http://www.jaxmao.org/tomcat-docs/config/index.html
概 述 |
|
Overview |
这个手册包括可能被包括在 关于配置元素的描述被组织成下列几种主要类型:
对于每个元素,其相应的文档资料遵循下面这个一般大纲:
|
服务器组件 |
|
Introduction |
一个Server(服务器)元素代表整个Catalina servlet容器。因此,它必须是 |
Attributes |
Common Attributes Server(服务器)的所有实现支持下列属性: AttributeDescription 要使用的implementation的Java类名。这个类必须执行
TCP/IP端口数目,这个服务器在此等待关闭。这个连接必须从正在运行这个Tomcat实例的相同的服务器计算机上被初始化。
要关闭Tomcat,必须通过TCP/IP连接到指定的端口数目来被接受的命令字符串。 Standard Implementation 这个服务器的标准实现是org.apache.catalina.core.StandardServer。它支持下面其他属性(除了上面列出的通用属性外): AttributeDescription |
Nested Components |
下列组件可以被嵌套在一个Server(服务器)元素里面:
|
Special Features |
Server(服务器)元素没有任何专有特征。 |
服务组件 |
|
Introduction |
一个Service元素代表一个或多个连接器(Connector)组件的组合,这些连接器组件共享一个Engine component来处理进入的请求。一个或多个Service元素可以嵌套在一个Server(服务器)元素里面。 |
Attributes |
Common Attributes Service的所有实现支持下列属性: AttributeDescription 要使用的implementation的Java类名。这个类必须执行
这个Service元素所显示的名字,如果你使用标准的Catalina组件,它会被包括在log messages里面。每个与某一特殊的Server(服务器)相关联的Service的名字必须是独特的。 Standard Implementation 这个Service的标准实现是org.apache.catalina.core.StandardService 。它支持下面其他属性(除了上面列出的通用属性外): AttributeDescription |
Nested Components |
唯一的能够嵌套在一个Service元素里的组件是一个或多个Connector元素,后面紧跟着一个(仅仅一个)Engine元素。 |
Special Features |
Service元素没有任何专有特征。 |
The HTTP Connector |
|
Introduction |
HTTP Connector代表一个支持HTTP/1.1协定的Connector组件。它使Catalina在具有执行servlets和JSP页面能力之外,还能够作为独立的web服务器运作。这个组件的一个特殊的实例是在这个服务器上的一个特定的TCP端口数目上监听连接。一个或多个这样的Connectors(连接器)可以配置为一单个Service的一部分,每一个Connectors(连接器)转向它相关的Engine去处理请求和产生回应。 If you wish to configure the Connector that is used for connections to web servers using the AJP protocol (such as the 在服务器启动时间,这个Connector将产生许多处理请求的线程(根据配置的 |
Attributes |
Common Attributes Connector的所有实现支持下列属性: AttributeDescription 一个布林值,可以用来启用或取消TRACE HTTP方法。如果没有指定,这个属性被设置为false。
If set to
如果你想为了返回远程客户的实际主机名而调用
The maximum size in bytes of the POST which will be handled by the container FORM URL parameter parsing. The limit can be disabled by setting this attribute to a value less than or equal to 0. If not specified, this attribute is set to 2097152 (2 megabytes).
The maximum size in bytes of the POST which will be saved/buffered by the container during FORM or CLIENT-CERT authentication. For both types of authentication, the POST will be saved/buffered before the user is authenticated. For CLIENT-CERT authentication, the POST is buffered for the duration of the SSL handshake and the buffer emptied when the request is processed. For FORM authentication the POST is saved whilst the user is re-directed to the login form and is retained until the user successfully authenticates or the session associated with the authentication request expires. The limit can be disabled by setting this attribute to -1. Setting the attribute to zero will disable the saving of POST data during authentication . If not specified, this attribute is set to 4096 (4 kilobytes).
This attribute value must be
If this Connector is being used in a proxy configuration, configure this attribute to specify the server name to be returned for calls to
If this Connector is being used in a proxy configuration, configure this attribute to specify the server port to be returned for calls to
If this Connector is supporting non-SSL requests, and a request is received for which a matching
Set this attribute to the name of the protocol you wish to have returned by calls to
Set this attribute to
This specifies the character encoding used to decode the URI bytes, after %xx decoding the URL. If not specified, ISO-8859-1 will be used.
This specifies if the encoding specified in contentType should be used for URI query parameters, instead of using the URIEncoding. This setting is present for compatibility with Tomcat 4.1.x, where the encoding specified in the contentType, or explicitely set using Request.setCharacterEncoding method was also used for the parameters from the URL. The default value is
Set this attribute to
Set this attribute to Standard Implementation HTTP supports the following additional attributes (in addition to the common attributes listed above): AttributeDescription The maximum queue length for incoming connection requests when all possible request processing threads are in use. Any requests received when the queue is full will be refused. The default value is 10.
对于具有不止一个IP地址的服务器来说,这个属性指定了哪一个地址将被用来在指定的端口监听。在缺省情况下,这个端口会被使用在所有与这个服务器相关的IP地址上。
The size (in bytes) of the buffer to be provided for input streams created by this connector. By default, buffers of 2048 bytes will be provided.
The value is a comma separated list of MIME types for which HTTP compression may be used. The default value is
The Connector may use HTTP/1.1 GZIP compression in an attempt to save server bandwidth. The acceptable values for the parameter is "off" (disable compression), "on" (allow compression, which causes text data to be compressed), "force" (forces compression in all cases), or a numerical integer value (which is equivalent to "on", but specifies the minimum amount of data before the output is compressed). If the content-length is not known and compression is set to "on" or more aggressive, the output will also be compressed. If not specified, this attribute is set to "off".
The number of milliseconds during which the sockets used by this Connector will linger when they are closed. The default value is -1 (socket linger is disabled).
The number of milliseconds this Connector will wait, after accepting a connection, for the request URI line to be presented. The default value is 60000 (i.e. 60 seconds).
This flag allows the servlet container to use a different, longer connection timeout while a servlet is being executed, which in the end allows either the servlet a longer amount of time to complete its execution, or a longer timeout during data upload. If not specified, this attribute is set to "true".
The maximum size of the request and response HTTP header, specified in bytes. If not specified, this attribute is set to 4096 (4 KB).
The maximum number of HTTP requests which can be pipelined until the connection is closed by the server. Setting this attribute to 1 will disable HTTP/1.0 keep-alive, as well as HTTP/1.1 keep-alive and pipelining. Setting this to -1 will allow an unlimited amount of pipelined or keep-alive HTTP requests. If not specified, this attribute is set to 100.
The maximum number of unused request processing threads that will be allowed to exist until the thread pool starts stopping the unnecessary threads. The default value is 50.
The maximum number of request processing threads to be created by this Connector, which therefore determines the maximum number of simultaneous requests that can be handled. If not specified, this attribute is set to 200.
The number of request processing threads that will be created when this Connector is first started. The connector will also make sure it has the specified number of idle processing threads available. This attribute should be set to a value smaller than that set for
The value is a comma separated list of regular expressions matching user-agents of HTTP clients for which compression should not be used, because these clients, although they do advertise support for the feature, have a broken implementation. The default value is an empty String (regexp matching disabled).
