Activities

January 2012
M T W T F S S
« Dec   Feb »
 1
2345678
9101112131415
16171819202122
23242526272829
3031  

Java virtual hosting with multiple FTP users

As we all are familiar with virtual hosting in Apache and we can isolate each users to publish their sites to a folder under thier home directory. So there is no any issue with operating the files copied on the hosting root.

Earlier I had started tomcat from the root account and created Virtual hosting in tomcat and isolate the hosting root according to the users. The issue I had faced is none of the FTP users to modify/delete the files in their hosting root since all the files are owned by the root account because of root user is operating tomcat service.

So I have to gave ssh access to the server and gave sudo command to deploy users newly uploaded files. So it’s a security threat to allow users to have ssh access and permit to operate sudo commands.

After few R&D I decided to run the tomcat service from a normal user who does not have shell access

Solution :

1. create new user and group for tomcat user

 #group add tomcat
  #useradd -g tomcat tomcat

2. Permitting tomcat users to access the Tomcat installation files

 # chown -R tomcat.tomcat /usr/local/apache-tomcat-6.0.29/

3. Start the tomcat daemon within the user account.

    [root@rc-040 public_html]# su - tomcat
    [tomcat@rc-040 ~]$ cd /usr/local/apache-tomcat-6.0.29/bin/
    [tomcat@rc-040 bin]$ sh startup.sh
    Using CATALINA_BASE:   /usr/local/apache-tomcat-6.0.29
    Using CATALINA_HOME:   /usr/local/apache-tomcat-6.0.29
    Using CATALINA_TMPDIR: /usr/local/apache-tomcat-6.0.29/temp
    Using JRE_HOME:        /usr/java/jdk1.6.0_14
    Using CLASSPATH:       /usr/local/apache-tomcat-6.0.29/bin/bootstrap.jar
    [tomcat@rc-040 bin]$ netstat -nlp | grep "java"
(Not all processes could be identified, non-owned process info
 will not be shown, you would have to be root to see it all.)
tcp        0      0 :::8080                     :::*                        LISTEN      1837/java
[tomcat@rc-040 bin]$

You almost done !!! 🙂

Creating FTP users and Virtual hosting

a. An example of Virtualhost entry is showing below,

 [root@rc-040 public_html]# vi /usr/local/apache-tomcat-6.0.29/conf/server.xml

b. FTP user creation
1. create new user and set their primary group as tomcat.

 #useradd -g tomcat ftpuser1
        [root@rc-040 public_html]# chown -R ftpuser.tomcat /home/ftpuser/public_html

Setting sticky bit on the web directory where both users would have the same access

 [root@rc-040 public_html]# chmod -R  2777  /home/ftpuser/public_html

That’s it !!!!! Everything set..

Now upload your war file named as “ROOT.war” under the public_html folder and see the application running … 🙂 There is not need to restart the tomcat to deploy new application, Just like we do with Apache 🙂

You will get the sample war file from here “http://tomcat.apache.org/tomcat-5.5-doc/appdev/sample/sample.war” for the initial testing.

Here are the some useful file locations/path if you plan to run the Tomcat as a backend server over the AJP connector in Apache ( Recommended by me 🙂 )

1. /etc/httpd/modules/mod_jk.so
2. /etc/httpd/conf.d/jk.conf
3. /etc/httpd/conf.d/workers.properties
4. /etc/httpd/conf.d/javasite1.conf

 [root@rc-040 public_html]# ls  /etc/httpd/modules/mod_jk.so
/etc/httpd/modules/mod_jk.so
[root@rc-040 public_html]# cat  /etc/httpd/conf.d/jk.conf
LoadModule jk_module /usr/lib/httpd/modules/mod_jk.so
JkWorkersFile /etc/httpd/conf.d/workers.properties
JkShmFile     /var/log/httpd/mod_jk.shm
JkLogFile     /var/log/httpd/mod_jk.log
JkLogLevel    info
JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
[root@rc-040 public_html]# cat  /etc/httpd/conf.d/workers.properties
# Define 1 real worker using ajp13
worker.list=worker1
# Set properties for worker1 (ajp13)
worker.worker1.type=ajp13
worker.worker1.host=localhost
worker.worker1.port=8009
[root@rc-040 public_html]#

A sample Apache virtualhost entry

[root@rc-040 public_html]# cat /etc/httpd/conf.d/javasite1.conf
<VirtualHost *:80>
ServerName mydomain.com
ServerAlias wwww.mydomain.com
DocumentRoot /home/ftpuser/public_html
DirectoryIndex index.html dplpool/
Alias /  /home/ftpuser/public_html
ErrorLog logs/selfcare-javahost.log
JkMount /*.jsp worker1
#JkMount /   worker1
JkMount /* worker1
</VirtualHost>

Leave a Reply

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>