Apache Http To Https Redirection



Manager App How-To

Table of Contents

Mar 26, 2021 Under this mode, Apache spawns new process with one thread on every request. This module, used with modphp, meant that Apache server embedded a PHP interpreter in every single process, even if it had to serve CSS files or images. This was inefficient. Prefork module comes with Apache as the default module. It also restricts connections to HTTP/1. If you did the redirection with rewrite rules, change the redirect code to 308. 308 tells the client to never make the original request again (redirection is permanent) and to not alter the HTTP method.

  • Supported Manager Commands
    1. Deploy A New Application from a Local Path
  • Using the JMX Proxy Servlet
  • Executing Manager Commands With Ant

Introduction

In many production environments, it is very useful to have the capabilityto deploy a new web application, or undeploy an existing one, without havingto shut down and restart the entire container. In addition, you can requestan existing application to reload itself, even if you have not declared itto be reloadable in the Tomcat serverconfiguration file.

To support these capabilities, Tomcat includes a web application(installed by default on context path /manager) that supportsthe following functions:

  • Deploy a new web application from the uploaded contents of a WAR file.
  • Deploy a new web application, on a specified context path, from the server file system.
  • List the currently deployed web applications, as well as the sessions that are currently active for those web apps.
  • Reload an existing web application, to reflect changes in the contents of /WEB-INF/classes or /WEB-INF/lib.
  • List the OS and JVM property values.
  • List the available global JNDI resources, for use in deployment tools that are preparing <ResourceLink> elements nested in a <Context> deployment description.
  • Start a stopped application (thus making it available again).
  • Stop an existing application (so that it becomes unavailable), but do not undeploy it.
  • Undeploy a deployed web application and delete its document base directory (unless it was deployed from file system).

A default Tomcat installation includes an instance of the Manager applicationconfigured for the default virtual host. If you create additional virtual hosts,you may wish to add an instance of the Manager application to one or more ofthose Hosts. To add an instance of the Manager web applicationContext to a new host install the manager.xml contextconfiguration file in the$CATALINA_BASE/conf/[enginename]/[hostname] folder. Here is anexample:

There are three ways to use the Manager web application.

  • As an application with a user interface you use in your browser.Here is an example URL where you can replace localhost withyour website host name: http://localhost:8080/manager/html .
  • A minimal version using HTTP requests only which is suitable for useby scripts setup by system administrators. Commands are given as part of therequest URI, and responses are in the form of simple text that can be easilyparsed and processed. See Supported Manager Commands for more information.
  • A convenient set of task definitions for the Ant(version 1.4 or later) build tool. SeeExecuting Manager CommandsWith Ant for more information.

Configuring Manager Application Access

The description below uses the variable name $CATALINA_BASE to refer the base directory against which most relative paths are resolved. If you have not configured Tomcat for multiple instances by setting a CATALINA_BASE directory, then $CATALINA_BASE will be set to the value of $CATALINA_HOME, the directory into which you have installed Tomcat.

It would be quite unsafe to ship Tomcat with default settings that allowedanyone on the Internet to execute the Manager application on your server.Therefore, the Manager application is shipped with the requirement that anyonewho attempts to use it must authenticate themselves, using a username andpassword that have one of manager-xxx roles associated withthem (the role name depends on what functionality is required).Further, there is no username in the default users file($CATALINA_BASE/conf/tomcat-users.xml) that is assigned to thoseroles. Therefore, access to the Manager application is completely disabledby default.

You can find the role names in the web.xml file of the Managerweb application. The available roles are:

  • manager-gui — Access to the HTML interface.
  • manager-status — Access to the 'Server Status' page only.
  • manager-script — Access to the tools-friendly plain text interface that is described in this document, and to the 'Server Status' page.
  • manager-jmx — Access to JMX proxy interface and to the 'Server Status' page.

The HTML interface is protected against CSRF (Cross-Site Request Forgery)attacks, but the text and JMX interfaces cannot be protected. It means thatusers who are allowed access to the text and JMX interfaces have to be cautiouswhen accessing the Manager application with a web browser.To maintain the CSRF protection:

  • If you use web browser to access the Manager application using a user that has either manager-script or manager-jmx roles (for example for testing the plain text or JMX interfaces), you MUST close all windows of the browser afterwards to terminate the session. If you do not close the browser and visit other sites, you may become victim of a CSRF attack.
  • It is recommended to never grant the manager-script or manager-jmx roles to users that have the manager-gui role.

Note that JMX proxy interface is effectively low-level root-likeadministrative interface of Tomcat. One can do a lot, if he knowswhat commands to call. You should be cautious when enabling themanager-jmx role.