The TCP port number on which this Connector will create a server socket and await incoming connections. Your operating system will allow only one server application to listen to a particular port number on a particular IP address.
The value is a comma separated list of regular expressions matching user-agents of HTTP clients for which HTTP/1.1 or HTTP/1.0 keep alive should not be used, even if the clients advertise support for these features. The default value is an empty String (regexp matching disabled).
The Server header for the http response. Unless your paranoid, you won't need this feature.
The size (in bytes) of the buffer to be provided for socket output buffering. -1 can be specified to disable the use of a buffer. By default, a buffers of 9000 bytes will be used.
The thread pooling strategy which will be used. The default strategy does not use a master thread, but a more conventional strategy using a master listener thread can be used by setting "ms" as this attribute's value. The master strategy will work significantly better using the threadPriority attribute, which will apply only to the thread which listens on the server socket. This is set to
If set to
The priority of the request processing threads within the JVM. The default value is |
Nested Components |
None at this time. |
Special Features |
HTTP/1.1 and HTTP/1.0 Support This Connector supports all of the required features of the HTTP/1.1 protocol, as described in RFC 2616, including persistent connections, pipelining, expectations and chunked encoding. If the client (typically a browser) supports only HTTP/1.0, the Connector will gracefully fall back to supporting this protocol as well. No special configuration is required to enable this support. The Connector also supports HTTP/1.0 keep-alive. RFC 2616 requires that HTTP servers always begin their responses with the highest HTTP version that they claim to support. Therefore, this Connector will always return Proxy Support The For more information, see the Proxy Support HOW-TO. SSL Support You can enable SSL support for a particular instance of this Connector by setting the AttributeDescription The certificate encoding algorithm to be used. If not specified, the default value is
Set to
The pathname of the keystore file where you have stored the server certificate to be loaded. By default, the pathname is the file "
The password used to access the server certificate from the specified keystore file. The default value is "
The type of keystore file to be used for the server certificate. If not specified, the default value is "
The version of the SSL protocol to use. If not specified, the default is "
A comma seperated list of the encryption ciphers that may be used. If not specified, then any available cipher may be used. For more information, see the SSL Configuration HOW-TO. |
The AJP Connector |
|
Introduction |
The AJP Connector element represents a Connector component that communicates with a web connector via the This connector supports load balancing when used in conjunction with the The native connectors supported with this Tomcat release are:
Other native connectors supporting AJP may work, but are no longer supported. |
Attributes |
Common Attributes Connector的所有实现支持下列属性: AttributeDescription 一个布林值,可以用来启用或取消TRACE HTTP方法。如果没有指定,这个属性被设置为false。
If set to
如果你想为了返回远程客户的实际主机名而调用
The maximum size in bytes of the POST which will be handled by the container FORM URL parameter parsing. The feature can be disabled by setting this attribute to a value less than or equal to 0. If not specified, this attribute is set to 2097152 (2 megabytes).
The maximum size in bytes of the POST which will be saved/buffered by the container during FORM or CLIENT-CERT authentication. For both types of authentication, the POST will be saved/buffered before the user is authenticated. For CLIENT-CERT authentication, the POST is buffered for the duration of the SSL handshake and the buffer emptied when the request is processed. For FORM authentication the POST is saved whilst the user is re-directed to the login form and is retained until the user successfully authenticates or the session associated with the authentication request expires. The limit can be disabled by setting this attribute to -1. Setting the attribute to zero will disable the saving of POST data during authentication. If not specified, this attribute is set to 4096 (4 kilobytes).
This attribute value must be
If this Connector is being used in a proxy configuration, configure this attribute to specify the server name to be returned for calls to
If this Connector is being used in a proxy configuration, configure this attribute to specify the server port to be returned for calls to
If this Connector is supporting non-SSL requests, and a request is received for which a matching
This attribute controls request registration for JMX monitoring of the Connector. It is enabled by default, but may be turned it off to save a bit of memory.
Set this attribute to the name of the protocol you wish to have returned by calls to
Set this attribute to
This specifies the character encoding used to decode the URI bytes, after %xx decoding the URL. If not specified, ISO-8859-1 will be used.
This specifies if the encoding specified in contentType should be used for URI query parameters, instead of using the URIEncoding. This setting is present for compatibility with Tomcat 4.1.x, where the encoding specified in the contentType, or explicitely set using Request.setCharacterEncoding method was also used for the parameters from the URL. The default value is
Set this attribute to
Set this attribute to Standard Implementation To use AJP, you must specify the protocol attribute (see above). This implementation supports the AJP 1.3 protocol. It supports the following additional attributes (in addition to the common attributes listed above): AttributeDescription For servers with more than one IP address, this attribute specifies which address will be used for listening on the specified port. By default, this port will be used on all IP addresses associated with the server. A value of
The maximum queue length for incoming connection requests when all possible request processing threads are in use. Any requests received when the queue is full will be refused. The default value is 10.
The size of the output buffer to use. If less than or equal to zero, then output buffering is disabled. The default value is -1 (i.e. buffering disabled)
The number of milliseconds this Connector will wait, after accepting a connection, for the request URI line to be presented. The default value is infinite (i.e. no timeout).
The minimum number of processors to start at initialization time. If not specified, this atttribute is set to 5.
The maximum number of processors allowed. This should be set to a value that is greater than or equal to the maximum number of concurrent connections the remote web server can open to Tomcat simultaneously. For example, if the web server is Apache 1.x or 2.x Tomcat's A
The maximum number of unused request processing threads that will be allowed to exist until the thread pool starts stopping the unnecessary threads. The default value is 50.
The maximum number of request processing threads to be created by this Connector, which therefore determines the maximum number of simultaneous requests that can be handled. If not specified, this attribute is set to 200.
The number of request processing threads that will be created when this Connector is first started. The connector will also make sure it has the specified number of idle processing threads available. This attribute should be set to a value smaller than that set for
The TCP port number on which this Connector will create a server socket and await incoming connections. Your operating system will allow only one server application to listen to a particular port number on a particular IP address.
