber>0.1.0</revnumber>
<date>2003-12-10</date>
<authorinitials>AO</authorinitials>
<revremark>initial draft</revremark>
</revision>
</revhistory>
<abstract>
<para>
This document describes the installation of the
<application class="software">MMBase</application>
content management system
on a <systemitem class="osname">Red Hat Linux</systemitem> distribution,
using the <application class="software">Tomcat</application> application
server,
and integrating it with <application class="software">MySQL</application>
and <application class="software">Apache</application>.
</para>
</abstract>
</articleinfo>
<para>
This document describes the installation of the
<application class="software">MMBase</application> content management system
on a <systemitem class="osname">Red Hat Linux</systemitem> distribution,
using the <application class="software">Tomcat</application> application
server,
and integrating it with <application class="software">MySQL</application>
and <application class="software">Apache</application>.
</para>
<para>
Version: 0.3.5; June 25, 2006.
</para>
<para>
Author: <ulink url="http://www.offerman.net/">Adrian Offerman</ulink>
</para>
<para>
The latest version of this document can be found at:
<screen>
<ulink url="http://www.offerman.net/MMBase-Installation-HOWTO/">http://www.offerman.net/MMBase-Installation-HOWTO/</ulink>
</screen>
</para>
<!--
<para>
A single file version of this document can be found at:
<screen>
<ulink url="http://www.offerman.net/MMBase-Installation-HOWTO/long.html">http://www.offerman.net/MMBase-Installation-HOWTO/long.html</ulink>
</screen>
</para>
-->
<para>
Feedback is welcome at:
<screen>
<ulink url="http://www.offerman.net/MMBase-Installation-HOWTO/feedback.html">http://www.offerman.net/MMBase-Installation-HOWTO/feedback.html</ulink>
</screen>
</para>
<para>
For questions, check out the
<application class="software">MMBase</application> website:
<screen>
<ulink url="http://www.mmbase.org/">http://www.mmbase.org/</ulink>
</screen>
</para>
<para>
You can find the
<application class="software">MMBase</application> documentation at:
<screen>
<ulink url="http://www.mmbase.org/docs/">http://www.mmbase.org/docs/</ulink>
</screen>
</para>
<para>
Good luck!
</para>
<sect1>
<title>Introduction</title>
<para>
>From the <application class="software">MMBase</application> website
(<ulink url="http://www.mmbase.org">www.mmbase.org</ulink>):
<blockquote>
<para>
<quote><application class="software">MMBase</application>
is a Web Content Management System
with strong multimedia features.
<application class="software">MMBase</application>
has a large installed base in The Netherlands,
and is used by major Dutch broadcasters, publishers, educational institutes,
national and local governments.
<application class="software">MMBase</application>
is written in <application class="software">Java</application>,
it is Open Source Software (<acronym>MPL</acronym>)
and all standards used are as &apos;open&apos; as possible.
The system can be used with all major operating systems, application servers
and databases.</quote>
</para>
</blockquote>
</para>
<para>
Unfortunately, the installation of
<application class="software">MMBase</application>
is not well documented.
Furthermore, when searching the internet looking for installation clues
and trying out tips,
it turns out that the details of the installation have changed frequently.
</para>
<para>
This document describes the installation of the
<application class="software">MMBase</application> content management system
on a <systemitem class="osname">Red Hat Linux</systemitem> distribution,
using the <application class="software">Tomcat</application> application
server,
and the integration with <application class="software">MySQL</application>
and <application class="software">Apache</application>.
</para>
<para>
It is based on our own experience
and compiled to the benefit of the community.
</para>
<para>
These are the ingredients we used to cook up this recipe ourselves:
<itemizedlist spacing="compact">
<listitem>
<para>
<systemitem class="osname">Red Hat 8.0</systemitem> distribution
running a <systemitem class="library">2.4.20 kernel</systemitem>,
with <systemitem class="library">Alan Cox 2</systemitem>
and
<systemitem class="library"><acronym>EA</acronym>/<acronym>ACL</acronym></systemitem>
extensions.
</para>
</listitem>
<listitem>
<para>
<application class="software">Java 2 Software Developers Kit (<acronym>SDK</acronym>)</application>
and <application class="software">Java 2 Run-time Engine (<acronym>J2RE</acronym>)</application>
from <application class="software">Sun's Java 2 Platform Standard Edition 5.0 (<acronym>J2SE</acronym>) (version 1.5.0-01)</application>,
</para>
</listitem>
<listitem>
<para>
<application class="software">Apache Jakarta Tomcat 5.5.4</application>,
</para>
</listitem>
<listitem>
<para>
<application class="software">ImageMagick 6.1.3-7</application>,
</para>
</listitem>
<listitem>
<para>
<application class="software">MMBase 1.7.3 with various modules</application>,
</para>
</listitem>
<listitem>
<para>
<application class="software">MySQL Connector/J 3.0.16-ga</application>,
</para>
</listitem>
<listitem>
<para>
<application class="software">Jikes 1.22</application>.
</para>
</listitem>
</itemizedlist>
And before:
<itemizedlist spacing="compact">
<listitem>
<para>
<systemitem class="osname">Red Hat 8.0</systemitem> distribution
running a <systemitem class="library">2.4.20 kernel</systemitem>,
with <systemitem class="library">Alan Cox 2</systemitem>
and
<systemitem class="library"><acronym>EA</acronym>/<acronym>ACL</acronym></systemitem>
extensions.
</para>
</listitem>
<listitem>
<para>
<application class="software">Java 2 Software Developers Kit (<acronym>SDK</acronym>)</application>
and <application class="software">Java 2 Run-time Engine (<acronym>J2RE</acronym>)</application>
from the <application class="software">Blackdown Java 2 <acronym>JDK</acronym> version v1.4.1-01</application>,
</para>
</listitem>
<listitem>
<para>
<application class="software">Apache Jakarta Tomcat 4.1.27</application>,
</para>
</listitem>
<listitem>
<para>
<application class="software">ImageMagick 5.4.7-5</application>,
</para>
</listitem>
<listitem>
<para>
<application class="software">MMBase 1.6.5 for <acronym>JDK</acronym> 1.4</application>,
</para>
</listitem>
<listitem>
<para>
<application class="software">MySQL Connector/J 3.0.8</application>,
</para>
</listitem>
<listitem>
<para>
<application class="software">Jikes 1.18</application>.
</para>
</listitem>
</itemizedlist>
</para>
</sect1>
<sect1>
<title>Installation</title>
<para>
Although we installed <application class="software">MMBase</application>
on a kernel with the <systemitem class="library">Alan Cox</systemitem>
and
<systemitem class="library"><acronym>EA</acronym>/<acronym>ACL</acronym></systemitem>
extensions,
these features are no prerequisites.
</para>
<para>
We assume that you have already installed and configured
<application class="software">Apache</application>
and <application class="software">MySQL</application>
on your server.
</para>
</sect1>
<sect1>
<title>Installing <application class="software">Java</application></title>
<para>
Download the latest versions of the
<application class="software">Java 2 Development Kit
(<acronym>JDK</acronym>)</application> or
<application class="software">Run-time Engine
(<acronym>JRE</acronym>)</application>,
and the accompanying documentation from:
<screen>
<ulink url="http://java.sun.com/">http://java.sun.com</ulink>
</screen>
</para>
<para>
Installation instructions and release notes for the
<application class="software"><acronym>JDK</acronym></application> and
<application class="software"><acronym>JRE</acronym></application>
are available at the download page.
</para>
<para>
Make the binary distribution of the
<application class="software"><acronym>JDK</acronym></application>
executable
and extract in a new directory:
<programlisting>
<![CDATA[
chmod +x jdk-xxx.bin
cd /usr/local/
.../jdk-xxx.bin
]]>
</programlisting>
</para>
<para>
Install the <application class="software"><acronym>JDK</acronym></application>
documentation
by unzipping it in the
<application class="software"><acronym>JDK</acronym></application> directory:
<programlisting>
<![CDATA[
cd /usr/local/jdk-xxx/
unzip .../jdk-xxx-doc.zip
]]>
</programlisting>
</para>
<para>
Change the ownership of the
<application class="software"><acronym>JDK</acronym></application> directory
and make it available as
<filename class="symlink">/usr/local/j2sdk/</filename>:
<programlisting>
<![CDATA[
chown -R root:root /usr/local/jdk-xxx/
ln -s /usr/local/jdk-xxx /usr/local/j2sdk
]]>
</programlisting>
</para>
<para>
If you need only the
<application class="software"><acronym>JRE</acronym></application>,
the installation would be like this:
<programlisting>
<![CDATA[
chmod +x jre-xxx.bin
cd /usr/local/
.../jre-xxx.bin
chown -R root:root /usr/local/jre-xxx/
ln -s /usr/local/jre-xxx /usr/local/j2re
]]>
</programlisting>
</para>
<para>
<warning>
<para>
Using <application class="software"><acronym>JDK</acronym></application>
version 1.5.0 caused
our <application class="software">Tomcat</application> server
to crash every now and then:
<programlisting>
<![CDATA[
#
# An unexpected error has been detected by HotSpot Virtual Machine:
#
# SIGSEGV (0xb) at pc=0x4042db3f, pid=11991, tid=16386
#
# Java VM: Java HotSpot(TM) Server VM (1.5.0-b64 mixed mode)
# Problematic frame:
# V [libjvm.so+0x3abb3f]
#
]]>
</programlisting>
Upgrading to version 1.5.0-01 seemed to solve these problems.
</para>
</warning>
</para>
<para>
<note>
<para>
For the (previously used)
<application>BlackDown Java for Linux distribution</application>:
</para>
<para>
Find yourself a mirror for the
<application class="software">BlackDown Java Development Kit</application>
at:
<screen>
<ulink url="http://www.blackdown.org/java-linux/mirrors.html">http://www.blackdown.org/java-linux/mirrors.html</ulink>
</screen>
</para>
<para>
There you can download the latest versions of the
<application class="software">J2 Software Development Kit (<acronym>SDK</acronym>)</application>
and
<application class="software">Run-time Engine (<acronym>RE</acronym>)</application>.
</para>
<para>
Make sure you pick out the right version for the
<systemitem class="library">gcc</systemitem> library installed on your system.
You can find out the version currently installed by typing:
<programlisting>
<![CDATA[
rpm -q libgcc
]]>
</programlisting>
</para>
<para>
Installation instructions for the
<application class="software">Java Development Kit</application>
are available as
<filename>INSTALL-j2sdk</filename>
and <filename>INSTALL-j2re</filename>.
