Apache2 Tomcat and mod_proxy_ajp

mod_jk is the old way of doing it, so now with Apache 2.2 mod_proxy_ajp and balancing is the way to go. Few things to configure

load the mod_proxy_ajp module and the balancer module

sudo a2enmod proxy_ajp

sudo a2enmod proxy_balancer

Because we are dealing with a Proxy, edit the /etc/apache2/mods-enabled/proxy.conf proxy file. By default it is restrictive and denies everything. Change it to allow any host to communicate

<IfModule mod_proxy.c>
#turning ProxyRequests on and allowing proxying from all may allow
#spammers to use your proxy to send email.

ProxyRequests Off

<Proxy *>
AddDefaultCharset off
Order deny,allow
#Deny from all
#Allow from .example.com
Allow from all

# Enable/disable the handling of HTTP/1.1 “Via:” headers.
# (“Full” adds the server version; “Block” removes all outgoing Via: headers)
# Set to one of: Off | On | Full | Block

ProxyVia On

NB. Note the warning about ProxyRequests! Leave it off. It is only used for forward proxies. (not for reverse)

Now configure /etc/apache2/httpd.conf. Here we want to set up a load balance, even if we only have one server. It allows us to set up more servers in the future. Specifically we want to set up the Tomcat server using the ajp protocol. The change is that instead of using mod_jk and communicating with http, we now directly talk ajp to Tomcat.

<Proxy balancer://backtcserver>
BalancerMember ajp://localhost:8009/some_app
ProxyPass /some_app  balancer://backtcserver/

BalanceMembers are what make up the servers. If you have two servers, add the second one here and Apache will balance the requests between the two servers. There are lots of parameters controlling how this is done, so see the Apache site for details.

The code above sends all requests to “/some_app” to the balancer, that in turn sends all requests to localhost:8009/some_app


Two errors I encountered while figuring this out

403 Forbidden – You have not changed the permissions in the proxy.conf file

404 Not found – the ajp:// URL is not set correctly to find the served file.

“some_app” needs to be on the URL and on the ProxyPass (Caused issues with Flex)

Simple as 😉


Apache uses this concept of “available” and “enabled” if you check the /etc/apache2″ directory you will see this for sites and for modules. It creates links in the enabled directory for what you use from the avalable directory. a2enmod creates a link and a2dismod disables it.

2010/08/18 Update: Don’t forget to open the 8009 port in tomcat server.xml file. It is commented out by default.

1 Comment

  1. have you tried using StreamingAmf channel with ajp , swf file loads up , but post request fail . any idea ?

Comments RSS TrackBack Identifier URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s