About Me

My photo
Kalyan Kumar Pasupuleti B-Tech(Information Technology). • RedHat Certified Engineer(RHCE) • Directory Services and Authentication Certificate of Expertise(LDAP) • Red Hat SELinux Policy Administration Certificate of Expertise(SELinux) • Network Services Security Certificate of Expertise (Network Services) • RedHat Certified Virtualization Administrator(RHCVA) • Red Hat Certified Security Specialist (RHCSS) Working as Cloud DevOps engineer

Monday, October 28, 2013

Redirect port 8080 traffic to port 80 How To?

Install Tomcat


These instructions will explain How to install Tomcat and configuring the web server to act as a proxy server to redirect port 8080 traffic to port 80:
If the following packages are not installed, install them:
  • yum install tomcat6
  • yum install java-1.6.0-openjdk
  • yum install httpd
How to check if they are installed or not:
  • rpm -qa |grep
Start the tomcat6 service:
  • /etc/init.d/tomcat6 start
Now Make this service to be run after restarting the Linux box as well by doing chkconfig:
  • chkconfig tomcat6 on
  • chkconfig --list tomcat6
tomcat6 0:off 1:off 2:on 3:on 4:on 5:on 6:off
Now access the tomcat home page using below URL:
  • http://localhost:8080

Create a sample test page

Create a directory called dev in the tomcat’s webapps folder
  • mkdir /var/lib/tomcat6/webapps/dev
Create a test page in the dev directory
  • vim /var/lib/tomcat6/webapps/dev/test.html
  • Welcome to sample test page
  • Save and exit.
Now access the test page using below URL:
  • http://localhost:8080/dev/test.html
If you want to access/see the directory listing from dev directory using a browser, Then we need to enable the listings in the web.xml file
Open the web.xml file and change(/etc/tomcat6/web.xml)
<param-name>listings</param-name>
<param-value>false</param-value>
To
<param-name>listings</param-name>
<param-value>true</param-value>
Note: You can place all your required content in the webapps/dev directory and access them using http://localhost:8080/dev

Redirecting port 8080 traffic to port 80

Configure your copy of Apache so that it includes the mod_proxy module. If you are building from source, the easiest way to do this is to include the --enable-module=proxydirective on the ./configure command line.
By default mod_proxy module will be installed and enabled when you install httpd using yum (yum install httpd). We need to verify whether the module is loaded or not in the httpd.conf file.
After httpd installation, Check whether the module mod_proxy is installed or not. Generally the module location is:
  • /usr/lib/httpd/modules/mod_proxy.so
Check if the module is loaded in the httpd.conf file. If not already added for you, make sure that you are loading the mod_proxy module at Apache startup time, by using the following directives in your httpd.conf file:
  • LoadModule proxy_module modules/mod_proxy.so
Include two directives in your httpd.conf file for each web application that you wish to forward to Tomcat. For example, to forward an application at context path /dev:
  • ProxyPass /dev http://<ip address or URL>:8080/dev
  • ProxyPassReverse /dev http://<ip address or URL>:8080/dev
Which tells Apache to forward URLs of the form http://<ip address or URL>/dev/* to the Tomcat connector listening on port 8080
Now save the httpd.conf file and restart/reload the service to effect the changes.
  • /etc/init.d/httpd restart/reload
Configure your Tomcat to include a special <Connector> element, with appropriate proxy settings.
Edit the file /etc/tomcat6/server.xml as:
<Connector port="8080" className="org.apache.catalina.connector.http.HttpConnector" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443"
proxyName="<IP address>"
proxyPort="80" />
Which will cause servlets inside this web application to think that all proxied requests were directed to server IP address on port 80.
Save the file and exit.
Restart tomcat6 service to effect the changes - /etc/init.d/tomcat6 restart
Now access the dev directory content using below URL:
  • http://localhost/dev (Instead of http://localhost:8080/dev)

Securing the tomcat webapp

We need to enable the MemoryRealm. We can do so by adding below line to the server.xml file inside our tomcat’s conf directory.
  • vim /etc/tomcat6/server.xml
<Realm className="org.apache.catalina.realm.MemoryRealm" />
Save and exit the file.
We need to add a user and a role for our webapp inside the tomcat-users.xml file, which can be found in the same directory.
Edit the file as shown below:
  • # vim /etc/tomcat6/tomcat-users.xml
<role rolename="admin-gui"/>
<user username="<user>" password="<password" roles="admin-gui"/>
Save and exit
The next step will be to add the login information inside the webapp we want to protect. Open webapp’s web.xml file. Write the following lines in our web.xml (located inside the web-app element).
  • # vim /etc/tomcat6/web.xml
</welcome-file-list>
<security-constraint>
<web-resource-collection>
<web-resource-name>dev</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>admin-gui</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>dev</realm-name>
</login-config>
</web-app>
Save and exit the file.
Restart tomcat6 - /etc/init.d/tomcat6 restart.
Now access below URL, So that it will prompt you for credentials:
  • http://localhost/dev
Enter below credentials which were entered in the tomcat-users.xml file earlier:
  • UserName: <user>
  • Password: <password>