Description
This document details how to protect a Tomcat web application using Siteminder.
The document assumes the reader is already experienced in the setup and configuration of webagents.
The method described in this document involves using an Apache Web server and Tomcat connector to serve as a proxy for tomcat.
Solution
Enter the following information into the file
LoadModule jk_module " [Full path and name of the tomcat connector] "
JkWorkersFile "[Root folder of tomcat installation] /conf/workers.properties"
JkLogFile " [Full path and name of the logfile you wish to use] "
JkLogLevel info
JkLogStampFormat "[%a %b %d %H:%M:%S %Y]"
JkOptions +ForwardKeySize +ForwardURICompat -ForwardDirectories
JkRequestLogFormat "%w %V %T"
Finally add the line:
JkMount / [your application name] smworker
JkMount / [your application name] /* smworkerThis will redirect everything sent to the application name you specify to tomcat, For example:
JkMount /example smworker
JkMount /example/* smworker
will send all requests received by apache on http://myserver.ca.com/example to be redirected to tomcat.
Edit the webservers httpd.conf file.
On a windows system this is commonly located in C:\Program Files\Apache Group\Apache2\conf
Create a worker.properties file in [Tomcat root folder] /confAt the end of this file add the line:
include " [tomcat install folder] /conf/mod_jk.conf"Where [tomcat install folder] is the location of your tomcat installation.
In the server.xml file (located in [Tomcat root folder] /conf) ensure the have the following line uncommented.Paste the following information into this file:
# Define 1 real worker named smworker
worker.list=smworker# Set properties for worker named smworker to use ajp13 protocol,
# and run on port 8009
worker.ajp13.type=ajp13
worker.ajp13.host=localhost
worker.ajp13.port=8009
worker.ajp13.lbfactor=50
worker.ajp13.cachesize=10
worker.ajp13.cache_timeout=600
worker.ajp13.socket_keepalive=1
worker.ajp13.socket_timeout=300
Finally start the tomcat server.apache -k install
apache -k start