Using Tomcat with Apache (mod jk)

Revision as of 01:17, 15 April 2006 by KevinH (talk | contribs)

As standard, Zimbra runs itself on port 80. However, this means you can't use Apache or access any other website through that server. If you are using your server only as a groupware box, this is no bother. But if you are using it in the situation I am with other servers, this is no good. This tutorial will:

a.) Configure Tomcat to host on Port 7070 (as in M1) and 7443 for the SSL port

b.) Download and install the mod_jk RPM

c.) Configure mod_jk to access Zimbra on http://your-custome-apache-server/zimbra/

d.) Configure Apache to start on system boot

Original Tutorial from the forums [1]

a.) Configure Tomcat to host on Port 7070 (as in M1)

zmprov ms <servername> zimbraMailPort 7070
zmprov ms <servername> zimbraMailSSLPort 7443


b.) Download and install the mod_jk RPM

For CentOS 4.2:

wget http://mirrors.dotsrc.org/jpackage/1.6/redhat-el-3.0/free/RPMS/mod_jk-ap20-1.2.14.1-2jpp.i386.rpm
rpm -ivh mod_jk-ap20-1.2.14.1-2jpp.i386.rpm

For other distributions: Make sure that Apache has the mod_jk.so module located in the modules folder.


Edit server.xml

/opt/zimbra/tomcat/conf $ diff -u server.xml.bak server.xml
--- server.xml.bak      2006-02-27 15:03:24.000000000 -0500
+++ server.xml  2006-02-24 13:35:21.000000000 -0500
@@ -34,6 +34,8 @@
        clientAuth="false" sslProtocol="TLS"
        keystoreFile="/opt/zimbra/tomcat/conf/keystore" keystorePass="zimbra"/>
+    <Connector port="8009"
+       enableLookups="false" redirectPort="8443" protocol="AJP/1.3" />
    <Engine name="Catalina" defaultHost="localhost">
      <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
             resourceName="UserDatabase" />


Edit server.xml.in

/opt/zimbra/tomcat/conf $ diff -u server.xml.in.orig server.xml.in
--- server.xml.in.orig  2006-02-27 15:05:21.000000000 -0500
+++ server.xml.in       2006-02-24 12:51:40.000000000 -0500
@@ -34,6 +34,8 @@
        clientAuth="false" sslProtocol="TLS"
        keystoreFile="/opt/zimbra/tomcat/conf/keystore" keystorePass="zimbra"/>
+    <Connector port="8009"
+       enableLookups="false" redirectPort="8443" protocol="AJP/1.3" />
    <Engine name="Catalina" defaultHost="localhost">
      <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
             resourceName="UserDatabase" />


Create the workers.properties file /etc/httpd/conf.d/workers.properties

worker.list=localhost
worker.localhost.port=8009
worker.localhost.host=localhost
worker.localhost.type=ajp13
worker.localhost.lbfactor=1
workers.tomcat_home=/opt/zimbra/tomcat5
workers.java_home=/opt/zimbra/java


Next, configure Apache by editing httpd.conf or vhost specific file.


# Load mod_jk module
LoadModule    jk_module  modules/mod_jk.so
# Where to find workers.properties
JkWorkersFile /etc/httpd/conf.d/workers.properties
# Where to put jk logs
JkLogFile     /var/log/httpd/mod_jk.log
# Set the jk log level [debug/error/info]
JkLogLevel    debug
# SHM info
JkShmFile   /etc/httpd/logs/jk.shm
JkShmSize   10M
# Select the log format
JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
# JkOptions indicate to send SSL KEY SIZE,
JkOptions     +ForwardKeySize +ForwardURICompat -ForwardDirectories
# JkRequestLogFormat set the request format
JkRequestLogFormat     "%w %V %T"
# JkMount points
JkMount /zimbra/* localhost
JkMount /service/* localhost
JkMount /zimbraAdmin/* localhost

[NOTE: the last argument given in the JkMount directive should be the name of the worker defined in workers.properties ]

Restart Tomcat and Apache

/opt/zimbra/bin/tomcat restart
apachectl restart

Issues

The login should be http only [2] It seems that mixed login is broken (Mixed login means that if you hit http://, it redirects to https for login then returns to http for session. If you hit https:// originally, the login is in https, and the session continues in https).

Jump to: navigation, search