If set to
If set to |
Nested Components |
None at this time. |
The Context Container |
|
Introduction |
The Context element represents a web application, which is run within a particular virtual host. Each web application is based on a Web Application Archive (WAR) file, or a corresponding directory containing the corresponding unpacked contents, as described in the Servlet Specification (version 2.2 or later). For more information about web application archives, you can download the Servlet Specification, and review the Tomcat Application Developer's Guide. The web application used to process each HTTP request is selected by Catalina based on matching the longest possible prefix of the Request URI against the context path of each defined Context. Once selected, that Context will select an appropriate servlet to process the incoming request, according to the servlet mappings defined in the web application deployment descriptor file (which MUST be located at You may define as many Context elements as you wish. Each such Context MUST have a unique context path. In addition, a Context must be present with a context path equal to a zero-length string. This Context becomes the default web application for this virtual host, and is used to process all requests that do not match any other Context's context path. For Tomcat 5, unlike Tomcat 4.x, it is NOT recommended to place <Context> elements directly in the server.xml file. This is because it makes modifing the Context configuration more invasive since the main Context elements may be explicitly defined:
In addition to explicitly specified Context elements, there are several techniques by which Context elements can be created automatically for you. See Automatic Application Deployment and User Web Applications for more information. 在下面的描述中使用变量名$CATALINA_HOME来代指Tomcat5所安装的目录地址,这是一个基础目录(base directory),其他的相关路径由它而派生。不过,如果你已经把Tomcat设置成多个体实例(multiple instances),并且设立了一个$CATALINA_BASE目录,那么你就应使用$CATALINA_BASE而不是$CATALINA_HOME作为参照。 |
Attributes |
Common Attributes Context的所有实现支持下列属性: AttributeDescription This value represents the delay in seconds between the invocation of the backgroundProcess method on this context and its child containers, including all wrappers. Child containers will not be invoked if their delay value is not negative (which would mean they are using their own processing thread). Setting this to a positive value will cause a thread to be spawn. After waiting the specified amount of time, the thread will invoke the backgroundProcess method on this host and all its child containers. A context will use background processing to perform session expiration and class monitoring for reloading. If not specified, the default value for this attribute is -1, which means the context will rely on the background processing thread of its parent host.
Java class name of the implementation to use. This class must implement the
Set to
Set to
The Document Base (also known as the Context Root) directory for this web application, or the pathname to the web application archive file (if this web application is being executed directly from the WAR file). You may specify an absolute pathname for this directory or WAR file, or a pathname that is relative to the
Set to
Set to
The context path of this web application, which is matched against the beginning of each request URI to select the appropriate web application for processing. All of the context paths within a particular Host must be unique. If you specify a context path of an empty string (""), you are defining the default web application for this Host, which will process all requests not assigned to other Contexts. The value of this field must not be set except when statically defining a Context in server.xml, as it will be infered from the filenames used for either the .xml context file or the docBase.
Set to
Java class name of the Standard Implementation The standard implementation of Context is org.apache.catalina.core.StandardContext. It supports the following additional attributes (in addition to the common attributes listed above): AttributeDescription If the value of this flag is NOTE: This flag MUST NOT be set to true on the Windows platform (or any other OS which does not have a case sensitive filesystem), as it will disable case sensitivity checks, allowing JSP source code disclosure, among other security problems.
If true, the Tomcat classloader will take extra measures to avoid JAR file locking when resources are accessed inside JARs through URLs. This will impact startup time of applications, but could prove to be useful on platforms or configurations where file locking can occur. If not specified, the default value is
If true, Tomcat will prevent any file locking. This will significantly impact startup time of applications, but allows full webapp hot deploy and undeploy on platforms or configurations where file locking can occur. If not specified, the default value is Please note that setting this to
Maximum size of the static resource cache in kilobytes. If not specified, the default value is
Amount of time in milliseconds between cache entries revalidation. If not specified, the default value is
If the value of this flag is
If the value of this flag is NOTE: This flag MUST NOT be set to false on the Windows platform (or any other OS which does not have a case sensitive filesystem), as it will disable case sensitivity checks, allowing JSP source code disclosure, among other security problems.
Whether the context should process TLDs on startup. The default is true. The false setting is intended for special cases that know in advance TLDs are not part of the webapp.
If the value of this flag is
If the value of this flag is
If the value of this flag is
Amount of ms that the container will wait for servlets to unload. If not specified, the default value of the flag is
If true, Tomcat will unpack all compressed web applications before running them. If not specified, the default value is
Set to
Pathname to a scratch directory to be provided by this Context for temporary read-write use by servlets within the associated web application. This directory will be made visible to servlets in the web application by a servlet context attribute (of type |
Nested Components |
You can nest at most one instance of the following utility components by nesting a corresponding element inside your Context element:
|
Special Features |
Logging A context is associated with the Access Logs When you run a web server, one of the output files normally generated is an access log, which generates one line of information for each request processed by the server, in a standard format. Catalina includes an optional Valve implementation that can create access logs in the same standard format created by web servers, or in any number of custom formats. You can ask Catalina to create an access log for all requests processed by an Engine, Host, or Context by nesting a Valve element like this: See Access Log Valve for more information on the configuration attributes that are supported. Automatic Context Configuration If you use the standard Context implementation, the following configuration steps occur automtically when Catalina is started, or whenever this web application is reloaded. No special configuration is required to enable this feature.
Context Parameters You can configure named values that will be made visible to the web application as servlet context initialization parameters by nesting This is equivalent to the inclusion of the following element in the web application deployment descriptor ( but does not require modification of the deployment descriptor to customize this value. The valid attributes for a AttributeDescription Optional, human-readable description of this context initialization parameter.
The name of the context initialization parameter to be created.
Set this to
The parameter value that will be presented to the application when requested by calling Environment Entries You can configure named values that will be made visible to the web application as environment entry resources, by nesting This is equivalent to the inclusion of the following element in the web application deployment descriptor ( but does not require modification of the deployment descriptor to customize this value. The valid attributes for an AttributeDescription Optional, human-readable description of this environment entry.
The name of the environment entry to be created, relative to the
Set this to
The fully qualified Java class name expected by the web application for this environment entry. Must be one of the legal values for
The parameter value that will be presented to the application when requested from the JNDI context. This value must be convertable to the Java type defined by the Lifecycle Listeners If you have implemented a Java object that needs to know when this Context is started or stopped, you can declare it by nesting a Listener element inside this element. The class name you specify must implement the Note that a Listener can have any number of additional properties that may be configured from this element. Attribute names are matched to corresponding JavaBean property names using the standard property method naming patterns. Request Filters You can ask Catalina to check the IP address, or host name, on every incoming request directed to the surrounding Engine, Host, or Context element. The remote address or name will be checked against a configured list of "accept" and/or "deny" filters, which are defined using the Regular Expression syntax supported by the Jakarta Regexp regular expression library. Requests that come from locations that are not accepted will be rejected with an HTTP "Forbidden" error. Example filter declarations: See Remote Address Filter and Remote Host Filter for more information about the configuration options that are supported. Resource Definitions You can declare the characteristics of the resource to be returned for JNDI lookups of For example, you can create a resource definition like this: This is equivalent to the inclusion of the following element in the web application deployment descriptor ( but does not require modification of the deployment descriptor to customize this value. The valid attributes for a AttributeDescription Specify whether the web Application code signs on to the corresponding resource manager programatically, or whether the Container will sign on to the resource manager on behalf of the application. The value of this attribute must be
Optional, human-readable description of this resource.
The name of the resource to be created, relative to the
Specify whether connections obtained through this resource manager can be shared. The value of this attribute must be
The fully qualified Java class name expected by the web application when it performs a lookup for this resource. Resource Links This element is used to create a link to a global JNDI resource. Doing a JNDI lookup on the link name will then return the linked global resource. For example, you can create a resource link like this: <Context path="/examples" ...> ... <Valve className="org.apache.catalina.valves.AccessLogValve" prefix="localhost_access_log." suffix=".txt" pattern="common"/> ...</Context> The valid attributes for a AttributeDescription The name of the linked global resource in the global JNDI context.
