To restrict access to a standalone Tomcat instance by IP address<Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="127.0.0.1"/>The above will restrict access to the surrounding Engine, Host, or Context element inTOMCAT_HOME/conf/server.xml
. You may also specify a comma separated list of IP addresses instead of a single address. If you want to deny access to one or more IP addresses, you would do something like this:<Valve className="org.apache.catalina.valves.RemoteAddrValve" deny="127.0.0.1"/>To restrict by host name:<Valve className="org.apache.catalina.valves.RemoteHostValve" allow="yahoo.com"/>You use the same allow or deny attributes and the RemoteHostValve class instead of RemoteAddrValve.
Category Archives: Tomcat / jboss application server
How to catch 500 error from error logs in apache
A. Enable cgi for your apache. Add following.
1) LoadModule cgid_module modules/mod_cgid.so
2)
<Directory “/appl/apache2/cgi-bin”>
AllowOverride None
Options ExecCGI
Order allow,deny
Allow from all
</Directory>
3)
ScriptAlias /cgi-bin/ “/appl/apache2/cgi-bin/”
AddHandler cgi-script .cgi
ErrorDocument 413 /cgi-bin/error.cgi
4) Restart apache.
B. Set up the following python script to catch this error, send an email to admin and give the custome message to users.
/appl/apche/cgi-bin/error.cgi
chmod +x /appl/apache/cgi-bin/error.cgi
#!/usr/bin/python
import sys, os
SENDMAIL = “/usr/sbin/sendmail” # sendmail location
print “Content-Type: text/htmlnn”;
if (os.environ[“REDIRECT_STATUS”] == “413”) or (os.environ[“REDIRECT_STATUS”] == “500”):
stats = “<table border=1><tr><td>Variable</td><td>Value</td></tr>”
for name, value in os.environ.items():
stats += “<tr><td>%s</td><td>%s</td></tr>” % (name,value)
stats += “</table>”
sendmail_location = “/usr/sbin/sendmail” # sendmail location
p = os.popen(“%s -t” % “/usr/sbin/sendmail”, “w”)
p.write(“From: %sn” % “error-reporter@domain.com”)
p.write(“To: %sn” % “mail@domain.com”)
p.write(“Content-Type: text/htmln”)
p.write(“Subject: Error %s in accessing n” % os.environ[“REDIRECT_STATUS”])
p.write(“n”) # blank line separating headers from body
p.write(stats)
status = p.close()
”’print “<H3><center>Inconvenience Regretted. Team has been notified of this issue</center></h3>””’
cookieclearjs=”””
<script language=’JavaScript’>
var todate = new Date ( );
todate.setTime ( todate.getTime() – 100000 );
var domain_url_del = window.location.href;
var domain_Name_url_del = domain_url_del.split(“http://”);
var domain_Name_temp_del = domain_Name_url_del[1].split(“/”);
var domain_Name_del = domain_Name_temp_del[0];
var cookieList = document.cookie.split(‘;’);
for(var i=0;i < cookieList.length;i++)
{
var name = cookieList[i];
if(name.indexOf(“MyLinks”)!=-1)
{
document.cookie = ”+name+’=; path=//APPLICATION/PATH; domain=.’ + domain_Name_del + ‘; expires=’ + todate.toGMTString();
document.cookie = ”+name+’=; path=//APPLICATION/PATH; domain=.’ + domain_Name_del + ‘; expires=’ + todate.toGMTString();
}
}
</script>
“””
print cookieclearjs
print “<script language=’JavaScript’>window.location=’%s'</script>” % os.environ[“REDIRECT_SCRIPT_URI”]
else:
print “<H3><center>What you are looking for, is not here</center></h3>”
Installing Apache 2.2.11 with Weblogic 10.3 on Ubuntu 9.04 64 bit
This post takes you through the steps to install Apache 2.2.11 on Ubuntu 9.04 64 bit and make it work with Weblogic 10.3. The post walks through the steps that I followed, the problems that I faced and the solutions ( er..hacks) to get them resolved.
Installing Apache
- Is simple do
sudo apt-get install apache2
If you want to build it from sources then follow these steps.
- Once you have installed apache2 then the installation happens at the following locations in Ubuntu
Apache config files are in /etc/apache
Apache log files are in /var/log/apache
Apache libs are in /usr/lib/apache
Other files can be in /usr/share/apache, /var/lib/apache
executables in /usr/sbin apache and apache2ctl
- Now to start apache execute the following
vhazrati@vhazrati-laptop:/usr/sbin$ sudo apache2ctl start
- Note that the server is started as a root, else you might get the following error
(13)Permission denied: make_sock: could not bind to address 0.0.0.0:80
no listening sockets available, shutting down
Unable to open logs
You should be able to access the default page on http://localhost now and see It Works!