To enable access to the Manager web application, you must either createa new username/password combination and associate one of themanager-xxx roles with it, or add amanager-xxx roleto some existing username/password combination.As the majority of this document describes the using the text interface, thisexample will use the role name manager-script.Exactly how the usernames/passwords are configured depends on whichRealm implementation you are using:

  • UserDatabaseRealm plus MemoryUserDatabase, or MemoryRealm — The UserDatabaseRealm and MemoryUserDatabase are configured in the default $CATALINA_BASE/conf/server.xml. Both MemoryUserDatabase and MemoryRealm read an XML-format file by default stored at $CATALINA_BASE/conf/tomcat-users.xml, which can be edited with any text editor. This file contains an XML <user> for each individual user, which might look something like this: which defines the username and password used by this individual to log on, and the role names he or she is associated with. You can add the manager-script role to the comma-delimited roles attribute for one or more existing users, and/or create new users with that assigned role.
  • DataSourceRealm or JDBCRealm — Your user and role information is stored in a database accessed via JDBC. Add the manager-script role to one or more existing users, and/or create one or more new users with this role assigned, following the standard procedures for your environment.
  • JNDIRealm — Your user and role information is stored in a directory server accessed via LDAP. Add the manager-script role to one or more existing users, and/or create one or more new users with this role assigned, following the standard procedures for your environment.

The first time you attempt to issue one of the Manager commandsdescribed in the next section, you will be challenged to log on usingBASIC authentication. The username and password you enter do not matter,as long as they identify a valid user in the users database who possessesthe role manager-script.

In addition to the password restrictions, access to the Manager webapplication can be restricted by the remote IP address or hostby adding a RemoteAddrValve or RemoteHostValve.See valves documentationfor details. Here isan example of restricting access to the localhost by IP address:

HTML User-friendly Interface

The user-friendly HTML interface of Manager web application is located at

As has already been mentioned above, you need manager-guirole to be allowed to access it. There is a separate document that provideshelp on this interface. See:

The HTML interface is protected against CSRF (Cross-Site Request Forgery)attacks. Each access to the HTML pages generates a random token, which isstored in your session and is included in all links on the page. If your nextaction does not have correct value of the token, the action will be denied.If the token has expired you can start again from the main page orList Applications page of Manager.

Supported Manager Commands

All commands that the Manager application knows how to process arespecified in a single request URI like this:

where {host} and {port} represent the hostnameand port number on which Tomcat is running, {command}represents the Manager command you wish to execute, and{parameters} represents the query parametersthat are specific to that command. In the illustrations below, customizethe host and port appropriately for your installation.

The commands are usually executed by HTTP GET requests. The/deploy command has a form that is executed by an HTTP PUT request.

Common Parameters

Most commands accept one or more of the following query parameters:

  • path - The context path (including the leading slash) of the web application you are dealing with. To select the ROOT web application, specify '/'. NOTE: It is not possible to perform administrative commands on the Manager application itself.
  • version - The version of this web application as used by the parallel deployment feature. If you use parallel deployment wherever a path is required you must specify a version in addition to the path and it is the combination of path and version that must be unique rather than just the path.
  • war - URL of a web application archive (WAR) file, or pathname of a directory which contains the web application, or a Context configuration '.xml' file. You can use URLs in any of the following formats:
    • file:/absolute/path/to/a/directory - The absolute path of a directory that contains the unpacked version of a web application. This directory will be attached to the context path you specify without any changes.
    • file:/absolute/path/to/a/webapp.war - The absolute path of a web application archive (WAR) file. This is valid only for the /deploy command, and is the only acceptable format to that command.
    • file:/absolute/path/to/a/context.xml - The absolute path of a web application Context configuration '.xml' file which contains the Context configuration element.
    • directory - The directory name for the web application context in the Host's application base directory.
    • webapp.war - The name of a web application war file located in the Host's application base directory.

Each command will return a response in text/plain format(i.e. plain ASCII with no HTML markup), making it easy for both humans andprograms to read). The first line of the response will begin with eitherOK or FAIL, indicating whether the requestedcommand was successful or not. In the case of failure, the rest of the firstline will contain a description of the problem that was encountered. Somecommands include additional lines of information as described below.

Internationalization Note - The Manager application looks upits message strings in resource bundles, so it is possible that the stringshave been translated for your platform. The examples below show the Englishversion of the messages.