</para>
<para>
Make the binary distribution of the
<application class="software"><acronym>SDK</acronym></application>
executable
and extract in a new directory:
<programlisting>
<![CDATA[
chmod +x j2sdk-xxx.bin
cd /usr/local/
.../j2sdk-xxx.bin
]]>
</programlisting>
</para>
<para>
Change the ownership of the
<application class="software"><acronym>J2SDK</acronym></application>
directory
and make it available as
<filename class="symlink">/usr/local/j2sdk/</filename>:
<programlisting>
<![CDATA[
chown -R root:root /usr/local/j2sdk-xxx/
ln -s /usr/local/j2sdk-xxx /usr/local/j2sdk
]]>
</programlisting>
</para>
<para>
Do the same for the
<application class="software"><acronym>RE</acronym></application>:
<programlisting>
<![CDATA[
chmod +x j2re-xxx.bin
cd /usr/local/
.../j2re-xxx.bin
chown -R root:root /usr/local/j2re-xxx/
ln -s /usr/local/j2re-xxx /usr/local/j2re
]]>
</programlisting>
</para>
</note>
</para>
<para>
Since we didn&apos;t install the
<application class="software"><acronym>JDK</acronym></application>
and <application class="software"><acronym>JRE</acronym></application>
in our path,
we have to add the <filename class="directory">bin/</filename> directories
to our <envar>$PATH</envar> environment variable.
To make sure the <application class="software">Java</application>
distributions and classes can be found,
we set the <envar>$JAVA_HOME</envar>
and <envar>$CLASSPATH</envar> variables as well.
</para>
<para>
For the <application class="software">Bourne shells</application>,
create a file <systemitem class="macro">/etc/profile.d/java.sh</systemitem>:
<programlisting>
<![CDATA[
if ! echo ${PATH} | grep -q /usr/local/j2sdk/bin ; then
export PATH=/usr/local/j2sdk/bin:${PATH}
fi
if ! echo ${PATH} | grep -q /usr/local/j2re/bin ; then
export PATH=/usr/local/j2re/bin:${PATH}
fi
export JAVA_HOME=/usr/local/j2sdk
export CLASSPATH=.:/usr/local/j2sdk/lib/tools.jar:/usr/local/j2re/lib/rt.jar
]]>
</programlisting>
</para>
<para>
Set its ownership and access rights:
<programlisting>
<![CDATA[
chown root:root /etc/profile.d/java.sh
chmod 755 /etc/profile.d/java.sh
]]>
</programlisting>
</para>
<para>
Do the same for <application class="software">C shells</application>,
by creating the file
<systemitem class="macro">/etc/profile.d/java.csh</systemitem>:
<programlisting>
<![CDATA[
if ( "${path}" !~ */usr/local/j2sdk/bin* ) then
set path = ( /usr/local/j2sdk/bin $path )
endif
if ( "${path}" !~ */usr/local/j2re/bin* ) then
set path = ( /usr/local/j2re/bin $path )
endif
setenv JAVA_HOME /usr/local/j2sdk
setenv CLASSPATH .:/usr/local/j2sdk/lib/tools.jar:/usr/local/j2re/lib/rt.jar
]]>
</programlisting>
</para>
<para>
and setting its ownership and access rights:
<programlisting>
<![CDATA[
chown root:root /etc/profile.d/java.csh
chmod 755 /etc/profile.d/java.csh
]]>
</programlisting>
</para>
<para>
Now the <application class="software"><acronym>JDK</acronym></application>
should be available to everyone on your system.
</para>
<para>
<tip>
<para>
You can test the <application class="software">Java</application> engine
by typing:
<programlisting>
<![CDATA[
java -version
]]>
</programlisting>
</para>
<para>
or create a file <filename>Test.java</filename>:
<programlisting>
<![CDATA[
public class Test {
public static void main(String[] args) {
System.out.println("Hello world");
}
}
]]>
</programlisting>
</para>
<para>
and test the compiler:
<programlisting>
<![CDATA[
javac Test.java
java Test
]]>
</programlisting>
</para>
</tip>
</para>
</sect1>
<sect1>
<title>Installing <application class="software">Tomcat</application></title>
<para>
Download a binary distribution of
<application class="software">Tomcat</application>
from the <application class="software">Apache Jakarta</application> website:
<screen>
<ulink url="http://jakarta.apache.org/tomcat/">http://jakarta.apache.org/tomcat/</ulink>
</screen>
</para>
<para>
If you don&apos;t want to run the
<application class="software">Tomcat</application> daemon as
<systemitem class="username">root</systemitem>,
create a new user/group <systemitem class="username">tomcat</systemitem>
(first make sure that the
<acronym>UID</acronym> and <acronym>GID</acronym>
you use
are still available
by checking the files <filename>/etc/passwd</filename>
and <filename>/etc/group</filename>):
<programlisting>
<![CDATA[
groupadd -g 220 tomcat
useradd -u 220 -g tomcat -c "Tomcat" -r -d /usr/local/tomcat -s "/sbin/nologin" tomcat
]]>
</programlisting>
</para>
<para>
<warning>
<para>
You really should not use the
<systemitem class="username">root</systemitem> account
to run the <application class="software">Tomcat</application> daemon;
(using Tomcat version 4.1.27) we found out that this allows the
<application class="software">MMBase</application>
<systemitem class="username">admin</systemitem> user
to write backup dumps of his sites anywhere on the system.
</para>
</warning>
</para>
<para>
&lt;TODO: better solution available?&gt;
</para>
<para>
Extract the <application class="software">Tomcat</application> distribution
in a new directory:
<programlisting>
<![CDATA[
cd /usr/local/
tar -zxvf .../jakarta-tomcat-xxx.tar.gz
]]>
</programlisting>
</para>
<para>
<note>
<para>
Version 4.1.27 came with a hot-fix:
<programlisting>
<![CDATA[
cd /usr/local/jakarta-tomcat-xxx/
tar -zxvf .../xxx-hotfix-xxx.tar.gz
]]>
</programlisting>
</para>
</note>
</para>
<para>
Change the ownership of the
<application class="software">Tomcat</application> directory
and make it available as
<filename class="symlink">/usr/local/tomcat/</filename>:
<programlisting>
<![CDATA[
chown -R tomcat:tomcat /usr/local/jakarta-tomcat-xxx
ln -s /usr/local/jakarta-tomcat-xxx /usr/local/tomcat
]]>
</programlisting>
</para>
<para>
Open up the firewall for web access
to the <application class="software">Tomcat</application> server
by adding to the file
<filename>/etc/sysconfig/iptables</filename>:
<programlisting>
<![CDATA[
-A RH-Lokkit-0-50-INPUT -p tcp -m tcp --dport 8080 --syn -j ACCEPT
]]>
</programlisting>
</para>
<para>
You need to reboot your system to make this rule effective
or restart the <application class="software">iptables</application> firewall:
<programlisting>
<![CDATA[
service iptables restart
]]>
</programlisting>
</para>
<para>
<tip>
<para>
Since (for some odd reason) some network managers allow outgoing web
connections only to
<systemitem class="resource"><acronym>TCP</acronym> port 80</systemitem>,
there might be people around that cannot access your
<application class="software">Tomcat</application>
(and <application class="software">MMBase</application>) server
through <systemitem class="resource">port 8080</systemitem>.
Further <link linkend="JK2">below</link>
we will explain how to install
a <acronym>JK 2</acronym> mapping or a reverse proxy
in <application class="software">Apache</application>,
so <application class="software">Tomcat</application>
and <application class="software">MMBase</application>
can be accessed through the
<application class="software">Apache</application> web server
at <systemitem class="resource">port 80</systemitem>.
Apart from the port issue,
this has the advantage that you can use
<application class="software">Apache</application>
to manage you <acronym>SSL</acronym> connections
and use your existing
<application class="software">Apache</application>
logs and statistics facilities
for <application class="software">Tomcat</application>
and <application class="software">MMBase</application> as well.
</para>
<para>
If you decide to use
<application class="software">Apache</application>
as a front-end to your
<application class="software">Tomcat</application>
and <application class="software">MMBase</application> server,
there&apos;s no need to open up
<systemitem class="resource">port 8080</systemitem>
in your firewall.
</para>
</tip>
</para>
<para>
To run <application class="software">Tomcat</application>,
set the <envar>$CATALINA_HOME</envar> environment variable:
<programlisting>
<![CDATA[
CATALINA_HOME=/usr/local/tomcat
]]>
</programlisting>
</para>
<para>
and fire it up:
<programlisting>
<![CDATA[
/usr/local/tomcat/bin/startup.sh
]]>
</programlisting>
</para>
<para>
Now you can access
<application class="software">Tomcat</application>&apos;s home page through
(replace <replaceable>&lt;hostname&gt;</replaceable> with your hostname):
<programlisting>
<![CDATA[
http://<hostname>:8080/
]]>
</programlisting>
</para>
<para>
which should give you the <application class="software">Tomcat</application>
welcome screen.