The name of the resource link to be created, relative to the
The fully qualified Java class name expected by the web application when it performs a lookup for this resource link. Transaction You can declare the characteristics of the UserTransaction to be returned for JNDI lookup for The valid attributes for the AttributeDescription The class name for the JNDI object factory. |
The Engine Container |
|
Introduction |
The Engine element represents the entire request processing machinery associated with a particular Catalina Service. It receives and processes all requests from one or more Connectors, and returns the completed response to the Connector for ultimate transmission back to the client. Exactly one Engine element MUST be nested inside a Service element, following all of the corresponding Connector elements associated with this Service. |
Attributes |
Common Attributes Engine的所有实现支持下列属性: AttributeDescription This value represents the delay in seconds between the invocation of the backgroundProcess method on this engine and its child containers, including all hosts and contexts. Child containers will not be invoked if their delay value is not negative (which would mean they are using their own processing thread). Setting this to a positive value will cause a thread to be spawn. After waiting the specified amount of time, the thread will invoke the backgroundProcess method on this engine and all its child containers. If not specified, the default value for this attribute is 10, which represent a 10 seconds delay.
Java class name of the implementation to use. This class must implement the
The default host name, which identifies the Host that will process requests directed to host names on this server, but which are not configured in this configuration file. This name MUST match the
Identifier which must be used in load balancing scenarios to enable session affinity. The identifier, which must be unique across all Tomcat 5 servers which participate in the cluster, will be appended to the generated session identifier, therefore allowing the front end proxy to always forward a particular session to the same Tomcat 5 instance.
Logical name of this Engine, used in log and error messages. When using muliple Service elements in the same Server, each Engine MUST be assigned a unique name. Standard Implementation The standard implementation of Engine is org.apache.catalina.core.StandardEngine. It supports the following additional attributes (in addition to the common attributes listed above): AttributeDescription |
Nested Components |
You can nest one or more Host elements inside this Engine element, each representing a different virtual host associated with this server. At least one Host is required, and one of the nested Hosts MUST have a name that matches the name specified for the You can nest at most one instance of the following utility components by nesting a corresponding element inside your Engine element:
|
Special Features |
Logging An engine is associated with the Access Logs When you run a web server, one of the output files normally generated is an access log, which generates one line of information for each request processed by the server, in a standard format. Catalina includes an optional Valve implementation that can create access logs in the same standard format created by web servers, or in any number of custom formats. You can ask Catalina to create an access log for all requests processed by an Engine, Host, or Context by nesting a Valve element like this: See Access Log Valve for more information on the configuration attributes that are supported. Lifecycle Listeners If you have implemented a Java object that needs to know when this Engine is started or stopped, you can declare it by nesting a Listener element inside this element. The class name you specify must implement the Note that a Listener can have any number of additional properties that may be configured from this element. Attribute names are matched to corresponding JavaBean property names using the standard property method naming patterns. Request Filters You can ask Catalina to check the IP address, or host name, on every incoming request directed to the surrounding Engine, Host, or Context element. The remote address or name will be checked against a configured list of "accept" and/or "deny" filters, which are defined using the Regular Expression syntax supported by the Jakarta Regexp regular expression library. Requests that come from locations that are not accepted will be rejected with an HTTP "Forbidden" error. Example filter declarations: <Engine name="Standalone" ...> ... <Valve className="org.apache.catalina.valves.AccessLogValve" prefix="catalina_access_log." suffix=".txt" pattern="common"/> ...</Engine> See Remote Address Filter and Remote Host Filter for more information about the configuration options that are supported. |
The Host Container |
|
Introduction |
The Host element represents a virtual host, which is an association of a network name for a server (such as "www.mycompany.com" with the particular server on which Catalina is running. In order to be effective, this name must be registered in the Domain Name Service (DNS) server that manages the Internet domain you belong to - contact your Network Administrator for more information. In many cases, System Administrators wish to associate more than one network name (such as One or more Host elements are nested inside an Engine element. Inside the Host element, you can nest Context elements for the web applications associated with this virtual host. Exactly one of the Hosts associated with each Engine MUST have a name matching the 在下面的描述中使用变量名$CATALINA_HOME来代指Tomcat5所安装的目录地址,这是一个基础目录(base directory),其他的相关路径由它而派生。不过,如果你已经把Tomcat设置成多个体实例(multiple instances),并且设立了一个$CATALINA_BASE目录,那么你就应使用$CATALINA_BASE而不是$CATALINA_HOME作为参照。 |
Attributes |
Common Attributes Host的所有实现支持下列属性: AttributeDescription The Application Base directory for this virtual host. This is the pathname of a directory that may contain web applications to be deployed on this virtual host. You may specify an absolute pathname for this directory, or a pathname that is relative to the
This flag value indicates if new web applications, dropped in to the
This value represents the delay in seconds between the invocation of the backgroundProcess method on this host and its child containers, including all contexts. Child containers will not be invoked if their delay value is not negative (which would mean they are using their own processing thread). Setting this to a positive value will cause a thread to be spawn. After waiting the specified amount of time, the thread will invoke the backgroundProcess method on this host and all its child containers. A host will use background processing to perform live web application deployment related tasks. If not specified, the default value for this attribute is -1, which means the host will rely on the background processing thread of its parent engine.
Java class name of the implementation to use. This class must implement the
This flag value indicates if web applications from this host should be automatically deployed by the host configurator. The flag's value defaults to true. See Automatic Application Deployment for more information.