Deploy A New Application Archive (WAR) Remotely

Upload the web application archive (WAR) file that is specified as therequest data in this HTTP PUT request, install it into the appBasedirectory of our corresponding virtual host, and start, deriving the name forthe WAR file added to the appBase from the specified path. Theapplication can later be undeployed (and the corresponding WAR file removed) byuse of the /undeploy command.

This command is executed by an HTTP PUT request.

The .WAR file may include Tomcat specific deployment configuration, byincluding a Context configuration XML file in/META-INF/context.xml.

URL parameters include:

  • update: When set to true, any existing update will be undeployed first. The default value is set to false.
  • tag: Specifying a tag name, this allows associating the deployed webapp with a tag or label. If the web application is undeployed, it can be later redeployed when needed using only the tag.

NOTE - This command is the logicalopposite of the /undeploy command.

If installation and startup is successful, you will receive a responselike this:

Otherwise, the response will start with FAIL and include anerror message. Possible causes for problems include:

  • Application already exists at path /foo

    The context paths for all currently running web applications must be unique. Therefore, you must undeploy the existing web application using this context path, or choose a different context path for the new one. The update parameter may be specified as a parameter on the URL, with a value of true to avoid this error. In that case, an undeploy will be performed on an existing application before performing the deployment.

  • Encountered exception

    An exception was encountered trying to start the new web application. Check the Tomcat logs for the details, but likely explanations include problems parsing your /WEB-INF/web.xml file, or missing classes encountered when initializing application event listeners and filters.

Deploy A New Application from a Local Path

Deploy and start a new web application, attached to the specified contextpath (which must not be in use by any other web application).This command is the logical opposite of the /undeploy command.

This command is executed by an HTTP GET request.There are a number of different ways the deploy command can be used.

Deploy a previously deployed webapp

This can be used to deploy a previously deployed web application, whichhas been deployed using the tag attribute. Note that the workdirectory of the Manager webapp will contain the previously deployed WARs;removing it would make the deployment fail.

Deploy a Directory or WAR by URL

Deploy a web application directory or '.war' file located on the Tomcatserver. If no path is specified, the path and version are derivedfrom the directory name or the war file name. The war parameterspecifies a URL (including the file: scheme) for eithera directory or a web application archive (WAR) file. The supported syntax fora URL referring to a WAR file is described on the Javadocs page for thejava.net.JarURLConnection class. Use only URLs that refer tothe entire WAR file.

In this example the web application located in the directory/path/to/foo on the Tomcat server is deployed as theweb application context named /footoo.

Apache not redirecting to https

In this example the '.war' file /path/to/bar.war on theTomcat server is deployed as the web application context named/bar. Notice that there is no path parameterso the context path defaults to the name of the web application archivefile without the '.war' extension.

Deploy a Directory or War from the Host appBase

Deploy a web application directory or '.war' file located in your HostappBase directory. The path and optional version are derived from the directoryor war file name.

In this example the web application located in a sub directory namedfoo in the Host appBase directory of the Tomcat server isdeployed as the web application context named /foo. Noticethat the context path used is the name of the web application directory.

Alexisonfire discography torrent. In this example the '.war' file bar.war located in yourHost appBase directory on the Tomcat server is deployed as the webapplication context named /bar.

Deploy using a Context configuration '.xml' file

If the Host deployXML flag is set to true you can deploy a webapplication using a Context configuration '.xml' file and an optional'.war' file or web application directory. The context pathis not used when deploying a web application using a context '.xml'configuration file.

A Context configuration '.xml' file can contain valid XML for aweb application Context just as if it were configured in yourTomcat server.xml configuration file. Here is anexample:

When the optional war parameter is set to the URLfor a web application '.war' file or directory it overrides anydocBase configured in the context configuration '.xml' file.

Here is an example of deploying an application using a Contextconfiguration '.xml' file.

Here is an example of deploying an application using a Contextconfiguration '.xml' file and a web application '.war' file locatedon the server.

Deployment Notes

If the Host is configured with unpackWARs=true and you deploy a warfile, the war will be unpacked into a directory in your Host appBasedirectory.

Apache http to https redirect windows

If the application war or directory is installed in your Host appBasedirectory and either the Host is configured with autoDeploy=true or theContext path must match the directory name or war file name without the'.war' extension.

For security when untrusted users can manage web applications, theHost deployXML flag can be set to false. This prevents untrusted usersfrom deploying web applications using a configuration XML file andalso prevents them from deploying application directories or '.war'files located outside of their Host appBase.