<screenshot>
<screeninfo>600x420x256</screeninfo>
<graphic fileref="ApacheTomcat-600x420.png"></graphic>
</screenshot>
</para>
<para>
To shutdown again:
<programlisting>
<![CDATA[
/usr/local/tomcat/bin/shutdown.sh
]]>
</programlisting>
</para>
<para>
Since we want to automate the starting up and shutting down of the
<application class="software">Tomcat</application> server,
we create a file
<filename>/etc/rc.d/init.d/tomcat</filename>
to do this for us:
<programlisting>
<![CDATA[
#!/bin/sh
#
# Startup script for the Jakarta Tomcat Java Servlets and JSP server
#
# chkconfig: - 85 15
# description: Jakarta Tomcat Java Servlets and JSP server
# processname: tomcat
# pidfile: /var/run/tomcat.pid
# config:
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ ${NETWORKING} = "no" ] && exit 0
# Set Tomcat environment.
export JAVA_HOME=/usr/local/j2sdk
export CLASSPATH=.:/usr/local/j2sdk/lib/tools.jar:/usr/local/j2re/lib/rt.jar
export CATALINA_HOME=/usr/local/tomcat
export CATALINA_OPTS="-server -Xms64m -Xmx512m -Dbuild.compiler.emacs=true"
export PATH=/usr/local/j2sdk/bin:/usr/local/j2re/bin:$PATH
[ -f /usr/local/tomcat/bin/startup.sh ] || exit 0
[ -f /usr/local/tomcat/bin/shutdown.sh ] || exit 0
export PATH=$PATH:/usr/bin:/usr/local/bin
# See how we were called.
case "$1" in
start)
# Start daemon.
echo -n "Starting Tomcat: "
/usr/local/tomcat/bin/startup.sh
RETVAL=$?
echo
[ $RETVAL = 0 ] && touch /var/lock/subsys/tomcat
;;
stop)
# Stop daemons.
echo -n "Shutting down Tomcat: "
/usr/local/tomcat/bin/shutdown.sh
RETVAL=$?
echo
[ $RETVAL = 0 ] && rm -f /var/lock/subsys/tomcat
;;
restart)
$0 stop
$0 start
;;
condrestart)
[ -e /var/lock/subsys/tomcat ] && $0 restart
;;
status)
status tomcat
;;
*)
echo "Usage: $0 {start|stop|restart|status}"
exit 1
esac
exit 0
]]>
</programlisting>
</para>
<para>
Set its ownership and access rights:
<programlisting>
<![CDATA[
chown root:root /etc/rc.d/init.d/tomcat
chmod 755 /etc/rc.d/init.d/tomcat
]]>
</programlisting>
</para>
<para>
And add this init script to
<application class="software">chkconfig</application>:
<programlisting>
<![CDATA[
chkconfig --add tomcat
chkconfig tomcat on
]]>
</programlisting>
</para>
<para>
<tip>
<para>
Instead of creating your own init script,
you can use the script that comes with
the <application class="software">Tomcat</application> package:
<filename>/usr/local/tomcat/bin/catalina.sh</filename>.
Make sure you set
the <application class="software">Tomcat</application> environment
at the start of this script.
Or create a short init script that calls
the original <application class="software">Tomcat</application> init script.
</para>
<para>
See
<ulink url="http://www.jguru.com/faq/view.jsp?EID=425628">How can I start Tomcat as a daemon in Linux?</ulink>.
</para>
</tip>
</para>
<para>
<tip>
<para>
To install two (or even more) versions of
<application class="software">Tomcat</application> server
on the same system,
increase the <systemitem class="resource">port</systemitem> numbers
of the second server (e.g. by 10),
by editing the configuration file
<filename>/usr/local/tomcat55/conf/server.xml</filename>:
<programlisting>
<![CDATA[
<Server port="8015" shutdown="SHUTDOWN">
...
<!-- Define a non-SSL HTTP/1.1 Connector on port 8080 -->
<Connector port="8090"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" redirectPort="8453" acceptCount="100"
connectionTimeout="20000" disableUploadTimeout="true" />
...
<!-- Define a SSL HTTP/1.1 Connector on port 8443 -->
<!--
<Connector port="8453"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" disableUploadTimeout="true"
acceptCount="100" scheme="https" secure="true"
clientAuth="false" sslProtocol="TLS" />
-->
...
<!-- Define an AJP 1.3 Connector on port 8009 -->
<Connector port="8019"
enableLookups="false" redirectPort="8453" protocol="AJP/1.3" />
...
<!-- Define a Proxied HTTP/1.1 Connector on port 8082 -->
<!-- See proxy documentation for more information about using this. -->
<!--
<Connector port="8082"
maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="false" acceptCount="100" connectionTimeout="20000"
proxyPort="80" disableUploadTimeout="true" />
-->
]]>
</programlisting>
</para>
<para>
Complete this second
<application class="software">Tomcat</application> server installation
as above for the first server,
using adjusted directory and file names.
</para>
</tip>
</para>
</sect1>
<sect1>
<title>
Replacing <application class="software">Tomcat</application>&apos;s
default <acronym>JSP</acronym> compiler
<application class="software">Jasper</application>
with <acronym>IBM</acronym>&apos;s
<application class="software">Jikes</application> compiler
</title>
<para>
Since <acronym>IBM</acronym>&apos;s
<application class="software">Java</application> compiler
<application class="software">Jikes</application>
is performing better than
<application class="software">Tomcat</application>&apos;s own
<acronym>JSP</acronym> compiler
<application class="software">Jasper</application>,
it&apos;s recommended to install
<application class="software">Jikes</application> instead.
</para>
<para>
Download the sources of <application class="software">Jikes</application>
from <acronym>IBM</acronym>&apos;s Research website:
<screen>
<ulink url="http://jikes.sourceforge.net/">http://jikes.sourceforge.net/</ulink>
</screen>
</para>
<para>
Extract and compile <application class="software">Jikes</application>:
<programlisting>
<![CDATA[
./configure --prefix=/usr/local/jikes
make
make check
make install
]]>
</programlisting>
</para>
<para>
Check support for the <option>-encoding</option> option:
<programlisting>
<![CDATA[
/usr/local/jikes/bin/jikes -help
]]>
</programlisting>
</para>
<para>
To have <application class="software">Jikes</application>
output its error messages in a
<application class="software">Jasper</application> compatible way,
add this <envar>$CATALINA_OPTS</envar> environment variable
to <filename>/etc/rc.d/init.d/tomcat</filename>:
<programlisting>
<![CDATA[
export CATALINA_OPTS="-Dbuild.compiler.emacs=true"
]]>
</programlisting>
</para>
<para>
<tip>
<para>
If you get an error message saying
<application class="software">Jikes</application> can not use
<acronym>UTF8</acronym> encoding,
add the following option as well:
<programlisting>
<![CDATA[
-DjavaEncoding=ISO-8859-1
]]>
</programlisting>
</para>
</tip>
</para>
<para>
Make <application class="software">Jikes</application>
your <acronym>JSP</acronym> compiler
for <application class="software">Tomcat</application>
by adding to
<filename>/usr/local/tomcat/conf/web.xml</filename>:
<programlisting>
<![CDATA[
<init-param>
<param-name>compiler</param-name>
<param-value>jikes</param-value>
</init-param>
]]>
</programlisting>
</para>
<para>
Since entering the full path to
<application class="software">Jikes</application>
in <filename>/usr/local/tomcat/conf/web.xml</filename>
doesn&apos;t seem to work (version 4.1.27),
make the <command>jikes</command> program available in your path:
<programlisting>
<![CDATA[
ln -s /usr/local/jikes/bin/jikes /usr/local/bin/jikes
]]>
</programlisting>
</para>
</sect1>
<!-- TODO: any (security) settings for Tomcat?! -->
<sect1>
<title>
Installing <application class="software">ImageMagick</application>
</title>
<para>
<application class="software">MMBase</application>
uses <application class="software">ImageMagick</application>&apos;s
<command>convert</command> tool
to build and convert its images.
</para>
<para>
<application class="software">ImageMagick</application>
is already part of the
<systemitem class="osname">Red Hat</systemitem> distribution.
Check its availability using:
<programlisting>
<![CDATA[
rpm -q ImageMagick
]]>
</programlisting>
</para>
<para>
If <application class="software">ImageMagick</application>
is not available on your system,
install it
using <application class="software">up2date</application>:
<programlisting>
<![CDATA[
up2date
]]>
</programlisting>
</para>
<para>
or download it from the Red Hat Network:
<screen>
<ulink url="https://rhn.redhat.com/">https://rhn.redhat.com/</ulink>
</screen>
</para>
<para>
and install it by hand:
<programlisting>
<![CDATA[
rpm -ihv ImageMagick-xxx.rpm
]]>
</programlisting>
</para>
</sect1>
<sect1>
<title>Installing <application class="software">MMBase</application></title>
<para>
Download the binary distribution of
<application class="software">MMBase</application>,
and the additional applications you need
(i.e. <application class="software">CloudContext Security</application>,
<application class="software">Media</application>,
<application class="software">Email</application>)
(see the next section),
from:
<screen>
<ulink url="http://www.mmbase.org">http://www.mmbase.org/</ulink> --> Download --> Releases
</screen>
</para>
<para>
<warning>
<para>
<application class="software">MMBase</application> version 1.7.2
contained a nasty bug,
resulting in problems with the editwizards.
The 1.7.3 release includes a bugfix for this problem.
</para>
</warning>
</para>
<para>
Make sure you pick out the right version for the
<application class="software">Java 2 <acronym>JDK</acronym></application>
installed on your system.