Network name of this virtual host, as registered in your Domain Name Service server. One of the Hosts nested within an Engine MUST have a name that matches the Standard Implementation The standard implementation of Host is org.apache.catalina.core.StandardHost. It supports the following additional attributes (in addition to the common attributes listed above): AttributeDescription Set to
Java class name of the error reporting valve which will be used by this Host. The responsability of this valve is to output error reports. Setting this property allows to customize the look of the error pages which will be generated by Tomcat. This class must implement the
Set to
Pathname to a scratch directory to be used by applications for this Host. Each application will have its own sub directory with temporary read-write use. Configuring a Context workDir will override use of the Host workDir configuration. This directory will be made visible to servlets in the web application by a servlet context attribute (of type |
Nested Components |
You can nest one or more Context elements inside this Host element, each representing a different web application associated with this virtual host. You can nest at most one instance of the following utility components by nesting a corresponding element inside your Host element:
|
Special Features |
Logging A host is associated with the Access Logs When you run a web server, one of the output files normally generated is an access log, which generates one line of information for each request processed by the server, in a standard format. Catalina includes an optional Valve implementation that can create access logs in the same standard format created by web servers, or in any number of custom formats. You can ask Catalina to create an access log for all requests processed by an Engine, Host, or Context by nesting a Valve element like this: See Access Log Valve for more information on the configuration attributes that are supported. Automatic Application Deployment If you are using the standard Host implementation, the following actions take place automatically when Catalina is first started, if the
In addition to the automatic deployment that occurs at startup time, you can also request that new XML configuration files, WAR files, or subdirectories (containing web applications) that are dropped in to the
When using automatic deployment, the Finally, note that if you are defining contexts explicitly, you should probably turn off automatic application deployment. Otherwise, your context will be deployed twice each, and that may cause problems for your app. Host Name Aliases In many server environments, Network Administrators have configured more than one network name (in the Domain Name Service (DNS) server), that resolve to the IP address of the same server. Normally, each such network name would be configured as a separate Host element in However, in some circumstances, it is desireable that two or more network names should resolve to the same virtual host, running the same set of applications. A common use case for this scenario is a corporate web site, where it is desireable that users be able to utilize either This is accomplished by utilizing one or more Alias elements nested inside your Host element. For example: In order for this strategy to be effective, all of the network names involved must be registered in your DNS server to resolve to the same computer that is running this instance of Catalina. Lifecycle Listeners If you have implemented a Java object that needs to know when this Host is started or stopped, you can declare it by nesting a Listener element inside this element. The class name you specify must implement the Note that a Listener can have any number of additional properties that may be configured from this element. Attribute names are matched to corresponding JavaBean property names using the standard property method naming patterns. Request Filters You can ask Catalina to check the IP address, or host name, on every incoming request directed to the surrounding Engine, Host, or Context element. The remote address or name will be checked against a configured list of "accept" and/or "deny" filters, which are defined using the Regular Expression syntax supported by the Jakarta Regexp regular expression library. Requests that come from locations that are not accepted will be rejected with an HTTP "Forbidden" error. Example filter declarations: See Remote Address Filter and Remote Host Filter for more information about the configuration options that are supported. Single Sign On In many environments, but particularly in portal environments, it is desireable to have a user challenged to authenticate themselves only once over a set of web applications deployed on a particular virtual host. This can be accomplished by nesting an element like this inside the Host element for this virtual host: The Single Sign On facility operates according to the following rules:
User Web Applications Many web servers can automatically map a request URI starting with a tilde character ("~") and a username to a directory (commonly named On a server where If a user home directory has been set up for a user named <Host name="localhost" ...> ... <Valve className="org.apache.catalina.valves.AccessLogValve" prefix="localhost_access_log." suffix=".txt" pattern="common"/> ...</Host> Successful use of this feature requires recognition of the following considerations:
|
The GlobalNamingResources Component |
|
Introduction |
The GlobalNamingResources element defines the global JNDI resources for the Server. These resources are listed in the server's global JNDI resource context. This context is distinct from the per-web-application JNDI contexts described in the JNDI Resources HOW-TO. The resources defined in this element are not visible in the per-web-application contexts unless you explicitly link them with <ResourceLink> elements. |
Attributes |
Nested Components |
Special Features |
Environment Entries You can configure named values that will be made visible to all web applications as environment entry resources by nesting This is equivalent to the inclusion of the following element in the web application deployment descriptor ( but does not require modification of the deployment descriptor to customize this value. The valid attributes for an AttributeDescription Optional, human-readable description of this environment entry.
The name of the environment entry to be created, relative to the
Set this to
The fully qualified Java class name expected by the web application for this environment entry. Must be one of the legal values for
The parameter value that will be presented to the application when requested from the JNDI context. This value must be convertable to the Java type defined by the Resource Definitions You can declare the characteristics of resources to be returned for JNDI lookups of For example, you can create a resource definition like this: This is equivalent to the inclusion of the following element in the web application deployment descriptor ( but does not require modification of the deployment descriptor to customize this value. The valid attriutes for a AttributeDescription Specify whether the web Application code signs on to the corresponding resource manager programatically, or whether the Container will sign on to the resource manager on behalf of the application. The value of this attribute must be
Optional, human-readable description of this resource.
The name of the resource to be created, relative to the
Specify whether connections obtained through this resource manager can be shared. The value of this attribute must be
The fully qualified Java class name expected by the web application when it performs a lookup for this resource. Resource Links Use <ResourceLink> elements to link resources from the global context into per-web-application contexts. Here is an example of making a custom factory available to a web applications, based on the example definition in the JNDI Resource HOW-TO: <GlobalNamingResources ...> ... <Environment name="maxExemptions" value="10" type="java.lang.Integer" override="false"/> ...</GlobalNamingResources> Transaction You can declare the characteristics of the UserTransaction to be returned for JNDI lookup for The valid attributes for the AttributeDescription The class name for the JNDI object factory. |
The Loader Component |
|
Introduction |
The Loader element represents the web application class loader that will be used to load Java classes and resources for your web application. Such a class loader must follow the requirements of the Servlet Specification, and load classes from the following locations:
A Loader element MAY be nested inside a Context component. If it is not included, a default Loader configuration will be created automatically, which is sufficient for most requirements. For a more in-depth description of the class loader hierarchy that is implemented by Catalina, see the ClassLoader HowTo. 在下面的描述中使用变量名$CATALINA_HOME来代指Tomcat5所安装的目录地址,这是一个基础目录(base directory),其他的相关路径由它而派生。不过,如果你已经把Tomcat设置成多个体实例(multiple instances),并且设立了一个$CATALINA_BASE目录,那么你就应使用$CATALINA_BASE而不是$CATALINA_HOME作为参照。 |
Attributes |
Common Attributes Loader的所有实现支持下列属性: AttributeDescription Java class name of the implementation to use. This class must implement the
Set to
Set to NOTE - The value for this property will be inherited from the Standard Implementation The standard implementation of Loader is org.apache.catalina.loader.WebappLoader. It supports the following additional attributes (in addition to the common attributes listed above): AttributeDescription The number of seconds between checks for modified classes and resources, if See the general documentation for this parameter at Host Container.
Java class name of the
If no parent classloader is specified, should the system classloader be used? The default of This attribute will not be present in Tomcat 6 where the Loader API has changed and the parent class loader is always obtained from the associated container. |
Nested Components |
No components may be nested inside a Loader element. |
Special Features |
Logging A loader is associated with the log category based on its classname. |
The Manager Component |
|
Introduction |
The Manager element represents the session manager that will be used to create and maintain HTTP sessions as requested by the associated web application. A Manager element MAY be nested inside a Context component. If it is not included, a default Manager configuration will be created automatically, which is sufficient for most requirements. |
Attributes |
Common Attributes Manager的所有实现支持下列属性: AttributeDescription Java class name of the implementation to use. This class must implement the
Set to NOTE - The value for this property is inherited automatically based on the presence or absence of the Standard Implementation Tomcat provides two standard implementations of Manager for use - the default one stores active sessions, while the optional one stores active sessions that have been swapped out (in addition to saving sessions across a restart of Tomcat) in a storage location that is selected via the use of an appropriate Store nested element. Standard Manager ImplementationThe standard implementation of Manager is org.apache.catalina.session.StandardManager. It supports the following additional attributes (in addition to the common attributes listed above): AttributeDescription Name of the Message Digest algorithm used to calculate session identifiers produced by this Manager. This value must be supported by the
A String value that is utilized when seeding the random number generator used to create session identifiers for this Manager. If not specified, a semi-useful value is calculated, but a long String value should be specified in security-conscious environments.