Deploy Response

If installation and startup is successful, you will receive a responselike this:

Otherwise, the response will start with FAIL and include anerror message. Possible causes for problems include:

  • Application already exists at path /foo

    The context paths for all currently running web applications must be unique. Therefore, you must undeploy the existing web application using this context path, or choose a different context path for the new one. The update parameter may be specified as a parameter on the URL, with a value of true to avoid this error. In that case, an undeploy will be performed on an existing application before performing the deployment.

  • Document base does not exist or is not a readable directory

    The URL specified by the war parameter must identify a directory on this server that contains the 'unpacked' version of a web application, or the absolute URL of a web application archive (WAR) file that contains this application. Correct the value specified by the war parameter.

  • Encountered exception

    An exception was encountered trying to start the new web application. Check the Tomcat logs for the details, but likely explanations include problems parsing your /WEB-INF/web.xml file, or missing classes encountered when initializing application event listeners and filters.

  • Invalid application URL was specified

    The URL for the directory or web application that you specified was not valid. Such URLs must start with file:, and URLs for a WAR file must end in '.war'.

  • Invalid context path was specified

    The context path must start with a slash character. To reference the ROOT web application use '/'.

  • Context path must match the directory or WAR file name:

    If the application war or directory is installed in your Host appBase directory and either the Host is configured with autoDeploy=true the Context path must match the directory name or war file name without the '.war' extension.

  • Only web applications in the Host web application directory can be installed

    If the Host deployXML flag is set to false this error will happen if an attempt is made to deploy a web application directory or '.war' file outside of the Host appBase directory.

List Currently Deployed Applications

List the context paths, current status (running orstopped), and number of active sessions for all currentlydeployed web applications. A typical response immediatelyafter starting Tomcat might look like this:

Reload An Existing Application

Signal an existing application to shut itself down and reload. This canbe useful when the web application context is not reloadable and you haveupdated classes or property files in the /WEB-INF/classesdirectory or when you have added or updated jar files in the/WEB-INF/lib directory.

If this command succeeds, you will see a response like this:

Otherwise, the response will start with FAIL and include anerror message. Possible causes for problems include:

  • Encountered exception

    An exception was encountered trying to restart the web application. Check the Tomcat logs for the details.

  • Invalid context path was specified

    The context path must start with a slash character. To reference the ROOT web application use '/'.

  • No context exists for path /foo

    There is no deployed application on the context path that you specified.

  • No context path was specified

    The path parameter is required.

  • Reload not supported on WAR deployed at path /foo

    Currently, application reloading (to pick up changes to the classes or web.xml file) is not supported when a web application is deployed directly from a WAR file. It only works when the web application is deployed from an unpacked directory. If you are using a WAR file, you should undeploy and then deploy or deploy with the update parameter the application again to pick up your changes.

List OS and JVM Properties

Lists information about the Tomcat version, OS, and JVM properties.

If an error occurs, the response will start with FAIL andinclude an error message. Possible causes for problems include:

  • Encountered exception

    An exception was encountered trying to enumerate the system properties. Check the Tomcat logs for the details.

List Available Global JNDI Resources

List the global JNDI resources that are available for use in resourcelinks for context configuration files. If you specify the typerequest parameter, the value must be the fully qualified Java class name ofthe resource type you are interested in (for example, you would specifyjavax.sql.DataSource to acquire the names of all availableJDBC data sources). If you do not specify the type requestparameter, resources of all types will be returned.

Depending on whether the type request parameter is specifiedor not, the first line of a normal response will be:

or

followed by one line for each resource. Each line is composed of fieldsdelimited by colon characters (':'), as follows:

  • Global Resource Name - The name of this global JNDI resource, which would be used in the global attribute of a <ResourceLink> element.
  • Global Resource Type - The fully qualified Java class name of this global JNDI resource.

If an error occurs, the response will start with FAIL andinclude an error message. Possible causes for problems include:

  • Encountered exception

    An exception was encountered trying to enumerate the global JNDI resources. Check the Tomcat logs for the details.

  • No global JNDI resources are available

    The Tomcat server you are running has been configured without global JNDI resources.

Session Statistics

Display the default session timeout for a web application, and thenumber of currently active sessions that fall within one-minute ranges oftheir actual timeout times. For example, after restarting Tomcat and thenexecuting one of the JSP samples in the /examples web app,you might get something like this:

Expire Sessions

Display the session statistics (like the above /sessionscommand) and expire sessions that are idle for longer than numminutes. To expire all sessions, use &idle=0 .

Actually /sessions and /expire are synonyms forthe same command. The difference is in the presence of idleparameter.