You can find out the version currently installed by typing:
<programlisting>
<![CDATA[
java -version
]]>
</programlisting>
</para>
<para>
Extract the binary distribution of
<application class="software">MMBase</application>,
copy it into the
<application class="software">Tomcat</application> directory,
and change the ownership of the
<application class="software">MMBase</application> directory:
<programlisting>
<![CDATA[
unzip mmbase-xxx.zip
cd /usr/local/tomcat/webapps/
mkdir mmbase-webapp/
cp -R .../mmbase-x.x.x/mmbase-webapp/* ./mmbase-webapp/
chown -R tomcat:tomcat ./mmbase-webapp/
]]>
</programlisting>
</para>
<para>
<warning>
<para>
Installing <application class="software">MMBase</application> version 1.7
on <application class="software">Tomcat</application> version 5
resulted in version incompatibilities:
<programlisting>
<![CDATA[
FATAL org.mmbase.servlet.MMBaseStartThread -
Could not find the MMBase module!Class
javax/servlet/http/HttpServletResponse violates loader constraints
]]>
</programlisting>
</para>
<para>
We had to disable
the <systemitem class="library">RMMCI</systemitem> library
to get this installation up and running:
<programlisting>
<![CDATA[
mv /usr/local/tomcat/webapps/web-app/WEB-INF/lib/mmbase-rmmci.jar \
/usr/local/tomcat/webapps/web-app/WEB-INF/lib/mmbase-rmmci.jar.org
]]>
</programlisting>
</para>
</warning>
</para>
<para>
For <application class="software">MMBase</application> version 1.7
running on <application class="software">Tomcat</application> version 5,
enable the <systemitem class="library">Xerces</systemitem> libraries:
<programlisting>
<![CDATA[
mv /usr/local/tomcat/webapps/mmbase-webapp/WEB-INF/lib/xalan.renametojar \
/usr/local/tomcat/webapps/mmbase-webapp/WEB-INF/lib/xalan.jar
mv /usr/local/tomcat/webapps/mmbase-webapp/WEB-INF/lib/xerces.renametojar \
/usr/local/tomcat/webapps/mmbase-webapp/WEB-INF/lib/xerces.jar
mv /usr/local/tomcat/webapps/mmbase-webapp/WEB-INF/lib/xml-apis.renametojar \
/usr/local/tomcat/webapps/mmbase-webapp/WEB-INF/lib/xml-apis.jar
]]>
</programlisting>
Or you will have fatal errors like:
<programlisting>
<![CDATA[
FATAL org.mmbase.servlet.MMBaseStartThread -
Could not find the MMBase module!org/apache/xpath/XPathAPI
]]>
</programlisting>
</para>
<para>
For <application class="software">MMBase</application> version 1.6
running on <application class="software">Tomcat</application> version 4,
replace the <application class="software">Tomcat</application>
<systemitem class="library">Xerces</systemitem> libraries
by those coming with <application class="software">MMBase</application>:
<programlisting>
<![CDATA[
mv -i /usr/local/tomcat/common/endorsed/xercesImpl.jar ~/
mv -i /usr/local/tomcat/common/endorsed/xmlParserAPIs.jar ~/
cp /usr/local/tomcat/webapps/mmbase-webapp/WEB-INF/lib/xalan.jar \
/usr/local/tomcat/common/endorsed/
chown tomcat:tomcat /usr/local/tomcat/common/endorsed/xalan.jar
chmod 644 /usr/local/tomcat/common/endorsed/xalan.jar
cp /usr/local/tomcat/webapps/mmbase-webapp/WEB-INF/lib/xerces.jar \
/usr/local/tomcat/common/endorsed/
chown tomcat:tomcat /usr/local/tomcat/common/endorsed/xerces.jar
chmod 644 /usr/local/tomcat/common/endorsed/xerces.jar
cp /usr/local/tomcat/webapps/mmbase-webapp/WEB-INF/lib/xml-apis.jar \
/usr/local/tomcat/common/endorsed/
chown tomcat:tomcat /usr/local/tomcat/common/endorsed/xml-apis.jar
chmod 644 /usr/local/tomcat/common/endorsed/xml-apis.jar
]]>
</programlisting>
</para>
<para>
<tip>
<para>
If you will not be using an
<application class="software">Apache</application>
<acronym>JK 2</acronym> mapping or reverse proxy
(see further <link linkend="JK2">below</link>)
as a front-end to your
<application class="software">MMBase</application> server,
you can add to the file
<filename>/usr/local/tomcat/conf/server.xml</filename>:
<programlisting>
<![CDATA[
<Context path="/mmbase" docBase="/usr/local/tomcat/webapps/mmbase-webapp" debug="0">
<!-- if you want symlinks to work: -->
<Resources className="org.apache.naming.resources.FileDirContext" allowLinking="true" />
</Context>
]]>
</programlisting>
</para>
<para>
This will allow you to access your
<application class="software">MMBase</application> server
using
(replace <replaceable>&lt;hostname&gt;</replaceable> with your hostname):
<programlisting>
<![CDATA[
http://<hostname>:8080/mmbase
]]>
</programlisting>
</para>
<para>
instead of:
<programlisting>
<![CDATA[
http://<hostname>:8080/mmbase-webapp
]]>
</programlisting>
</para>
</tip>
</para>
<para>
Check if the <application class="software">ImageMagick</application>
<command>convert</command> tool
is in your path:
<programlisting>
<![CDATA[
which convert
]]>
</programlisting>
</para>
<para>
If not, add it to
<filename>/usr/local/tomcat/webapps/mmbase-webapp/WEB-INF/config/applications/Resources/builders/images.xml</filename>.
For example:
<programlisting>
<![CDATA[
<property name="ImageConvert.ConverterCommand">/usr/bin/X11/convert</property>
]]>
</programlisting>
</para>
<para>
Make sure that the directory
<filename class="directory">/usr/local/tomcat/webapps/mmbase-webapp/WEB-INF/config/builders/applications</filename>
is writable by the servlet engine user
(for auto-installing builders):
<programlisting>
<![CDATA[
chown tomcat:tomcat /usr/local/tomcat/webapps/mmbase-webapp/WEB-INF/config/builders/applications
chmod 775 /usr/local/tomcat/webapps/mmbase-webapp/WEB-INF/config/builders/applications
]]>
</programlisting>
</para>
</sect1>
<sect1>
<title>
Connecting <application class="software">MMBase</application>
to <application class="software">MySQL</application>
using <systemitem class="library">MySQL Connector/J</systemitem>
</title>
<para>
We can connect
<application class="software">MMBase</application>
to our <application class="software">MySQL</application> database server
using <systemitem class="library">MySQL Connector/J</systemitem>.
This <acronym>JDBC</acronym> driver
for <application class="software">MySQL</application>
can be downloaded from:
<screen>
<ulink url="http://www.mysql.com/downloads/api-jdbc.html">http://www.mysql.com/downloads/api-jdbc.html</ulink>
</screen>
</para>
<para>
Copy the <acronym>JDBC</acronym> driver
to the <application class="software">MMBase</application>
<filename class="directory">lib/</filename> directory:
<programlisting>
<![CDATA[
cp mysql-connector-java-xxx-bin.jar /usr/local/tomcat/webapps/mmbase-webapp/WEB-INF/lib/
chown tomcat:tomcat /usr/local/tomcat/webapps/mmbase-webapp/WEB-INF/lib/mysql-connector-java-xxx-bin.jar
chmod 664 /usr/local/tomcat/webapps/mmbase-webapp/WEB-INF/lib/mysql-connector-java-xxx-bin.jar
]]>
</programlisting>
</para>
<para>
Make this your <acronym>JDBC</acronym> driver
for <application class="software">MMBase</application>
by editing
<filename>/usr/local/tomcat/webapps/mmbase-webapp/WEB-INF/config/modules/jdbc.xml</filename>.
Substitute the database name
(<replaceable>mmbase</replaceable>),
user (<replaceable>mmuser</replaceable>)
and password (<replaceable>mmpass</replaceable>)
with the database settings you&apos;d like
<application class="software">MMBase</application> to use.
<programlisting>
<![CDATA[
<property name="url">jdbc:mysql://$HOST:$PORT/$DBM</property>
<property name="user">mmuser</property>
<property name="password">mmpass</property>
<property name="supportclass">org.mmbase.module.database.DatabaseSupportShim</property>
<property name="database">mmbase</property>
<property name="connections">20</property>
<property name="host">localhost</property>
<property name="driver">com.mysql.jdbc.Driver</property>
<property name="port">3306</property>
<property name="querys">256</property>
<property name="probetime">30</property>
]]>
</programlisting>
</para>
<para>
Set the ownership and access rights of this configuration file.
Since it contains your database name, user name and password,
make sure other users can not read this file.
<programlisting>
<![CDATA[
chown tomcat:tomcat /usr/local/tomcat/webapps/mmbase-webapp/WEB-INF/config/modules/jdbc.xml
chmod 640 /usr/local/tomcat/webapps/mmbase-webapp/WEB-INF/config/modules/jdbc.xml
]]>
</programlisting>
</para>
<para>
Now create the <application class="software">MySQL</application> database
you&apos;ve just defined for
<application class="software">MMBase</application>:
<programlisting>
<![CDATA[
mysql -u root -p
]]>
</programlisting>
</para>
<para>
<programlisting>
<![CDATA[
CREATE DATABASE <mmbase>;
USE <mmbase>;
GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP ON <mmbase>.* TO
<mmuser>@'%' IDENTIFIED BY '<password>';
GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP ON <mmbase>.* TO
<mmuser>@localhost IDENTIFIED BY '<password>';
GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP ON <mmbase>.* TO
<mmuser>@localhost.<domainname> IDENTIFIED BY '<password>';
# RH bug fix
GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP ON <mmbase>.* TO
<mmuser>@<hostname> IDENTIFIED BY '<password>';
flush privileges;
exit;
]]>
</programlisting>
</para>
<para>
Substitute the hostname (<replaceable>&lt;hostname&gt;</replaceable>)
and domain name (<replaceable>&lt;domainname&gt;</replaceable>)
with your own hostname and domain name,
and the database name (<replaceable>&lt;mmbase&gt;</replaceable>),
user (<replaceable>&lt;mmuser&gt;</replaceable>)
and password (<replaceable>&lt;password&gt;</replaceable>)
with the values you just entered in the JDBC driver configuration file.
</para>
<para>
<tip>
<para>
To quickly empty
your <application class="software">MySQL</application> database,
i.e. after you&apos;ve updated
your <application class="software">MMBase</application> configuration or
application
(replace the database name <replaceable>&lt;mmbase&gt;</replaceable> with your
own):
<programlisting>
<![CDATA[
mysqladmin -u root -p drop <mmbase>
mysqladmin -u root -p create <mmbase>
]]>
</programlisting>
</para>
</tip>
</para>
<para>
<tip>
<para>
If you are already using quite some
<application class="software">MySQL</application> connections
(for example for authentication by and as a back-end to your mail daemons
and <application class="software">Apache</application> servers),
the <application class="software">MySQL</application> server
might run out of connections (its maximum number defaults to 100).
Then <application class="software">Tomcat</application>
could simply refuse to start or give an error message
when initiating the
<application class="software">MySQL</application> connection pool,
or your <application class="software">IMAP</application>
or <application class="software">POP</application> servers will have
problems authenticating their clients.
</para>
<para>
You can increase the maximum number of connections
to <application class="software">MySQL</application>
by adding to the configuration file
<filename>/etc/my.cnf</filename>:
<programlisting>
<![CDATA[
[mysqld]
set-variable = max_connections=200
]]>
</programlisting>
</para>
</tip>
</para>
</sect1>
<sect1>
<title>
Installing <application class="software">MMBase</application>
additional applications
</title>
<para>
With the release of version 1.7
<application class="software">MMBase</application>
was reworked into a more modular structure.
The developers decided to take several modules
(i.e. <application class="software">CloudContext Security</application>,
<application class="software">Media</application>,
<application class="software">Email</application>)
from the <application class="software">MMBase</application> tree,
and make these available as separate entities.
However, at this moment
<application class="software">MMBase</application>
doesn&apos;t have a module interface at all.
So, to use these additional applications,
the library and other files need to be placed into the installation tree
and the configuration needs to be added into the existing configuration files
by hand.
</para>
<sect2>
<title>
Installing
the <application class="software">CloudContext Security</application> module
</title>
<para>
>From the <application class="software">MMBase</application> website
(<ulink url="http://www.mmbase.org">www.mmbase.org</ulink>):
<blockquote>
<para>
<quote><application class="software">Cloud security</application>
uses the object <systemitem class="library">mmbaseuser</systemitem>
to store information used for authorisation and authentication of users.
