Redirect Tomcat ROOT index.html to your site app

If I have a app at, I want to redirect traffic going to to the same app and not the default Tomcat root page.

Put this in the …/webaps/ROOT/index.html

<meta http-equiv=”refresh” content=”0;URL=http[s]://”>


2010 EC2 setup

Started this again. Lots has changed, so blogging again.

1) Get new version of Ubuntu. These guys make it easy.

2) I chose ami-714ba518 since it has EBS and that means it remembers the instance between reboots

3) Fire it up and then log in

4) Log in as ubuntu and the server is the public DNS entry of the EC2 server

5) Start the updates & install Java JDK

# sudo add-apt-repository ‘deb lucid partner’

# sudo apt-get update

# sudo apt-get install sun-java6-jdk

# java -version

java version “1.6.0_20″Java(TM) SE Runtime Environment (build 1.6.0_20-b02)Java HotSpot(TM) Client VM (build 16.3-b01, mixed mode, sharing)

6) Now install Tomcat

# sudo apt-get install tomcat6

7) Test Tomcat

Enter this in a browser http://<public DNS>:8080

Up and running.

Next is to shut down 8080 and set up Apache with proxy to Tomcat

Apache2 Website and mod_proxy_ajp

Part 2 of the Apache2/mod_proxy_ajp is not the ajp part at all……

configure a http

Securing BlazeDS (https)

I wanted to set up a flex/BlazeDS app to ONLY use https and not http at all!

Key lies in setting up the channels in two places:

1) In services-config.xml, comment out the normal my-amf channel and leave the my-secure-amf only


<channel-definition id=”my-amf”>
<endpoint url=”http://{}:{server.port}/{context.root}/messagebroker/amf”/>
<channel-definition id=”my-secure-amf”>
<endpoint url=”https://{}:{server.port}/{context.root}/messagebroker/amfsecure”/>

2) Secondly comment out the same details in the remoting-config.xml file

<channel ref=”my-secure-amf”/>
<!–          <channel ref=”my-amf”/> –>

That’s it. Deploy and check. the first screen on http may appear, but nothing thereafter will work unless you use https://

Eclipse 3.4 Tomcat 6 SSL

Needed to get Tomcat SSL going to do https. Could not figure out how to add this in Eclipse. I would uncomment the https


<Connector SSLEnabled=”true” clientAuth=”false” maxThreads=”150″ port=”8443″ protocol=”HTTP/1.1″ scheme=”https” secure=”true” sslProtocol=”TLS”/>

but each time I start it, no HTTPS???

Finally found out that the file is read when “creating” the server! This means you need to do the following:

1) Go to the configuration on your drive /Users/des/tomcat6/conf/server.xml

2) Uncomment the Connector you want

3) Create a new server in Eclipse

Port 8443 now available

Apache2 Tomcat and mod_proxy_ajp

mod_jk is the old way of doing it, so now with Apache 2.2 mod_proxy_ajp and balancing is the way to go. Few things to configure

load the mod_proxy_ajp module and the balancer module

sudo a2enmod proxy_ajp

sudo a2enmod proxy_balancer

Because we are dealing with a Proxy, edit the /etc/apache2/mods-enabled/proxy.conf proxy file. By default it is restrictive and denies everything. Change it to allow any host to communicate

<IfModule mod_proxy.c>
#turning ProxyRequests on and allowing proxying from all may allow
#spammers to use your proxy to send email.

ProxyRequests Off

<Proxy *>
AddDefaultCharset off
Order deny,allow
#Deny from all
#Allow from
Allow from all

# Enable/disable the handling of HTTP/1.1 “Via:” headers.
# (“Full” adds the server version; “Block” removes all outgoing Via: headers)
# Set to one of: Off | On | Full | Block

ProxyVia On

NB. Note the warning about ProxyRequests! Leave it off. It is only used for forward proxies. (not for reverse)

Now configure /etc/apache2/httpd.conf. Here we want to set up a load balance, even if we only have one server. It allows us to set up more servers in the future. Specifically we want to set up the Tomcat server using the ajp protocol. The change is that instead of using mod_jk and communicating with http, we now directly talk ajp to Tomcat.

<Proxy balancer://backtcserver>
BalancerMember ajp://localhost:8009/some_app
ProxyPass /some_app  balancer://backtcserver/

BalanceMembers are what make up the servers. If you have two servers, add the second one here and Apache will balance the requests between the two servers. There are lots of parameters controlling how this is done, so see the Apache site for details.

The code above sends all requests to “/some_app” to the balancer, that in turn sends all requests to localhost:8009/some_app


Two errors I encountered while figuring this out

403 Forbidden – You have not changed the permissions in the proxy.conf file

404 Not found – the ajp:// URL is not set correctly to find the served file.

“some_app” needs to be on the URL and on the ProxyPass (Caused issues with Flex)

Simple as 😉


Apache uses this concept of “available” and “enabled” if you check the /etc/apache2″ directory you will see this for sites and for modules. It creates links in the enabled directory for what you use from the avalable directory. a2enmod creates a link and a2dismod disables it.

2010/08/18 Update: Don’t forget to open the 8009 port in tomcat server.xml file. It is commented out by default.