Start an Existing Application

Signal a stopped application to restart, and make itself available again.Stopping and starting is useful, for example, if the database required byyour application becomes temporarily unavailable. It is usually better tostop the web application that relies on this database rather than lettingusers continuously encounter database exceptions.

If this command succeeds, you will see a response like this:

Otherwise, the response will start with FAIL and include anerror message. Possible causes for problems include:

  • Encountered exception

    An exception was encountered trying to start the web application. Check the Tomcat logs for the details.

  • Invalid context path was specified

    The context path must start with a slash character. To reference the ROOT web application use '/'.

  • No context exists for path /foo

    There is no deployed application on the context path that you specified.

  • No context path was specified

    The path parameter is required.

Stop an Existing Application

Signal an existing application to make itself unavailable, but leave itdeployed. Any request that comes in while an application isstopped will see an HTTP error 404, and this application will show as'stopped' on a list applications command.

If this command succeeds, you will see a response like this:

Otherwise, the response will start with FAIL and include anerror message. Possible causes for problems include:

  • Encountered exception

    An exception was encountered trying to stop the web application. Check the Tomcat logs for the details.

  • Invalid context path was specified

    The context path must start with a slash character. To reference the ROOT web application use '/'.

  • No context exists for path /foo

    There is no deployed application on the context path that you specified.

  • No context path was specified The path parameter is required.

Undeploy an Existing Application

WARNING - This command will delete any webapplication artifacts that exist within appBase directory(typically 'webapps') for this virtual host.This will delete the application .WAR, if present,the application directory resulting either from a deploy in unpacked formor from .WAR expansion as well as the XML Context definition from$CATALINA_BASE/conf/[enginename]/[hostname]/ directory.If you simply want to take an applicationout of service, you should use the /stop command instead.

Signal an existing application to gracefully shut itself down, andremove it from Tomcat (which also makes this context path available forreuse later). In addition, the document root directory is removed, if itexists in the appBase directory (typically 'webapps') forthis virtual host. This command is the logical opposite of the/deploy command.

If this command succeeds, you will see a response like this:

Otherwise, the response will start with FAIL and include anerror message. Possible causes for problems include:

  • Encountered exception

    An exception was encountered trying to undeploy the web application. Check the Tomcat logs for the details.

  • Invalid context path was specified

    The context path must start with a slash character. To reference the ROOT web application use '/'.

  • No context exists named /foo

    There is no deployed application with the name that you specified.

  • No context path was specified The path parameter is required.

Finding memory leaks

The find leaks diagnostic triggers a full garbage collection. Itshould be used with extreme caution on production systems.

The find leaks diagnostic attempts to identify web applications that havecaused memory leaks when they were stopped, reloaded or undeployed. Resultsshould always be confirmedwith a profiler. The diagnostic uses additional functionality provided by theStandardHost implementation. It will not work if a custom host is used thatdoes not extend StandardHost.

Explicitly triggering a full garbage collection from Java code is documentedto be unreliable. Furthermore, depending on the JVM used, there are options todisable explicit GC triggering, like -XX:+DisableExplicitGC.If you want to make sure, that the diagnostics were successfully running a fullGC, you will need to check using tools like GC logging, JConsole or similar.

If this command succeeds, you will see a response like this:

If you wish to see a status line included in the response then include thestatusLine query parameter in the request with a value oftrue.

Each context path for a web application that was stopped, reloaded orundeployed, but which classes from the previous runs are still loaded in memory,thus causing a memory leak, will be listed on a new line. If an applicationhas been reloaded several times, it may be listed several times.

If the command does not succeed, the response will start withFAIL and include an error message.

Connector SSL/TLS cipher information

The SSL Connector/Ciphers diagnostic lists the SSL/TLS ciphers that are currentlyconfigured for each connector. For NIO and NIO2, the names of the individualcipher suites are listed. For APR, the value of SSLCipherSuite is returned.

The response will look something like this:

Connector SSL/TLS certificate chain information

The SSL Connector/Certs diagnostic lists the certificate chain that iscurrently configured for each virtual host.

The response will look something like this:

Connector SSL/TLS trusted certificate information

The SSL Connector/Certs diagnostic lists the trusted certificates that arecurrently configured for each virtual host.

The response will look something like this:

Reload TLS configuration

Reload the TLS configuration files (the certificate and key files, this doesnot trigger a re-parsing of server.xml). To reload the files for all hosts don'tspecify the tlsHostName parameter.

Thread Dump

Write a JVM thread dump.

The response will look something like this:

VM Info

Write some diagnostic information about Java Virtual Machine.