The two main advantages of this security implementation are
that the user administration can be carried out by using a webbrowser
(instead of editing a file on the filesystem) and
that the users of your
<application class="software">MMBase</application> installation
are available as objects in the cloud.
For instance, it is possible to create groups of users,
which are allowed to carry out certain tasks.</quote>
</para>
<para>
<quote>A context exists of a set of rights
which describe what you can do within this context
with an object of
<application class="software">MMBase</application>.
For example you define read access to a the context
which is used by anonymous visitors of your site and
you can define a context with edit rights for registered users of your site.
</quote>
</para>
</blockquote>
</para>
<para>
Move the library and other files of
the <application class="software">CloudContext Security</application> module
into the <application class="software">MMBase</application> installation tree:
<programlisting>
<![CDATA[
mv -i web-app/WEB-INF/lib/* \
/usr/local/tomcat/webapps/mmbase-webapp/WEB-INF/lib/
mv -i web-app/WEB-INF/config/applications/* \
/usr/local/tomcat/webapps/mmbase-webapp/WEB-INF/config/applications/
mv -i web-app/WEB-INF/config/builders/* \
/usr/local/tomcat/webapps/mmbase-webapp/WEB-INF/config/builders/
]]>
</programlisting>
</para>
<para>
Save the documentation files for later reference:
<programlisting>
<![CDATA[
mv -i web-app/README.txt web-app/README-PACKAGE.txt web-app/documentation web-app/src \
/usr/local/tomcat/webapps/mmbase-webapp/mmdocs/security/
]]>
</programlisting>
</para>
<para>
Make sure all these new files are owned by
your <systemitem class="username">tomcat</systemitem> user as well:
<programlisting>
<![CDATA[
chown -R tomcat:tomcat /usr/local/tomcat/webapps/mmbase-webapp
]]>
</programlisting>
</para>
<para>
Disable the existing configuration
in the security configuration file
<filename>/usr/local/tomcat/webapps/mmbase-webapp/WEB-INF/config/security/security.xml</filename>:
<programlisting>
<![CDATA[
<!--
<authentication class="org.mmbase.security.implementation.context.ContextAuthentication" url="context/config.xml" />
-->
...
<!--
<authorization class="org.mmbase.security.implementation.context.ContextAuthorization" url="context/config.xml" />
-->
]]>
</programlisting>
</para>
<para>
And add
(from <filename>web-app/WEB-INF/config/security/security.xml</filename>):
<programlisting>
<![CDATA[
<!--
Example security.xml to switch on Cloud Context Security.
No other configuration needed
(Cloud Context Security is configured in the cloud)
@version $Id$
-->
<authentication class="org.mmbase.security.implementation.cloudcontext.Authenticate" url="" />
<authorization class="org.mmbase.security.implementation.cloudcontext.Verify" url="" />
]]>
</programlisting>
</para>
<para>
<note>
<para>
Make sure to include the configuration above before
the <classname>&lt;sharedsecret&gt;</classname> statement,
or you will get an error like this:
<programlisting>
<![CDATA[
ERROR org.mmbase.util.XMLErrorHandler - security.xml line:71 column:12:
The content of element type "security" must match "(authentication,authorization,sharedsecret)".
]]>
</programlisting>
</para>
</note>
</para>
</sect2>
<sect2>
<title>
Installing
the <application class="software">Media</application> module
</title>
<para>
&lt;TODO&gt;
</para>
</sect2>
<sect2>
<title>
Installing
the <application class="software">Email</application> module
</title>
<para>
The <application class="software">Email</application> module
makes it possible to send email
with <application class="software">MMBase</application>,
using either <systemitem class="library">SendMail</systemitem>
or <systemitem class="library">JMSendMail</systemitem>.
</para>
<para>
Move the library and other files of
the <application class="software">Email</application> module
into the <application class="software">MMBase</application> installation tree:
<programlisting>
<![CDATA[
mv -i web-app/WEB-INF/lib/* \
/usr/local/tomcat/webapps/mmbase-webapp/WEB-INF/lib/
mv -i web-app/WEB-INF/config/builders/* \
/usr/local/tomcat/webapps/mmbase-webapp/WEB-INF/config/builders/
mkdir /usr/local/tomcat/webapps/mmbase-webapp/email-examples/
cp -iR web-app/examples/* \
/usr/local/tomcat/webapps/mmbase-webapp/email-examples/
]]>
</programlisting>
</para>
<para>
Save the documentation files for later reference:
<programlisting>
<![CDATA[
mkdir /usr/local/tomcat/webapps/mmbase-webapp/mmdocs/email/
mv -i web-app/README.txt web-app/README-PACKAGE.txt web-app/documentation web-app/src \
/usr/local/tomcat/webapps/mmbase-webapp/mmdocs/email/
]]>
</programlisting>
</para>
<para>
Make sure all these new files are owned by
your <systemitem class="username">tomcat</systemitem> user as well:
<programlisting>
<![CDATA[
chown -R tomcat:tomcat /usr/local/tomcat/webapps/mmbase-webapp
]]>
</programlisting>
</para>
<para>
Edit the email configuration file
<filename>/usr/local/tomcat/webapps/mmbase-webapp/WEB-INF/config/modules/sendmail.xml</filename>
(from <filename>web-app/WEB-INF/config/modules/sendmail.xml</filename>):
<programlisting>
<![CDATA[
...
<status>active</status>
...
<classfile>org.mmbase.applications.email.SendMail</classfile>
...
]]>
</programlisting>
</para>
<para>
Add to <application class="software">Tomcat</application>'s
root <classname>Context</classname>
(in /usr/local/tomcat/conf/context.xml for Tomcat version 5,
in /usr/local/tomcat/conf/server.xml for Tomcat version 4)
(replace &lt;smtp.domain.tld&gt; with the adres of your
<systemitem class="resource"><acronym>SMTP</acronym> server</systemitem>):
<programlisting>
<![CDATA[
Resource name="mail/Session" auth="Container"
type="javax.mail.Session"/>
<ResourceParams name="mail/Session">
<parameter>
<name>mail.smtp.host</name>
<value>smtp.domain.tld</value>
</parameter>
</ResourceParams>
<ResourceLink name="linkToGlobalResource"
global="simpleValue"
type="java.lang.Integer"/>
]]>
</programlisting>
</para>
<para>
Failing to do this, results in a fatal error:
<programlisting>
<![CDATA[
FATAL org.mmbase.module.JMSendMail -
JMSendMail failure: Name mail is not bound in this Context
]]>
</programlisting>
</para>
<para>
<warning>
<para>
Installing the <application class="software">Email</application> module
in <application class="software">MMBase</application> version 1.7
running on <application class="software">Tomcat</application> version 5
resulted in a fatal error:
<programlisting>
<![CDATA[
FATAL org.mmbase.servlet.MMBaseStartThread -
Could not find the MMBase module!javax/mail/Session
]]>
</programlisting>
</para>
</warning>
</para>
</sect2>
</sect1>
<sect1>
<title>
Configuring initial
<application class="software">MMBase</application> settings
</title>
<para>
Here are some initial configuration settings
for <application class="software">MMBase</application>.
</para>
<para>
Change the default password
<systemitem>admin2k</systemitem>
for the administrator <systemitem class="username">admin</systemitem>
by editing
<filename>/usr/local/tomcat/webapps/mmbase-webapp/WEB-INF/config/security/context/config.xml</filename>:
<programlisting>
<![CDATA[
<user name="admin" context="admin">
<identify type="name/password" rank="administrator">admin2k</identify>
</user>
]]>
</programlisting>
</para>
<para>
Also, outcomment or remove the user
<systemitem class="username">foo/bar</systemitem>.
</para>
<para>
Since this file contains your administrators password,
make sure other users can not read it:
<programlisting>
<![CDATA[
chmod 640 /usr/local/tomcat/webapps/mmbase-webapp/WEB-INF/config/security/context/config.xml
]]>
</programlisting>
</para>
<para>
To use the <application class="software">MMBase</application>
builder <systemitem class="library">mmbaseuser</systemitem>
(using the <database class="table">mmbaseuser</database> table
in your <application class="software">MySQL</application> database)
for user authentication,
set the <classname>authentication</classname> class
in the configuration file
<filename>/usr/local/tomcat/webapps/mmbase-webapp/WEB-INF/config/security/security.xml</filename>
to:
<programlisting>
<![CDATA[
<authentication class="org.mmbase.security.implementation.cloud.Authenticate" url="" />
]]>
</programlisting>
</para>
<para>
and set the <classname>authorization</classname> class to:
<programlisting>
<![CDATA[
<authorization class="org.mmbase.security.implementation.cloud.Verify" url="" />
]]>
</programlisting>
</para>
<para>
In the same file change the shared secret used to communicate with remote
builders
(on other <application class="software">MMBase</application> servers):
<programlisting>
<![CDATA[
<sharedsecret>yoursharedsecret</sharedsecret>
]]>
</programlisting>
</para>
<para>
<tip>
<para>
You can set the language
for <application class="software">MMBase</application>
by editing
<filename>/usr/local/tomcat/webapps/mmbase-webapp/WEB-INF/config/modules/mmbaseroot.xml</filename>:
<programlisting>
<![CDATA[
<property name="language">en</property>
]]>
</programlisting>
</para>
</tip>
</para>
<para>
<tip>
<para>
You can set the <acronym>SMTP</acronym> gateway by editing
<filename>/usr/local/tomcat/webapps/mmbase-webapp/WEB-INF/config/modules/sendmail.xml</filename>:
<programlisting>
<![CDATA[
<property name="mailhost">localhost</property>
]]>
</programlisting>
</para>
</tip>
</para>
</sect1>
<sect1>
<title>Running <application class="software">MMBase</application></title>
<para>
Now you are ready to start <application class="software">Tomcat</application>:
<programlisting>
<![CDATA[
service tomcat start
]]>
</programlisting>
</para>
<para>
and access your new <application class="software">MMBase</application> server
through
(replace <replaceable>&lt;hostname&gt;</replaceable> with your hostname):
<programlisting>
<![CDATA[
http://<hostname>:8080/mmbase-webapp/
]]>
</programlisting>
</para>
<para>
If everything you just did worked out,
you should get the
<application class="software">MMBase</application> welcome screen
where you can change the settings, look at the demos, and install the
samples.