The maximum number of active sessions that will be created by this Manager, or -1 (the default) for no limit.
The initial maximum time interval, in seconds, between client requests before a session is invalidated. A negative value will result in sessions never timing out. If the attribute is not provided, a default of 60 seconds is used. This attribute provides the initial value whenever a new session is created, but the interval may be dynamically varied by a servlet via the
Absolute or relative (to the work directory for this Context) pathname of the file in which session state will be preserved across application restarts, if possible. The default is "SESSIONS.ser". See Restart Persistence for more information. Restart persistence may be disabled by setting this attribute to an empty string.
Frequency of the session expiration, and related manager operations. Manager operations will be done once for the specified amount of backgrondProcess calls (ie, the lower the amount, the more often the checks will occur). The minimum value is 1, and the default value is 6.
Java class name of the
The length of session ids created by this Manager, excluding any JVM route information used for load balancing. The default is 16. Persistent Manager ImplementationWARNING - Use of this Manager implementation has not been thoroughly tested, and should be considered experimental! The persistent implementation of Manager is org.apache.catalina.session.PersistentManager. In addition to the usual operations of creating and deleting sessions, a This implementation of Manager supports the following attributes in addition to the Common Attributes described earlier. AttributeDescription Name of the Message Digest algorithm used to calculate session identifiers produced by this Manager. This value must be supported by the
Java class name of the implementation to use. This class must implement the
A String value that is utilized when seeding the random number generator used to create session identifiers for this Manager. If not specified, a semi-useful value is calculated, but a long String value should be specified in security-conscious environments.
The maximum number of active sessions that will be created by this Manager, or -1 (the default) for no limit.
The time interval (in seconds) since the last access to a session before it is eligible for being persisted to the session store, or
The time interval (in seconds) since the last access to a session before it should be persisted to the session store, and passivated out of the server's memory, or
The time interval (in seconds) since the last access to a session before it will be eligible to be persisted to the session store, and passivated out of the server's memory, or
The initial maximum time interval, in seconds, between client requests before a session is invalidated. A negative value will result in sessions never timing out. If the attribute is not provided, a default of 60 seconds is used. This attribute provides the initial value whenever a new session is created, but the interval may be dynamically varied by a servlet via the
Java class name of the
Should all sessions be persisted and reloaded when Tomcat is shut down and restarted (or when this application is reloaded)? By default, this attribute is set to
The length of session ids created by this Manager, excluding any JVM route information used for load balancing. The default is 16. In order to successfully use a PersistentManager, you must nest inside it a <Store> element, as described below. |
Nested Components |
Standard Manager ImplementationIf you are using the Standard Manager Implementation as described above, no elements may be nested inside your <Manager> element. Persistent Manager ImplementationIf you are using the Persistent Manager Implementation as described above, you MUST nest a <Store> element inside, which defines the characteristics of the persistent data storage. Two implementations of the File Based StoreThe File Based Store implementation saves swapped out sessions in individual files (named based on the session identifier) in a configurable directory. Therefore, you are likely to encounter scalability problems as the number of active sessions increases, and this should primarily be considered a means to easily experiment. To configure this, add a AttributeDescription The interval (in seconds) between checks for expired sessions among those sessions that are currently swapped out. By default, this interval is set to 60 seconds (one minute).
Java class name of the implementation to use. This class must implement the
Absolute or relative (to the temporary work directory for this web application) pathname of the directory into which individual session files are written. If not specified, the temporary work directory assigned by the container is utilized. JDBC Based StoreThe JDBC Based Store implementation saves swapped out sessions in individual rows of a preconfigured table in a database that is accessed via a JDBC driver. With large numbers of swapped out sessions, this implementation will exhibit improved performance over the File Based Store described above. To configure this, add a AttributeDescription The interval (in seconds) between checks for expired sessions among those sessions that are currently swapped out. By default, this interval is set to 60 seconds (one minute).
Java class name of the implementation to use. This class must implement the
The connection URL that will be handed to the configured JDBC driver to establish a connection to the database containing our session table.
Java class name of the JDBC driver to be used.
Name of the database column, contained in the specified session table, that contains the Engine, Host, and Web Application Context name in the format
Name of the database column, contained in the specified session table, that contains the serialized form of all session attributes for a swapped out session. The column type must accept a binary object (typically called a BLOB).
Name of the database column, contained in the specified session table, that contains the session identifier of the swapped out session. The column type must accept character string data of at least as many characters as are contained in session identifiers created by Tomcat (typically 32).
Name of the database column, contained in the specified session table, that contains the
Name of the database column, contained in the specified session table, that contains the
Name of the database table to be used for storing swapped out sessions. This table must contain (at least) the database columns that are configured by the other attributes of this element.
Name of the database column, contained in the specified session table, that contains a flag indicating whether this swapped out session is still valid or not. The column type must accept a single character. Before attempting to use the JDBC Based Store for the first time, you must create the table that will be used to store swapped out sessions. Detailed SQL commands vary depending on the database you are using, but a script like this will generally be required: create table tomcat_sessions ( session_id varchar(100) not null primary key, valid_session char(1) not null, max_inactive int not null, last_access bigint not null, app_name varchar(255), session_data mediumblob, KEY kapp_name(app_name)); In order for the JDBC Based Store to successfully connect to your database, the JDBC driver you configure must be visible to Tomcat's internal class loader. Generally, that means you must place the JAR file containing this driver into the |
Special Features |
Restart Persistence Whenver Catalina is shut down normally and restarted, or when an application reload is triggered, the standard Manager implementation will attempt to serialize all currently active sessions to a disk file located via the In order to successfully restore the state of session attributes, all such attributes MUST implement the |
The Realm Component |
|
Introduction |
A Realm element represents a "database" of usernames, passwords, and roles (similar to Unix groups) assigned to those users. Different implementations of Realm allow Catalina to be integrated into environments where such authentication information is already being created and maintained, and then utilize that information to implement Container Managed Security as described in the Servlet Specification. You may nest a Realm inside any Catalina container Engine, Host, or Context). In addition, Realms associated with an Engine or a Host are automatically inherited by lower-level containers, unless explicitly overridden. For more in-depth information about container managed security in web applications, as well as more information on configuring and using the standard realm component implementations, please see the Container-Managed Security Guide. 在下面的描述中使用变量名$CATALINA_HOME来代指Tomcat5所安装的目录地址,这是一个基础目录(base directory),其他的相关路径由它而派生。不过,如果你已经把Tomcat设置成多个体实例(multiple instances),并且设立了一个$CATALINA_BASE目录,那么你就应使用$CATALINA_BASE而不是$CATALINA_HOME作为参照。 |
Attributes |
Common Attributes Realm的所有实现支持下列属性: AttributeDescription Java class name of the implementation to use. This class must implement the
用来以非明文形式贮存密码的“文摘”算法,那些被
The charset for encoding digests. If not specified, the platform default will be used. Standard Implementation Unlike most Catalina components, there are several standard Realm implementations available. As a result, the JDBC Database Realm (org.apache.catalina.realm.JDBCRealm)The JDBC Database Realm connects Catalina to a relational database, accessed through an appropriate JDBC driver, to perform lookups of usernames, passwords, and their associated roles. Because the lookup is done each time that it is required, changes to the database will be immediately reflected in the information used to authenticate new logins. A rich set of additional attributes lets you configure the required connection to the underlying database, as well as the table and column names used to retrieve the required information: AttributeDescription The database username to use when establishing the JDBC connection.