The response will look something like this:

Save Configuration

If specified without any parameters, this command saves the currentconfiguration of the server to server.xml. The existing file will be renamed asa backup if required.

If specified with a path parameter that matches the path ofa deployed web application then the configuration for that web application willbe saved to an appropriately named context.xml file in the xmlBasefor the current Host.

To use the command a StoreConfig MBean must be present. Typically this isconfigured using the StoreConfigLifecycleListener.

If the command does not succeed, the response will start withFAIL and include an error message.

Server Status

From the following links you can view Status information about the server.Any one of manager-xxx roles allows access to this page.

Displays server status information in HTML format.

Displays server status information in XML format.

First, you have the server and JVM version number, JVM provider, OS nameand number followed by the architecture type.

Second, there is information about the memory usage of the JVM.

Then, there is information about the Tomcat AJP and HTTP connectors.The same information is available for both of them :

  • Threads information : Max threads, min and max spare threads, current thread count and current thread busy.

  • Request information : Max processing time and processing time, request and error count, bytes received and sent.

  • A table showing Stage, Time, Bytes Sent, Bytes Receive, Client, VHost and Request. All existing threads are listed in the table. Here is the list of the possible thread stages :

    • 'Parse and Prepare Request' : The request headers are being parsed or the necessary preparation to read the request body (if a transfer encoding has been specified) is taking place.

    • 'Service' : The thread is processing a request and generating the response. This stage follows the 'Parse and Prepare Request' stage and precedes the 'Finishing' stage. There is always at least one thread in this stage (the server-status page).

    • 'Finishing' : The end of the request processing. Any remainder of the response still in the output buffers is sent to the client. This stage is followed by 'Keep-Alive' if it is appropriate to keep the connection alive or 'Ready' if 'Keep-Alive' is not appropriate.

    • 'Keep-Alive' : The thread keeps the connection open to the client in case the client sends another request. If another request is received, the next stage will be 'Parse and Prepare Request'. If no request is received before the keep alive times out, the connection will be closed and the next stage will be 'Ready'.

    • 'Ready' : The thread is at rest and ready to be used.

If you are using /status/all command, additional informationon each of deployed web applications will be available.

Using the JMX Proxy Servlet

What is JMX Proxy Servlet

The JMX Proxy Servlet is a lightweight proxy to get and set the tomcat internals. (Or any class that has been exposed via an MBean) Its usage is not very user friendly but the UI is extremely helpful for integrating command line scripts for monitoring and changing the internals of tomcat. You can do two things with the proxy: get information and set information. For you to really understand the JMX Proxy Servlet, you should have a general understanding of JMX. If you don't know what JMX is, then prepare to be confused.

JMX Query command

This takes the form:

Where STUFF is the JMX query you wish to perform. For example, here are some queries you might wish to run:

  • qry=*%3Atype%3DRequestProcessor%2C* --> type=RequestProcessor which will locate all workers which can process requests and report their state.
  • qry=*%3Aj2eeType=Servlet%2c* --> j2eeType=Servlet which return all loaded servlets.
  • qry=Catalina%3Atype%3DEnvironment%2Cresourcetype%3DGlobal%2Cname%3DsimpleValue --> Catalina:type=Environment,resourcetype=Global,name=simpleValue which look for a specific MBean by the given name.

You'll need to experiment with this to really understand its capabilities If you provide no qry parameter, then all of the MBeans will be displayed. We really recommend looking at the tomcat source code and understand the JMX spec to get a better understanding of all the queries you may run.

JMX Get command

The JXMProxyServlet also supports a 'get' command that you can use to fetch the value of a specific MBean's attribute. The general form of the get command is:

You must provide the following parameters:

  1. get: The full bean name
  2. att: The attribute you wish to fetch
  3. key: (optional) The key into a CompositeData MBean attribute

If all goes well, then it will say OK, otherwise an error message will be shown. For example, let's say we wish to fetch the current heap memory data:

Or, if you only want the 'used' key:

JMX Set command

Dwl 122 driver windows 10. Now that you can query an MBean, its time to muck with Tomcat's internals! The general form of the set command is :

So you need to provide 3 request parameters:

  1. set: The full bean name
  2. att: The attribute you wish to alter
  3. val: The new value

If all goes ok, then it will say OK, otherwise an error message will be shown. For example, lets say we wish to turn up debugging on the fly for the ErrorReportValve. The following will set debugging to 10.

and my result is (YMMV):

Apache http to https redirection login

Here is what I see if I pass in a bad value. Here is the URL I used, I try set debugging equal to 'cow':

