Apache 1.3 supports an optional module (mod_proxy) that configures the web server to act as a proxy server. This can be used to forward requests for a particular web application to a Tomcat instance, without having to configure a web connector such as mod_jk. To accomplish this, you need to perform the following tasks:
- Configure your copy of Apache so that it includes the mod_proxy module. If you are building from source, the easiest way to do this is to include the –enable-module=proxy directive on the ./configure command line.
- If not already added for you, make sure that you are loading the mod_proxy module at Apache startup time, by using the following directives in your httpd.conf file:
LoadModule proxy_module {path-to-modules}/mod_proxy.so
AddModule mod_proxy.c
- Include two directives in your httpd.conf file for each web application that you wish to forward to Tomcat. For example, to forward an application at context path /myapp:
ProxyPass /myapp http://localhost:8081/myapp
ProxyPassReverse /myapp http://localhost:8081/myapp
which tells Apache to forward URLs of the form http://localhost/myapp/* to the Tomcat connector listening on port 8081.
- Configure your copy of Tomcat to include a special <Connector> element, with appropriate proxy settings, for example:
<Connector port=”8081″ …
proxyName=”www.mycompany.com”
proxyPort=”80″/>
Which will cause servlets inside this web application to think that all proxied requests were directed towww.mycompany.com on port 80.
- It is legal to omit the proxyName attribute from the <Connector> element. If you do so, the value returned byrequest.getServerName() will by the host name on which Tomcat is running. In the example above, it would be localhost.
- If you also have a <Connector> listening on port 8080 (nested within the same Service element), the requests to either port will share the same set of virtual hosts and web applications.
- You might wish to use the IP filtering features of your operating system to restrict connections to port 8081 (in this example) to be allowed only from the server that is running Apache.
- Alternatively, you can set up a series of web applications that are only available via proxying, as follows:
- Configure another <Service> that contains only a <Connector> for the proxy port.
- Configure appropriate Engine, Host, and Context elements for the virtual hosts and web applications accessible via proxying.
- Optionally, protect port 8081 with IP filters as described earlier.
- When requests are proxied by Apache, the web server will be recording these requests in its access log. Therefore, you will generally want to disable any access logging performed by Tomcat itself.
When requests are proxied in this manner, all requests for the configured web applications will be processed by Tomcat (including requests for static content). You can improve performance by using the mod_jk web connector instead of mod_proxy. mod_jk can be configured so that the web server serves static content that is not processed by filters or security constraints defined within the web application’s deployment descriptor (/WEB-INF/web.xml).