The database password to use when establishing the JDBC connection.
The connection URL to be passed to the JDBC driver when establishing a database connection.
Fully qualified Java class name of the JDBC driver to be used to connect to the authentication database. Consult the documentation for your JDBC driver for the appropriate value.
Name of the column, in the "user roles" table, which contains a role name assigned to the corresponding user.
Name of the column, in the "users" table, which contains the user's credentials (i.e. password). If a value for the
Name of the column, in the "users" and "user roles" table, that contains the user's username.
表名,它的每一行包含指派给某一特定用户名称的一个角色。这个表格必须至少包括那些由
表名,它的每一行包含一个可被Tomcat识别的用户名称。这个表格必须至少包括那些由 See the Container-Managed Security Guide for more information on setting up container managed security using the JDBC Database Realm component. DataSource Database Realm (org.apache.catalina.realm.DataSourceRealm)The DataSource Database Realm connects Catalina to a relational database, accessed through a JNDI named JDBC DataSource to perform lookups of usernames, passwords, and their associated roles. Because the lookup is done each time that it is required, changes to the database will be immediately reflected in the information used to authenticate new logins. The JDBC Realm uses a single db connection. This requires that realm based authentication be synchronized, i.e. only one authentication can be done at a time. This could be a bottleneck for applications with high volumes of realm based authentications. The DataSource Database Realm supports simultaneous realm based authentications and allows the underlying JDBC DataSource to handle optimizations like database connection pooling. A rich set of additional attributes lets you configure the name of the JNDI JDBC DataSource, as well as the table and column names used to retrieve the required information: AttributeDescription 你的数据库需要的一个叫做JDBC DataSource的JNDI。如果这个DataSource对于上下文来说是局部的话,这个名字与
当这个realm被套嵌在一个Context元素里边,就允许这个realm使用为这个Context定义的DataSource,而不是全球性DataSource 。如果没有指定,默认值是
Name of the column, in the "user roles" table, which contains a role name assigned to the corresponding user.
Name of the column, in the "users" table, which contains the user's credentials (i.e. password). If a value for the
Name of the column, in the "users" and "user roles" table, that contains the user's username.
表名,它的每一行包含指派给某一特定用户名称的一个角色。这个表格必须至少包括那些由
表名,它的每一行包含一个可被Tomcat识别的用户名称。这个表格必须至少包括那些由 See the DataSource Realm HOW-TO for more information on setting up container managed security using the DataSource Database Realm component. JNDI Directory Realm (org.apache.catalina.realm.JNDIRealm)The JNDI Directory Realm connects Catalina to an LDAP Directory, accessed through an appropriate JNDI driver, that stores usernames, passwords, and their associated roles. Changes to the directory are immediately reflected in the information used to authenticate new logins. The directory realm supports a variety of approaches to using LDAP for authentication:
A rich set of additional attributes lets you configure the required behaviour as well as the connection to the underlying directory and the element and attribute names used to retrieve information from the directory: AttributeDescription If a socket connection can not be made to the provider at the
A string specifying the type of authentication to use. "none", "simple", "strong" or a provider specific definition can be used. If no value is given the providers default is used.
建立与LDAP search操作目录的连接时使用的目录用户名。如果没有指定,就使用无名的连接,除非你指定了
建立与LDAP search操作目录的连接时使用的目录密码。如果没有指定,就使用无名的连接,除非你指定了
在建立与目录的连接时传递给JNDI驱动的连接URL。
Fully qualified Java class name of the factory class used to acquire our JNDI
A string specifying how aliases are to be dereferenced during search operations. The allowed values are "always", "never", "finding" and "searching". If not specified, "always" is used.
A string specifying the security protocol to use. If not given the providers default is used.
The base directory entry for performing role searches. If not specified the top-level element in the directory context will be used.
属性的名字,它包含被角色搜寻查找到的目录输入里的角色名字。另外,你可以在包含有额外的角色名字的用户输入里使用
用来执行角色搜寻的LDAP过滤器表达式,后面紧跟着由
在查找与用户相关的角色输入时,如果你想搜寻
通过使用
Name of the attribute in the user's entry containing the user's password. If you specify this value, JNDIRealm will bind to the directory using the values specified by
Pattern for the distinguished name (DN) of the user's directory entry, following the syntax supported by the
用户目录输入中的一个属性名,该属性包含了零个或多个指定给用户的角色名称的值。另外,可以使用
搜索用户目录输入时,使用的LDAP过滤器表达式,
如果想要搜索由 See the Container-Managed Security Guide for more information on setting up container managed security using the JNDI Directory Realm component. Memory Based Realm (org.apache.catalina.realm.MemoryRealm)The Memory Based Realm is a simple Realm implementation that reads user information from an XML format, and represents it as a collection of Java objects in memory. This implementation is intended solely to get up and running with container managed security - it is NOT intended for production use. As such, there are no mechanisms for updating the in-memory collection of users when the content of the underlying data file is changed. The Memory Based Realm implementation supports the following additional attributes: AttributeDescription Absolute or relative (to $CATALINA_HOME) pathname to the XML file containing our user information. See below for details on the XML element format required. If no pathname is specified, the default value is The XML document referenced by the
See the Container-Managed Security Guide for more information on setting up container managed security using the Memory Based Realm component. User Database Realm (org.apache.catalina.realm.UserDatabaseRealm)The User Database Realm is Realm implementation that is based on an implementation of the The User Database Realm implementation supports the following additional attributes: AttributeDescription The global JNDI name of the See the Container-Managed Security Guide for more information on setting up container managed security using the UserDatabase Realm component. JAAS Realm (org.apache.catalina.realm.JAASRealm)The JAAS Realm implementation supports the following additional attributes: AttributeDescription 你在login配置文件中( JAAS LoginConfig)配置的应用程序名。
由逗号分隔开的,你为你的用户
由逗号分隔开的,你为你的角色
Instructs JAASRealm to use the context class loader for loading the user-specified See the Container-Managed Security Guide for more information on setting up container managed security using the JASS Realm component. |
Nested Components |
No components may be nested inside a Realm element. |
Special Features |
See Single Sign On for information about configuring Single Sign On support for a virtual host. |
The Resources Component |
|
Introduction |
The Resources element represents the web application static resources, from which classes will be loaded, HTML, JSP and the other static files will be served. This allows the webapp to reside on various mediums other than the filesystem, like compressed in a WAR file, in a JDBC database, or in a more advanced versioning repository. A unified caching engine is provided for all accesses to the webapp resources made by the servlet container and web applications which use the container provided mechanisms to access such resources, such as class laoder access, access through the Note: Running a webapp with non-filesystem based Resources implementations is only possible when the webapp does not rely on direct filesystem access to its own resources, and uses the methods in the ServletContext interface to access them. A Resources element MAY be nested inside a Context component. If it is not included, a default filesystem based Resources will be created automatically, which is sufficient for most requirements. |
Attributes |
Common Attributes Resources的所有实现支持下列属性: AttributeDescription Java class name of the implementation to use. This class must implement the Standard Implementation The standard implementation of Resources is org.apache.naming.resources.FileDirContext, and is configured by its parent Context element. |
Nested Components |
No components may be nested inside a Resources element. |
Special Features |
No special features are associated with a Resources element. |
The Valve Component |
|
Introduction |
A Valve element represents a component that will be inserted into the request processing pipeline for the associated Catalina container (Engine, Host, or Context). Individual Valves have distinct processing capabilities, and are described individually below. 在下面的描述中使用变量名$CATALINA_HOME来代指Tomcat5所安装的目录地址,这是一个基础目录(base directory),其他的相关路径由它而派生。不过,如果你已经把Tomcat设置成多个体实例(multiple instances),并且设立了一个$CATALINA_BASE目录,那么你就应使用$CATALINA_BASE而不是$CATALINA_HOME作为参照。 |
Access Log Valve |
Introduction The Access Log Valve creates log files in the same format as those created by standard web servers. These logs can later be analyzed by standard log analysis tools to track page hit counts, user session activity, and so on. The files produces by this Attributes Access Log Valve 支持下列配置属性: AttributeDescription Java class name of the implementation to use. This MUST be set to org.apache.catalina.valves.AccessLogValve to use the default access log valve. To use a more optimized access log valve designed for production use, you MUST set this attribute to org.apache.catalina.valves.FastCommonAccessLogValve. In this case, only the
Absolute or relative pathname of a directory in which log files created by this valve will be placed. If a relative path is specified, it is interpreted as relative to $CATALINA_HOME. If no directory attribute is specified, the default value is "logs" (relative to $CATALINA_HOME).