When I try that, my result is

JMX Invoke command

The invoke command enables methods to be called on MBeans. The general form of the command is:

For example, to call the findConnectors() method of the Service use:

Executing Manager Commands With Ant

In addition to the ability to execute Manager commands via HTTP requests,as documented above, Tomcat includes a convenient set of Task definitionsfor the Ant (version 1.4 or later) build tool. In order to use thesecommands, you must perform the following setup operations:

  • Download the binary distribution of Ant from https://ant.apache.org. You must use version 1.4 or later.
  • Install the Ant distribution in a convenient directory (called ANT_HOME in the remainder of these instructions).
  • Add the $ANT_HOME/bin directory to your PATH environment variable.
  • Configure at least one username/password combination in your Tomcat user database that includes the manager-script role.

To use custom tasks within Ant, you must declare them first with an<import> element. Therefore, your build.xmlfile might look something like this:

Note: The definition of the resources task via the import above will overridethe resources datatype added in Ant 1.7. If you wish to use the resourcesdatatype you will need to use Ant's namespace support to modifycatalina-tasks.xml to assign the Tomcat tasks to their ownnamespace.

Now, you can execute commands like ant deploy to deploy theapplication to a running instance of Tomcat, or ant reload totell Tomcat to reload it. Note also that most of the interesting values inthis build.xml file are defined as replaceable properties, soyou can override their values from the command line. For example, you mightconsider it a security risk to include the real manager password in yourbuild.xml file's source code. To avoid this, omit the passwordproperty, and specify it from the command line:

Tasks output capture

Using Ant version 1.6.2 or later,the Catalina tasks offer the option to capture their output inproperties or external files. They support directly the following subset of the<redirector> type attributes:

AttributeDescriptionRequired
outputName of a file to which to write the output. Ifthe error stream is not also redirected to a file or property, it willappear in this output.No
errorThe file to which the standard error of thecommand should be redirected.No
logErrorThis attribute is used when you wish to seeerror output in Ant's log and you are redirecting output to afile/property. The error output will not be included in the outputfile/property. If you redirect error with the error or errorPropertyattributes, this will have no effect.No
appendWhether output and error files should beappended to or overwritten. Defaults to false.No
createemptyfilesWhether output and error files should be createdeven when empty. Defaults to true.No
outputpropertyThe name of a property in which the output ofthe command should be stored. Unless the error stream is redirected toa separate file or stream, this property will include the error output.No
errorpropertyThe name of a property in which the standarderror of the command should be stored.No

A couple of additional attributes can also be specified:

AttributeDescriptionRequired
alwaysLogThis attribute is used when you wish to see theoutput you are capturing, appearing also in the Ant's log. It must not beused unless you are capturing task output.Defaults to false.This attribute will be supported directly by <redirector>in Ant 1.6.3No
failonerrorThis attribute is used when you wish to avoid thatany manager command processing error terminates the ant execution. Defaults to true.It must be set to false, if you want to capture error output,otherwise execution will terminate before anything can be captured.
This attribute acts only on manager command execution,any wrong or missing command attribute will still cause Ant execution termination.
No

They also support the embedded <redirector> elementin which you can specifyits full set of attributes, but input, inputstring andinputencoding that, even if accepted, are not used because they haveno meaning in this context.Refer to ant manual for details on<redirector> element attributes.

Here is a sample build file extract that shows how this output redirection supportcan be used:

WARNING: even if it doesn't make many sense, and is always a bad idea,calling a Catalina task more than once,badly set Ant tasks depends chains may cause that a task be calledmore than once in the same Ant run, even if not intended to. A bit of caution should be exercised when you arecapturing output from that task, because this could lead to something unexpected:

Apache Http To Https Redirect

  • when capturing in a property you will find in it only the output from the first call, becauseAnt properties are immutable and once set they cannot be changed,
  • when capturing in a file, each run will overwrite it and you will find in it only the last calloutput, unless you are using the append='true' attribute, in which case you willsee the output of each task call appended to the file.

Tutorial

Introduction

When you have your web site or application up and running behind a domain, it is often desirable to also allow your users access to it via the plain domain name and the www subdomain. That is, they should be able to visit your domain with or without the “www.” prefix, e.g. example.com or www.example.com, in a web browser, and be presented with the same content. While there are a variety of ways to set this up, the best solution, for consistency and SEO considerations, is to choose which domain you prefer, plain or www, and redirect the other one to the preferred domain. This type of redirect is called a Permanent Redirect, or “301 redirect”, and can be easily set up by properly configuring your DNS resource records and web server software.