<screenshot>
<screeninfo>600x415x256</screeninfo>
<graphic fileref="MMBase-600x415.png"></graphic>
</screenshot>
</para>
<para>
When asked for a login use the name
<systemitem class="username">admin</systemitem>
and the password
you just set in the security configuration file
<filename>/usr/local/tomcat/webapps/mmbase-webapp/WEB-INF/config/security/context/config.xml</filename>.
</para>
<para>
<application class="software">MMBase</application> users
(i.e. front-end developers) will typically add their web files to
the <filename>/usr/local/tomcat/webapps/mmbase-webapp/</filename> directory.
Applications (defining the content) will be placed in
the
<filename>/usr/local/tomcat/webapps/mmbase-webapp/WEB-INF/config/applications/</filename>
directory.
</para>
<para>
<caution>
<para>
<application class="software">Tomcat</application>
consumes far more <acronym>CPU</acronym> and memory resources
than <application class="software">Apache</application>.
Make sure the dimensions of your
<application class="software">Tomcat</application>/<application class="software">MMBase</application> server system meet these requirements.
</para>
</caution>
</para>
<para>
<tip>
<para>
Shutting down (or restarting) the
<application class="software">Tomcat</application> server (version 1.6)
in our case always left a last process running.
If you experience this same problem,
kill the process by hand before starting it up again:
<programlisting>
<![CDATA[
[root@hostname root]# service tomcat stop
[root@hostname root]# ps -ax |grep j2
24535 ? S 4:12 /usr/local/j2sdk/bin/java -server -Xms64m -Xmx512m-Dbuild.compiler.emacs=true ...
[root@hostname root]# kill 24535
[root@hostname root]# service tomcat start
[root@hostname root]#
]]>
</programlisting>
</para>
</tip>
</para>
<para>
<tip>
<para>
You can save the original <filename>index.jsp</filename> file
by renaming it to <filename>mmbase.jsp</filename>:
<programlisting>
<![CDATA[
mv -i /usr/local/tomcat/webapps/mmbase-webapp/index.jsp \
/usr/local/tomcat/webapps/mmbase-webapp/mmbase.jsp
]]>
</programlisting>
</para>
<para>
This will allow you to always access the original MMBase home page through
(replace <replaceable>&lt;hostname&gt;</replaceable> with your hostname):
<programlisting>
<![CDATA[
http://<hostname>:8080/mmbase-webapp/mmbase.jsp
]]>
</programlisting>
</para>
</tip>
</para>
<para>
In case of any problems,
check the <application class="software">Tomcat</application>
and <application class="software">MMBase</application> log files
in the directory
<filename class="directory">/usr/local/tomcat/logs/</filename>
for hints.
</para>
<para>
>From here, we refer to the documentation
on the <application class="software">MMbase</application> website
to complete your configuration
and start using <application class="software">MMBase</application>:
<screen>
<ulink url="http://www.mmbase.org/docs/">http://www.mmbase.org/docs/</ulink>
</screen>
</para>
<!-- TODO: any other (security) settings?! -->
</sect1>
<sect1 id="JK2">
<title>
Connecting <application class="software">Apache</application>
and <application class="software">Tomcat</application>
using <systemitem class="library">mod_jk2</systemitem>
</title>
<para>
Since (for some odd reason) some network managers allow outgoing web
connections only to <systemitem class="resource">TCP port 80</systemitem>,
there might be people around that cannot access your
<application class="software">Tomcat</application>
(and <application class="software">MMBase</application>) server
through <systemitem class="resource">port 8080</systemitem>.
You can install a <acronym>JK 2</acronym> mapping or a reverse proxy
in <application class="software">Apache</application>,
so <application class="software">Tomcat</application>
and <application class="software">MMBase</application>
can be accessed through the
<application class="software">Apache</application> web server
at <systemitem class="resource">port 80</systemitem>.
Apart from the port issue,
this has the advantage that you can use
<application class="software">Apache</application>
to manage you <acronym>SSL</acronym> connections
and use your existing
<application class="software">Apache</application>
logs and statistics facilities
for <application class="software">Tomcat</application>
and <application class="software">MMBase</application> as well.
</para>
<para>
Here we describe the installation and configuration of
the <systemitem class="library"><acronym>JK 2</acronym> Connector</systemitem>
connecting <application class="software">Apache</application>
and <application class="software">Tomcat</application>.
In this way,
<application class="software">Tomcat</application> paths can be mapped
into <application class="software">Apache</application>.
</para>
<para>
>From the
<systemitem class="library"><acronym>JK 2</acronym> Connector</systemitem>
website
(<ulink url="http://jakarta.apache.org/tomcat/tomcat-4.1-doc/config/jk2.html">http://jakarta.apache.org/tomcat/tomcat-4.1-doc/config/jk2.html</ulink>):
<blockquote>
<para>
<quote>
The <systemitem class="library"><acronym>JK 2</acronym> Connector</systemitem>
element represents
a <classname>Connector</classname> component that communicates
with a web connector via the <acronym>AJP</acronym> protocol.
This is used for cases where you wish
to invisibly integrate <application class="software">Tomcat</application> 4
into an existing (or new)
<application class="software">Apache</application> installation,
and you want <application class="software">Apache</application> to handle
the static content contained in the web application,
and/or utilize <application class="software">Apache's</application>
<acronym>SSL</acronym> processing.
In many application environments,
this will result in better overall performance
than running your applications
under <application class="software">Tomcat</application> stand-alone
using the
<systemitem class="library"><acronym>HTTP/1.1</acronym> Connector</systemitem>.
However, the only way to know for sure
whether it will provide better performance for your application
is to try it both ways.
</quote>
</para>
</blockquote>
</para>
<para>
If you will only be needing a simple configuration--
typically a single <application class="software">Tomcat</application> server
sitting on the same system as
your <application class="software">Apache server</application>--
<application class="software">Apache</application> reverse proxies might be
an easier solution for you.
Although these are simpler in terms of the interconnection features,
reverse proxies provide more flexibility
in fiddling with your paths and other options.
The configuration of
<application class="software">Apache</application> reverse proxies is
described in the next section.
</para>
<para>
However, if you plan to build or grow to
a farm of several <application class="software">Tomcat</application> servers
behind an <application class="software">Apache</application> front-end
or build a high-performance system,
deploying
the <systemitem class="library"><acronym>JK 2</acronym> Connector</systemitem>
is the way to go.
</para>
<para>
Download the sources of
the <systemitem class="library"><acronym>JK 2</acronym> Connector</systemitem>
from the <application class="software">Apache Jakarta</application> website:
<screen>
<ulink url="http://jakarta.apache.org/site/sourceindex.cgi">http://jakarta.apache.org/site/sourceindex.cgi</ulink>
</screen>
</para>
<para>
Extract and compile
the <systemitem class="library"><acronym>JK 2</acronym> Connector</systemitem>:
<programlisting>
<![CDATA[
tar -zxvf jakarta-tomcat-connectors-jk2-src-xxx.tar.gz
cd jakarta-tomcat-connectors-jk2-src/jk/native2/
./configure \
--with-apxs2=/usr/local/apache/bin/apxs
make
]]>
</programlisting>
</para>
<para>
Make sure your <envar>$JAVA_HOME</envar> environment variable is set
and the <application class="software">Java</application> binaries are
in your <envar>$PATH</envar>
or add this option to your <command>./configure</command> command:
<programlisting>
<option>--with-java-home=/usr/local/j2sdk</option>
</programlisting>
</para>
<para>
Copy the module files <filename class="libraryfile">mod_jk2.so</filename> and
<filename class="libraryfile">jkjni.so</filename>
to the <filename class="directory">modules/</filename> directory
of <application class="software">Apache</application>:
<programlisting>
<![CDATA[
cp -i ../build/jk2/apache2/*.so /usr/local/apache/modules/
chmod 755 /usr/local/apache/modules/mod_jk2.so
chown root:root /usr/local/apache/modules/mod_jk2.so
chmod 755 /usr/local/apache/modules/jkjni.so
chown root:root /usr/local/apache/modules/jkjni.so
libtool --finish /usr/local/apache/modules
]]>
</programlisting>
</para>
<para>
Copy the sample configuration file
<filename>workers2.properties</filename>
to the configuration directory
of <application class="software">Apache</application>:
<programlisting>
<![CDATA[
cp -i ../../jk/conf/workers2.properties /usr/local/apache/conf/
chown root:root /usr/local/apache/conf/workers2.properties
chmod 644 /usr/local/apache/conf/workers2.properties
]]>
</programlisting>
</para>
<para>
and adjust it to your own needs.
</para>
<para>
Here is a simple configuration that should get you up and running:
<programlisting>
<![CDATA[
[logger]
# outcomment this in production use
level=DEBUG
[config:]
file=${serverRoot}/conf/workers2.properties
debug=0
debugEnv=0
[uriMap:]
info=Maps the requests. Options: debug
debug=1
[shm:]
info=Scoreboard. Required for reconfiguration and status with multiprocess servers
file=${serverRoot}/logs/jk2.shm
size=1000000
debug=0
disabled=0
[workerEnv:]
info=Global server options
timing=1
debug=0
[status:]
info=Status worker, displays runtime informations
[uri:<hostname>/jkstatus/*]
info=Display status information and checks the config file for changes.
group=status:
[channel.socket:localhost:8009]
info=Ajp13 forwarding over socket
# Define the worker
[ajp13:localhost:8009]
channel=channel.socket:localhost:8009
[uri:<hostname>/mmbase-webapp/*]
info=MMBase
]]>
</programlisting>
</para>
<para>
Most of this configuration is pretty standard.
The last <classname>uri</classname> declaration
(replace <replaceable>&lt;hostname&gt;</replaceable> with your hostname)
is what this is all about;
it maps all client requests starting with
<filename class="directory">/mmbase-webapp/</filename>
from <application class="software">Apache</application>
to your <application class="software">Tomcat</application> server.
</para>
<para>
<note>
<para>
When we made a virtual host mapping,
somehow the general mappings no longer worked for this virtual host
(other virtual hosts on the same
<systemitem class="resource">IP address</systemitem> had no problem at all).
We had to explicitly add the general mappings for this virtual host
to make these work again.
A bug?
Or a consequence of the way
<application class="software">Apache</application>
implements name based virtual hosts?