A formatting layout identifying the various information fields from the request and response to be logged, or the word
The prefix added to the start of each log file's name. If not specified, the default value is "access_log.". To specify no prefix, use a zero-length string.
Set to
The suffix added to the end of each log file's name. If not specified, the default value is "". To specify no suffix, use a zero-length string.
Deafult true. Flag to determine if log rotation should occur. If set to false, then this file is never rotated and fileDateFormat
Turns on conditional logging. If set, requests will be logged only if ServletRequest.getAttribute() is null. For example, if this value is set to junk, then a particular request will only be logged if ServletRequest.getAttribute("junk") == null. The use of Filters is an easy way to set/unset the attribute in the ServletRequest on many different requests.
Allows a customized date format in the access log file name. The date format also decides how often the file is rotated. If you wish to rotate every hour, then set this value to: yyyy-MM-dd.HH Values for the
There is also support to write information from the cookie, incoming header, the Session or something else in the ServletRequest. It is modeled after the apache syntax:
The shorthand pattern name The shorthand pattern name |
Remote Address Filter |
Introduction The Remote Address Filter allows you to compare the IP address of the client that submitted this request against one or more regular expressions, and either allow the request to continue or refuse to process the request from this client. A Remote Address Filter can be associated with any Catalina container (Engine, Host, or Context), and must accept any request presented to this container for processing before it will be passed on. The syntax for regular expressions is different than that for 'standard' wildcard matching. Tomcat uses the Jakarta Regexp library. Please consult the Regexp documentation for details of the expressions supported. Attributes Remote Address Filter 支持下列配置属性: AttributeDescription Java class name of the implementation to use. This MUST be set to org.apache.catalina.valves.RemoteAddrValve.
A comma-separated list of regular expression patterns that the remote client's IP address is compared to. If this attribute is specified, the remote address MUST match for this request to be accepted. If this attribute is not specified, all requests will be accepted UNLESS the remote address matches a
A comma-separated list of regular expression patterns that the remote client's IP address is compared to. If this attribute is specified, the remote address MUST NOT match for this request to be accepted. If this attribute is not specified, request acceptance is governed solely by the |
Remote Host Filter |
Introduction The Remote Host Filter allows you to compare the hostname of the client that submitted this request against one or more regular expressions, and either allow the request to continue or refuse to process the request from this client. A Remote Host Filter can be associated with any Catalina container (Engine, Host, or Context), and must accept any request presented to this container for processing before it will be passed on. The syntax for regular expressions is different than that for 'standard' wildcard matching. Tomcat uses the Jakarta Regexp library. Please consult the Regexp documentation for details of the expressions supported. Attributes Remote Host Filter 支持下列配置属性: AttributeDescription Java class name of the implementation to use. This MUST be set to org.apache.catalina.valves.RemoteHostValve.
A comma-separated list of regular expression patterns that the remote client's hostname is compared to. If this attribute is specified, the remote hostname MUST match for this request to be accepted. If this attribute is not specified, all requests will be accepted UNLESS the remote hostname matches a
A comma-separated list of regular expression patterns that the remote client's hostname is compared to. If this attribute is specified, the remote hostname MUST NOT match for this request to be accepted. If this attribute is not specified, request acceptance is governed solely by the |
Request Dumper Valve |
Introduction The Request Dumper Valve is a useful tool in debugging interactions with a client application (or browser) that is sending HTTP requests to your Tomcat-based server. When configured, it causes details about each request processed by its associated WARNING: Using this valve has side-effects. The output from this valve includes any parameters included with the request. The parameters will be decoded using the default platform encoding. Any subsequent calls to Attributes Request Dumper Valve 支持下列配置属性: AttributeDescription Java class name of the implementation to use. This MUST be set to org.apache.catalina.valves.RequestDumperValve. |
Single Sign On Valve |
Introduction The Single Sign On Vale is utilized when you wish to give users the ability to sign on to any one of the web applications associated with your virtual host, and then have their identity recognized by all other web applications on the same virtual host. See the Single Sign On special feature on the Host element for more information. Attributes Single Sign On Valve 支持下列配置属性: AttributeDescription Java class name of the implementation to use. This MUST be set to org.apache.catalina.authenticator.SingleSignOn.
Default false. Flag to determine whether each request needs to be reauthenticated to the security Realm. If "true", this Valve uses cached security credentials (username and password) to reauthenticate to the Realm each request associated with an SSO session. If "false", the Valve can itself authenticate requests based on the presence of a valid SSO cookie, without rechecking with the Realm. |
Form Authenticator Valve |
Introduction The Form Authenticator Valve is automatically added to any Context that is configured to use FORM authentication. If any non-default settings are required, the valve may be configured within Context element with the required values. Attributes The Form Authenticator Valve supports the following configuration attributes: AttributeDescription Java class name of the implementation to use. This MUST be set to org.apache.catalina.authenticator.FormAuthenticator.
Character encoding to use to read the username and password parameters from the request. If not set, the encoding of the request body will be used. |