This tutorial will show you how to redirect a www URL to non-www, e.g. www.example.com to example.com, with Apache on Ubuntu 14.04. We will also show you how to redirect in the other direction, from a non-www URL to www. The CentOS 7 version of this tutorial is available here.

If you want to perform this type of redirect with Nginx as your web server, you should follow this tutorial instead: How to Redirect www to non-www with Nginx on Ubuntu 14.04.

Prerequisites

This tutorial assumes that you have superuser privileges, i.e. sudo or root, on the server that is running Apache. If you don’t already have that set up, follow this tutorial: Initial Server Setup on Ubuntu 14.04.

It is assumed that you have Apache installed. If you do not already have this set up, there are several tutorials on the subject under the Apache tag.

You must be able to add records to the DNS that is managing your domain. If you do not already have a domain, you may purchase one from a domain registrar, and manage it with the registrar’s DNS or DigitalOcean’s DNS. In this tutorial, we will use the DigitalOcean DNS to create the necessary records.

Let’s get started by configuring your DNS records.

Configure DNS Records

In order to set up the desired redirect, www.example.com to example.com or vice versa, you must have an A record for each name.

Open whatever you use to manage your DNS. For our example, we’ll use the DigitalOcean DNS.

If a domain (also known as a zone) record does not already exist, create one now. The hostname should be your domain, e.g. example.com, and the IP address should be set to the public IP address of your Apache server. This will automatically create an A record that points your domain to the IP address that you specified. If you are using another system to manage your domain, you may need to add this manually.

Next, add another A record with “www” as the hostname (or “www.example.com” if the partial subdomain doesn’t work), and specify the same IP address.

When you have created both records, it should look something like this:

Note: This will also work with CNAME records, as long as the canonical name’s A record refers to the IP address of your Apache web server.

Now your server should be accessible via the www and non-www domain, but we still need to set up the redirect. We’ll do that now.

Enable Rewrite Module

Apache

In order to perform the 301 redirect, we will use the Apache mod_rewrite, or Rewrite, module. Doing so will ensure that your users can access your site with or without the www. prefix, and be redirected to the domain that you prefer.

First, enable the mod_rewrite module with this command:

With the Rewrite module enabled, we can configure Apache with redirect rules using .htaccess files.

Enable .htaccess Files

Open your Apache configuration file for editing. On Ubuntu, the default configuration file is located at /etc/apache2/sites-enabled/000-default.conf, so we will use that in our example:

Find the DocumentRoot of your site, and take a note of it. By default, it’s /var/www/html, so we will use that in our example configuration.

Add the following Directory directive to the configuration and be sure to substitute the DocumentRoot for the highlighted part:

Save and exit.

Now restart Apache to put the change into effect:

Now Apache is configured to read .htaccess files located anywhere under the /var/www/html directory. Let’s add our Rewrite rules now.

Configure Rewrite Module

Apache Http To Https Redirect Htaccess

As we mentioned earlier, we will configure the Rewrite module using an .htaccess file.

Change directories to your DocumentRoot, in our case, /var/www/html:

Now open .htaccess for editing:

Of course, if you haven’t created the file before, it will be blank. Depending on which direction you want to redirect, use one of the following options.

Redirect Apache To Https

Option 1: Redirect www to non-www

If you want redirect users from www to a plain, non-www domain, insert this configuration:

.htaccess — www to non-www

Save and exit. The changes should go into effect immediately. Note that if you are using HTTPS, you should update “http”, in the RewriteRule line, to “https”.

Use this curl command to ensure that the non-www domain redirects to the www domain (replace the highlighted part with your actual domain):

You should get a 301 Moved Permanently response, that shows the non-www redirect location, like this:

Of course, you should access your domain in a web browser (www and non-www) to be sure.

Option 2: Redirect non-www to www

If you want redirect users from a plain, non-www domain to a www domain, insert this configuration:

Save and exit. the changes should go into effect immediately. Note that if you are using HTTPS, you should update “http”, in the RewriteRule line, to “https”.

Use this curl command to ensure that the non-www domain redirects to the www domain (replace the highlighted part with your actual domain):

You should get a 301 Moved Permanently response, that shows the www redirect location, like this:

Of course, you should access your domain in a web browser (www and non-www) to be sure.

Conclusion

Apache Http To Https Redirection Google

That’s it! Your Apache redirect is now configured properly, and your users will be able to access your web server via your non-www and www domain.

If you would like to understand more about mod_rewrite, the Apache feature that we used to implement the redirect, feel free to read this tutorial: How To Set Up Mod_Rewrite.