</para>
</note>
</para>
<para>
So now, the same application you accessed
through <application class="software">Tomcat</application> as
(replace <replaceable>&lt;hostname&gt;</replaceable> with your hostname):
<programlisting>
<![CDATA[
http://<hostname>:8080/mmbase-webapp/
]]>
</programlisting>
</para>
<para>
will be available through
<application class="software">Apache</application> as:
<programlisting>
<![CDATA[
http://<hostname>/mmbase-webapp/
]]>
</programlisting>
</para>
<para>
<important>
<para>
Only name based virtual hosts are supported this way.
Make sure you add the virtual host name
(pointing to this very same (web) server)
to the <filename>/etc/hosts</filename> file
(replace <replaceable>&lt;hostname&gt;</replaceable> with your hostname):
<programlisting>
<![CDATA[
192.168.3.17 <hostname>
]]>
</programlisting>
</para>
<para>
or things will not work
(running <acronym>DNS</acronym> is not sufficient here!).
</para>
</important>
</para>
<para>
If your <application class="software">Apache</application> installation
is serving only a single website,
you can leave out the hostname:
<programlisting>
<![CDATA[
[uri:/mmbase-webapp/*]
info=MMBase
]]>
</programlisting>
</para>
<para>
which will serve the
mapped <filename class="directory">/mmbase-webapp/</filename> directory
on every address and site
of your <application class="software">Apache</application> installation.
</para>
<para>
<note>
<para>
Using
<systemitem class="library"><acronym>JK</acronym> Connector</systemitem>
version 2,
all configuration settings will be in the
<filename>workers2.properties</filename> file.
Even though <application class="software">Tomcat</application>
comes with its own
<acronym>JK 2</acronym> configuration file
<filename>/usr/local/tomcat/conf/jk2.properties</filename>,
there's no need to edit this
as long as you stick with the standard
<systemitem class="resource">port 8009</systemitem>.
</para>
<para>
If you do have to edit this file
(for example when changing the port),
make sure that you do it
when your <application class="software">Tomcat</application> server
is not running;
the file is auto-edited
by <application class="software">Tomcat</application> itself.
</para>
</note>
</para>
<para>
After adding the <systemitem class="library">mod_jk2</systemitem> module
to your <application class="software">Apache</application> configuration
(in the file
<filename>/etc/httpd/conf/httpd.conf</filename>
or in a new file <filename>jk2.conf</filename>
in the <application class="software">Apache</application>
configuration directory
<filename class="directory">/etc/httpd/conf.d</filename>):
<programlisting>
<![CDATA[
# Load mod_jk2 module
LoadModule jk2_module modules/mod_jk2.so
]]>
</programlisting>
</para>
<para>
<programlisting>
<![CDATA[
chown root:root /etc/httpd/conf.d/jk2.conf
chmod 644 /etc/httpd/conf.d/jk2.conf
]]>
</programlisting>
</para>
<para>
you can now restart <application class="software">Apache</application>
and give your new entrance a try:
(replace <replaceable>&lt;hostname&gt;</replaceable> with your hostname):
<programlisting>
<![CDATA[
http://<hostname>/mmbase-webapp/
]]>
</programlisting>
</para>
<para>
To check the status of
the <systemitem class="library"><acronym>JK 2</acronym> Connector</systemitem>
(replace <replaceable>&lt;hostname&gt;</replaceable> with your hostname):
<programlisting>
<![CDATA[
http://<hostname>/jkstatus/
]]>
</programlisting>
</para>
<para>
<tip>
<para>
You can reread the configuration in
<filename>/usr/local/apache/conf/workers2.properties</filename>
by (re)loading the <guimenu>JK Status</guimenu> page.
This allows you to add new mappings
without restarting <application class="software">Apache</application>
or having it reload its configuration.
However, existing mappings can not be removed this way
and require <application class="software">Apache</application> to reconfigure.
</para>
<para>
Although it's also possible to place the <acronym>JK 2</acronym> configurations
(in a slightly different form)
in your <application class="software">Apache</application> configuration file,
this is a good reason to stick with the
<filename>workers2.properties</filename> setup.
</para>
</tip>
</para>
<para>
<important>
<para>
To protect access to the <guimenu>JK Status</guimenu> page,
add an authentication declaration
to the <application class="software">Apache</application> configuration.
For example:
<programlisting>
<![CDATA[
<Location /jkstatus/>
AuthType Basic
AuthName "JK 2 Connector Status"
AuthUserFile /etc/httpd/conf/users
AuthGroupFile /etc/httpd/conf/groups
Require group admin
</Location>
]]>
</programlisting>
</para>
<para>
This will prompt for a login from a user
from the <systemitem class="username">admin</systemitem> group.
</para>
</important>
</para>
<para>
In case of any problems,
check
the <systemitem class="library"><acronym>JK 2</acronym> Connector</systemitem>
log messages
that will be written to your <application class="software">Apache</application>
<filename>error_log</filename>.
</para>
<para>
<tip>
<para>
In case the
<systemitem class="library"><acronym>JK 2</acronym> Connector</systemitem>
has difficulties connecting to
<application class="software">Tomcat</application>,
check whether <application class="software">Tomcat</application> is indeed
available on
<systemitem class="resource">port 8009</systemitem>:
<programlisting>
<![CDATA[
netstat -tln
]]>
</programlisting>
</para>
</tip>
</para>
<para>
Access requests mapping to <application class="software">Tomcat</application>
will be logged in the <filename>access_log</filename>'s
and <filename>error_log</filename>'s
of <application class="software">Apache</application>.
</para>
<para>
For more information on the
<filename>workers2.properties</filename> configuration,
check the documentation at:
<programlisting>
<ulink url="http://jakarta.apache.org/tomcat/tomcat-4.1-doc/jk2/jk2/configwebcom.html">http://jakarta.apache.org/tomcat/tomcat-4.1-doc/jk2/jk2/configwebcom.html</ulink>
</programlisting>
</para>
<para>
There you will read about
setting up more (remote)
<application class="software">Tomcat</application> workers,
grouping these together in load-balancing pools,
setting up <acronym>RPC</acronym> channels,
using <systemitem class="osname">Unix</systemitem> sockets,
using the
<systemitem class="library">Java Native Interface (<acronym>JNI</acronym></systemitem>)
to interconnect with
<application class="software">Tomcat</application> directly (in-process),
setting up alternative loggers,
and optimizing your time-outs.
</para>
<para>
<tip>
<para>
<application class="software">Apache</application> is far more efficient
than <application class="software">Tomcat</application>
in serving ordinary content files.
You could have both the <application class="software">Apache</application>
and <application class="software">Tomcat</application> document directories
point to the same directory on your filesystem
and only forward requests for <acronym>JSP</acronym> pages
and <systemitem class="library">Java Servlets</systemitem>.
For example (in <filename>workers2.conf</filename>):
<programlisting>
<![CDATA[
#[uri:/examples/servlet/*]
#info=Prefix mapping
#[uri:/examples/*.jsp]
#info=Extension mapping
]]>
</programlisting>
</para>
<para>
However, now you need to protect
<application class="software">Tomcat's</application>
<filename class="directory">WEB-INF/</filename> directories
(and other directories and files you don't want visitors to have access to)
from being served by <application class="software">Apache</application>.
For example (in <application class="software">Apache</application>'s
<filename>httpd.conf</filename>):
<programlisting>
<![CDATA[
<Location "/examples/WEB-INF/">
AllowOverride None
deny from all
<Location>
]]>
</programlisting>
</para>
<para>
Also, realize that a setup like this bypasses
any security constraints you may have configured
in the file
<filename>/usr/local/tomcat/webapps/examples/WEB-INF/web.xml</filename>.
</para>
</tip>
</para>
<para>
You can find more general information about
the <systemitem class="library"><acronym>JK 2</acronym> Connector</systemitem>
at:
<screen>
<ulink url="http://jakarta.apache.org/tomcat/tomcat-4.1-doc/jk2/">http://jakarta.apache.org/tomcat/tomcat-4.1-doc/jk2/</ulink>
</screen>
</para>
</sect1>
<sect1>
<title>
Installing an <application class="software">Apache</application>
reverse proxy
as a front-end
to your <application class="software">MMBase</application> server
</title>
<para>
Installing an <application class="software">Apache</application> reverse proxy
is an easy alternative to the
<systemitem class="library"><acronym>JK 2</acronym> Connector</systemitem>
to use <application class="software">Apache</application> as a front-end
to your <application class="software">Tomcat</application> server.
</para>
<para>
Add to your <application class="software">Apache</application>
(virtual) server configuration
(replace <replaceable>&lt;hostname&gt;</replaceable> with your hostname):
<programlisting>
<![CDATA[
ProxyPass /tomcat/ http://<hostname>:8080/
ProxyPassReverse /tomcat/ http://<hostname>:8080/
ProxyPass /mmbase/ http://<hostname>:8080/mmbase-webapp/
ProxyPassReverse /mmbase/ http://<hostname>:8080/mmbase-webapp/
]]>
</programlisting>
</para>
<para>
This allows you to access your
<application class="software">Tomcat</application> server
as
(replace <replaceable>&lt;hostname&gt;</replaceable> with your hostname):
<programlisting>
<![CDATA[
http://<hostname>/tomcat/
]]>
</programlisting>
</para>
<para>
and your <application class="software">MMBase</application> server as
(replace <replaceable>&lt;hostname&gt;</replaceable> with your hostname):
<programlisting>
<![CDATA[
http://<hostname>/mmbase/
]]>
</programlisting>
</para>
<para>
<caution>
<para>
Our MMBase version 1.7 installation used
absolute directory paths in the web pages it generated.
In order to get the reverse proxies to work properly,
the Apache proxy paths had to be the same
(replace <replaceable>&lt;hostname&gt;</replaceable> with your hostname):
<programlisting>
<![CDATA[
ProxyPass /mmbase-webapp/ http://<hostname>:8080/mmbase-webapp/
ProxyPassReverse /mmbase-webapp/ http://<hostname>:8080/mmbase-webapp/
]]>
</programlisting>
</para>
</caution>
</para>
</sect1>
<sect1>
<title>
Installing more <application class="software">MMBase</application> servers
on a single <application class="software">Tomcat</application> server
</title>
<para>
If you want to support
more instances of <application class="software">MMBase</application>,
for example if you would like
to make <application class="software">MMBase</application>
available to more or all of your users,
you can create several
<application class="software">MMBase</application> installations
and have these all run on the same
<application class="software">Tomcat</application> server.