Now, Integrating with Weblogic
- Download the apache plugins for weblogic 10.3 from the following location
http://download.oracle.com/otn/bea/weblogic/server103/server103_apacheplugins.zip
- Unzip the contents and select the mod_wl_22.so file from the location
<apache-plugin-unzip-location>linux/x86_64
- This file needs to be loaded the following location
/usr/lib/apache2/modules
- to test whether the file is valid or not do ldd
vhazrati@vhazrati-laptop:/usr/lib/apache2/modules$ ldd mod_wl_22.so
linux-vdso.so.1 => (0×00007fff02ffe000)
libstdc++.so.5 => /usr/lib/libstdc++.so.5 (0×00007f5cfaaff000)
libm.so.6 => /lib/libm.so.6 (0×00007f5cfa87a000)
libgcc_s.so.1 => /lib/libgcc_s.so.1 (0×00007f5cfa661000)
libc.so.6 => /lib/libc.so.6 (0×00007f5cfa2ef000)
/lib64/ld-linux-x86-64.so.2 (0×00007f5cfafc5000)
- You might notice that some file like in my case libstdc++.so.5 => was not found!
-bash-3.00$ ldd mod_wl_22.so
libstdc++.so.5 => not found
libm.so.6 => /lib64/tls/libm.so.6 (0×0000002a9572f000)
libgcc_s.so.1 => /lib64/libgcc_s.so.1 (0×0000002a958b5000)
libc.so.6 => /lib64/tls/libc.so.6 (0×0000002a959c3000)
/lib64/ld-linux-x86-64.so.2 (0×000000552aaaa000)
- Goto the synaptic package manager, search and install this file.
- Now create a weblogic.load file with the following contents
LoadModule weblogic_module /usr/lib/apache2/modules/mod_wl_22.so
- and put it at the following location
/etc/apache2/mods-enabled
- You can also create a weblogic.conf file with the following contents at the same location
<Location /medrec>
SetHandler weblogic-handler
WebLogicHost 127.0.1.1
WebLogicPort 7011
</Location>
This would help in redirecting a request like http://localhost/medrec to the weblogic server running on 127.0.1.1 and at 7011 port with the application name medrec.
- Restart Apache
vhazrati@vhazrati-laptop:/usr/sbin$ sudo apache2ctl restart
- Check whether the weblogic_module has been loaded successfully or not
vhazrati@vhazrati-laptop:/usr/sbin$ apache2 -t -D DUMP_MODULES
apache2: Could not reliably determine the server’s fully qualified domain name, using 127.0.1.1 for ServerName
Loaded Modules:
core_module (static)
log_config_module (static)
logio_module (static)
mpm_worker_module (static)
http_module (static)
so_module (static)
alias_module (shared)
auth_basic_module (shared)
authn_file_module (shared)
authz_default_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cgid_module (shared)
deflate_module (shared)
dir_module (shared)
env_module (shared)
mime_module (shared)
negotiation_module (shared)
setenvif_module (shared)
status_module (shared)
weblogic_module (shared)
- If you see the weblogic_module loaded fine then you have configured it correctly and can now access the application at
http://localhost/medrec/
- To test whether the apache2.conf file is correct or not you can use
vhazrati@vhazrati-laptop:/usr/sbin$ apache2 -t
apache2: Could not reliably determine the server’s fully qualified domain name, using 127.0.1.1 for ServerName
Syntax OK
Other Potential Problem(s)
- You may encounter the problem bad user name ${APACHE_RUN_USER}
this is because the value of ${APACHE_RUN_USER} is not getting picked up. Ideally it should be picked up from /etc/apache2/envvars
which has the following entries
# envvars – default environment variables for apache2ctl
# Since there is no sane way to get the parsed apache2 config in scripts, some
# settings are defined via environment variables and then used in apache2ctl,
# /etc/init.d/apache2, /etc/logrotate.d/apache2, etc.
export APACHE_RUN_USER=www-data
export APACHE_RUN_GROUP=www-data
export APACHE_PID_FILE=/var/run/apache2.pid
However, still in your case if these values are not picked up then goto the /etc/apache2/apache2.conf file and make the following changes
# These need to be set in /etc/apache2/envvars
# User ${APACHE_RUN_USER}
# Group ${APACHE_RUN_GROUP}
User www-data
Group www-data
- The weblogic.load file is not read for some reason and hence the weblogic_module is not loaded
Make an entry in the httpd.conf file at the following location
/etc/apache2/httpd.conf
and enter the LoadModule and other configuration data in this file
LoadModule weblogic_module /usr/lib/apache2/modules/mod_wl_22.so
<Location /medrec>
SetHandler weblogic-handler
WebLogicHost 127.0.1.1
WebLogicPort 7011
</Location>
There is an entry in the apache2.conf file to include the httpd.conf file, hence the changes of httpd.conf would get loaded
# Include all the user configurations:
Include /etc/apache2/httpd.conf
How to check the installed mod_jk version
2 ways you can do that.
1. Better approach is
# strings /PATH/TO/APACHE/modules/mod_jk.so |grep -i mod_jk
mod_jk.so
mod_jk.c
mod_jk/1.2.18 <-- There you go.
2. If you have that already installed then if you have enable mod_jk log then you can check from that log file or you can do
http://Your_SERVER/ApplicationURL/SomeFOLDER/@#@#CS<>>$#$#$%
You will get internal serever error over there at the bottom you will get the mod_jk version with apache version.
e.g.
Apache/2.0.59 (Unix) mod_jk/1.2.28