</para>
<para>
Install <application class="software">MMBase</application>
in the home directory
of the user <replaceable>&lt;user&gt;</replaceable>
performing all steps before:
<itemizedlist spacing="compact">
<listitem>
<para>
create a directory <filename class="directory">mmbase/</filename>
in the users home directory,
</para>
</listitem>
<listitem>
<para>
copy all <application class="software">MMBase</application> files
into the directory
<filename class="directory">/home/<replaceable>&lt;user&gt;</replaceable>/mmbase/</filename>,
</para>
</listitem>
<listitem>
<para>
build the directory structure and configuration files
in the very same way we did before,
</para>
</listitem>
<listitem>
<para>
for <application class="software">MMBase</application> version 1.7
running on <application class="software">Tomcat</application> version 5,
enable the <systemitem class="library">Xerces</systemitem> libraries,
</para>
</listitem>
<listitem>
<para>
for <application class="software">MMBase</application> version 1.6
running on <application class="software">Tomcat</application> version 4,
remove the <systemitem class="library">Xerces</systemitem> libraries
in <application class="software">MMBase</application>
(after you have copied these
from <application class="software">MMBase</application>
to <application class="software">Tomcat</application>
the first time),
</para>
</listitem>
<listitem>
<para>
install the <application class="software">MySQL</application>
<acronym>JDBC</acronym> driver
and create a new <application class="software">MySQL</application> database
for this user.
</para>
</listitem>
</itemizedlist>
</para>
<para>
Make sure both the user
and the <application class="software">Tomcat</application> server
have access to the
<application class="software">MMBase</application> installation:
<programlisting>
<![CDATA[
chown -R <user>:tomcat /home/<user>/mmbase/
]]>
</programlisting>
</para>
<para>
Make sure that the directory
<filename class="directory">/home/<replaceable>&lt;user&gt;</replaceable>/mmbase/WEB-INF/config/builders/applications</filename>
is writable and accessible by the servlet engine user
(for auto-installing builders):
<programlisting>
<![CDATA[
chmod 770 /home/<user>/mmbase/WEB-INF/config/builders/applications
chmod 750 /home/<user>/mmbase/WEB-INF/config/builders/
chmod 750 /home/<user>/mmbase/WEB-INF/config/
chmod 750 /home/<user>/mmbase/WEB-INF/
chmod 750 /home/<user>/mmbase/
]]>
</programlisting>
</para>
<para>
Now the home directory of this user has to be accessible
to the <application class="software">Tomcat</application> server
as well.
You can change the group owner of the users home directory
to the <systemitem class="username">tomcat</systemitem> user group:
<programlisting>
<![CDATA[
chown -g tomcat /home/<user>/
]]>
</programlisting>
</para>
<para>
Or, if you don&apos;t want this,
use the Access Control Lists (<acronym>ACL</acronym>&apos;s)
to accomplish the same:
<programlisting>
<![CDATA[
setfacl -m u:tomcat:r-x /home/<user>/
]]>
</programlisting>
</para>
<para>
Finally, link the new
<application class="software">MMBase</application> installation
to the <application class="software">Tomcat</application> server:
<programlisting>
<![CDATA[
ln -s /home/<user>/mmbase /usr/local/tomcat/webapps/mmbase-<user>
]]>
</programlisting>
</para>
<para>
and restart <application class="software">Tomcat</application>:
<programlisting>
<![CDATA[
service tomcat restart
]]>
</programlisting>
</para>
<para>
which will make
this users <application class="software">MMBase</application> installation
available through:
<programlisting>
<![CDATA[
http://<hostname>:8080/mmbase-<user>/
]]>
</programlisting>
</para>
<para>
Again, you can set up a <acronym>JK 2</acronym> mapping or a reverse proxy
in <application class="software">Apache</application>
like we did before.
</para>
<para>
<important>
<para>
In order to run
several instances of <application class="software">MMBase</application>
on a single <application class="software">Tomcat</application> server,
make sure you increase the available memory resources, i.e.
by adding to the <envar>$CATALINA_OPTS</envar> environment variable
in <filename>/etc/rc.d/init.d/tomcat</filename>:
<programlisting>
<![CDATA[
-Xms64m -Xmx512m
]]>
</programlisting>
</para>
</important>
</para>
</sect1>
<sect1>
<title>Acknowledgements</title>
<para>
This document is a follow-up on the
<quote><application class="software">MMBase</application> Mini-HOWTO:
Installation on <systemitem class="osname">Debian Woody</systemitem></quote>,
by Casper Joost Eyckelhof, University of Twente, The Netherlands.
</para>
</sect1>
<sect1>
<title>Contributers</title>
<!-- Most recent contributer goes at the top; list in descending order -->
<para>
<itemizedlist spacing="compact">
<listitem>
<para>
Felipe Caballero Gil,
</para>
</listitem>
<listitem>
<para>
Andr&#233; van Elst,
<ulink url="http://www.finalist.nl">Finalist</ulink>,
The Netherlands.
</para>
</listitem>
</itemizedlist>
</para>
</sect1>
<sect1>
<title>Revision history</title>
<!-- Most recent revision goes at the top; list in descending order -->
<para>
<itemizedlist spacing="compact">
<listitem>
<para>
<ulink url="http://www.offerman.net/MMBase-Installation-HOWTO/MMBase-Installation-HOWTO-0.3.5.DocBook.html">Version 0.3.5</ulink>, June 25, 2006: Tomcat init script,
</para>
</listitem>
<listitem>
<para>
<ulink url="http://www.offerman.net/MMBase-Installation-HOWTO/MMBase-Installation-HOWTO-0.3.4.DocBook.html">Version 0.3.4</ulink>, September 19, 2005: minor corrections,
</para>
</listitem>
<listitem>
<para>
<ulink url="http://www.offerman.net/MMBase-Installation-HOWTO/MMBase-Installation-HOWTO-0.3.2.DocBook.html">version 0.3.2</ulink>, January 25, 2005: MMBase 1.7.3, Java 1.5.0-01,
</para>
</listitem>
<listitem>
<para>
<ulink url="http://www.offerman.net/MMBase-Installation-HOWTO/MMBase-Installation-HOWTO-0.3.1.DocBook.html">version 0.3.1</ulink>, December 26, 2004: Email module,
</para>
</listitem>
<listitem>
<para>
<ulink url="http://www.offerman.net/MMBase-Installation-HOWTO/MMBase-Installation-HOWTO-0.3.0.DocBook.html">version 0.3.0</ulink>, December 25, 2004: MMBase 1.7.2, Tomcat 5.5.4, Java 1.5.0, MySQL Connector/J 3.0.16-ga, Jikes 1.22,
</para>
</listitem>
<listitem>
<para>
<ulink url="http://www.offerman.net/MMBase-Installation-HOWTO/MMBase-Installation-HOWTO-0.2.6.DocBook.html">version 0.2.6</ulink>, July 27, 2004: minor additions,
</para>
</listitem>
<listitem>
<para>
<ulink url="http://www.offerman.net/MMBase-Installation-HOWTO/MMBase-Installation-HOWTO-0.2.5.DocBook.html">version 0.2.5</ulink>, February 28, 2004: Creative Commons copyright license adjusted,
</para>
</listitem>
<listitem>
<para>
<ulink url="http://www.offerman.net/MMBase-Installation-HOWTO/MMBase-Installation-HOWTO-0.2.4.DocBook.html">version 0.2.4</ulink>, January 22, 2004: Creative Commons copyright license; minor additions and corrections,
</para>
</listitem>
<listitem>
<para>
<ulink url="http://www.offerman.net/MMBase-Installation-HOWTO/MMBase-Installation-HOWTO-0.2.3.DocBook.html">version 0.2.3</ulink>, December 26, 2003: minor additions and corrections,
</para>
</listitem>
<listitem>
<para>
<ulink url="http://www.offerman.net/MMBase-Installation-HOWTO/MMBase-Installation-HOWTO-0.2.2.DocBook.html">version 0.2.2</ulink>, December 20, 2003: copyright adjusted,
</para>
</listitem>
<listitem>
<para>
<ulink url="http://www.offerman.net/MMBase-Installation-HOWTO/MMBase-Installation-HOWTO-0.2.1.DocBook.html">version 0.2.1</ulink>, December 18, 2003: minor corrections,
</para>
</listitem>
<listitem>
<para>
<ulink url="http://www.offerman.net/MMBase-Installation-HOWTO/MMBase-Installation-HOWTO-0.2.DocBook.html">version 0.2</ulink>, December 15, 2003: <systemitem class="library"><acronym>JK 2</acronym> Connector</systemitem> setup added,
</para>
</listitem>
<listitem>
<para>
<ulink url="http://www.offerman.net/MMBase-Installation-HOWTO/MMBase-Installation-HOWTO-0.1.DocBook.html">version 0.1</ulink>, December 10, 2003: initial draft.
</para>
</listitem>
</itemizedlist>
</para>
</sect1>
<sect1>
<title>Disclaimer</title>
<para>
This document is provided <quote>as is</quote>,
without any expressed or implied warranties.
Use the ideas, concepts, scripts, examples, helping hands and other
information at your own risk.
</para>
<para>
The specific products and their respective manufacturers are not to be taken
as endorsements of, nor commercials for, the manufacturer.
</para>
</sect1>
<sect1>
<title>Copyright</title>
<para>
Compiled, Copyright &copy; 2003 - 2006, by
<ulink url="http://www.offerman.net/">Adrian Offerman</ulink>.
</para>
<para>
<ulink url="http://www.creativecommons.org/licenses/by-sa/1.0/"><inlinegraphic
fileref="./CreativeCommons-SomeRightsReserved.gif"
width="88" depth="31" format="GIF89a"/></ulink>
This document is licensed under the
<ulink url="http://www.creativecommons.org/licenses/by-sa/1.0/">Creative Commons Attribution-ShareAlike copyright license</ulink>.
</para>
<para>
This allows you to copy, distribute, display, and print this work,
and make derivative works,
and make commercial use of the work,
under the conditions that you give the original author credit,
and if you alter, transform, or build upon this work,
you may distribute the resulting work only under a license
identical to this one.
For any reuse or distribution,
you must make clear to others the license terms of this work.
Any of these conditions can be waived if you get permission from the author.
Your fair use and other rights are in no way affected by the above.
</para>
</sect1>
</article>
View Git Blame Copy Permalink