Tomcat 8 正在读取我的 Java Rest API (war) 中的 web.xml 和 context.xml 文件吗?
Is Tomcat 8 reading the web.xml and context.xml files in my Java Rest API (war)?
我在 Eclipse 中创建了一个 Java Rest API (Dynamic Web) 项目(包括 Javax 和 Jersey 库)并将其部署到我的 Tomcat 8 服务器.
当我通过 HTTP(例如 http://www.mydomain.co.uk:8080/MyJavaProject/context_string/path_params)调用它时,它 returns 是一个基本的 JSON 响应,但是当我在服务器上启用 SSL/TLS 时,使用正版证书,它在 Postman 中给出 404 Not Found。
error.log 在 /path/MyJavaProject/context_string/path_params 上显示 file does not exist 错误,但该文件不存在,因为它是我的 REST API 中的参考参数,所以我不我想 Tomcat 不知道如何使用 WAR 文件。
如果我调用 https://www.mydomain.co.uk/MyJavaProject.
,我可以进入目录结构导航器
我的日志一切正常,现在没有显示任何错误。我已将安全值放入我的 web.xml 和我的应用 WEB-INF 中。 WAR 及其分解文件夹的权限均为 777.
我读到这个区域使用了一个叫做 context.xml 的东西,但如果设置了 autoDeploy-true(我的是),则可能会或可能不会使用。
我的问题是:如何确定 Tomcat 是否真的在我的应用程序中读取 context.xml 和 web.xml?这是我尝试解决 404 错误的最后一个想法。
这是我应用程序的 web.xml 文件:
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" id="WebApp_ID" version="3.0">
<display-name>MyProject</display-name>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
<welcome-file>index.htm</welcome-file>
<welcome-file>index.jsp</welcome-file>
<welcome-file>default.html</welcome-file>
<welcome-file>default.htm</welcome-file>
<welcome-file>default.jsp</welcome-file>
</welcome-file-list>
<servlet>
<servlet-name>ServletAdaptor</servlet-name>
<servlet-class>
com.sun.jersey.server.impl.container.servlet.ServletAdaptor</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>ServletAdaptor</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>
<security-constraint>
<web-resource-collection>
<web-resource-name>MyProject</web-resource-name>
<url-pattern>/context_string/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
</web-app>
这是我应用程序的 context.xml 文件:
<?xml version="1.0" encoding="UTF-8"?>
<Context docBase="" path="" reloadable="true">
</Context>
您需要在 apache2 或 nginx 中使用反向代理来将请求内部重定向到 tomcat。
https 在服务器上默认使用 443 端口。因此,您需要使用 https 定义一个新端口或重定向相同的端口。
阅读 this and this 以更改 apache2。
这更像是评论,但我无法添加评论。
使用此调用中的两条评论解决了问题。
端口冲突,所以我将server.xml和apache2/../000default.conf都改成了8443(我发现443不稳定)。
与此同时,我现在将“8443”作为我所有 URL 调用的端口,而不是没有端口。
我将其添加到 .conf 文件中:
SSLProxyEngine 开启
ProxyPass /MyProject/context https://www.mydomain.co.uk/MyProject/context
ProxyPassReverse /MyProject/context https://www.mydomain.co.uk/MyProject/context
还得
a2enmod proxy_http
和
将 VirtualHost 标签设置为 ip 而不是 '*',即 ipaddress.8443
为了更好地衡量,请使用
apache2ctl 配置测试
我并没有在我的应用程序中对 web.xml 做更多的事情,我从我的应用程序中删除了 context.xml。
这真的是一个调整旋钮和刻度盘直到它起作用的案例,我花了大约 2 周的时间。为什么不容易呢。
这是我的参考资料
apache2/..conf
<VirtualHost ipaddress:8443>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
#ServerName www.example.com
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<IfModule dir_module>
DirectoryIndex index.html
</IfModule>
LogLevel debug
#SetEnv HTTPS on
SSLEngine on
SSLCertificateFile /etc/ssl/certs/mydomain_co_uk.crt
SSLCertificateKeyFile /etc/ssl/private/www.mydomain.co.uk.key
# SSLCertificateKeyFile /etc/ssl/certs/mydomain_co_uk.pem
SSLCACertificateFile /etc/ssl/certs/mydomain_co_uk.ca-bundle
ServerName www.mydomain.co.uk
SSLProxyEngine on
ProxyPass /MyProject/context https://www.mydomain.co.uk/MyProject/context
ProxyPassReverse /MyProject/context https://www.mydomain.co.uk/MyProject/context
Alias /ProjectName"/var/lib/tomcat8/webapps/ProjectName"
<Directory "/var/lib/tomcat8/webapps/ProjectName">
Options Indexes FollowSymLinks
AllowOverride all
Allow from all
</Directory>
<Location />
Require all granted
</Location>
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
</VirtualHost>
Server.xml
<Connector
protocol="org.apache.coyote.http11.Http11AprProtocol"
port="8443" maxThreads="200" clientAuth="false"
scheme="https" secure="true" SSLEnabled="true"
SSLCertificateFile="/etc/ssl/certs/mydomain_co_uk.crt"
SSLCertificateKeyFile="/etc/ssl/private/www.mydomain.co.uk.key"
SSLPassword="planetx"
SSLVerifyClient="optional" SSLProtocol="TLSv1+TLSv1.1+TLSv1.2"/>
<Engine name="Catalina" defaultHost="localhost">
<!--For clustering, please take a look at documentation at:
/docs/cluster-howto.html (simple how to)
/docs/config/cluster.html (reference documentation) -->
<!--
<Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/>
-->
<!-- Use the LockOutRealm to prevent attempts to guess user passwords
via a brute-force attack -->
<Realm className="org.apache.catalina.realm.LockOutRealm">
<!-- This Realm uses the UserDatabase configured in the global JNDI
resources under the key "UserDatabase". Any edits
that are performed against this UserDatabase are immediately
available for use by the Realm. -->
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
resourceName="UserDatabase"/>
</Realm>
<Host name="localhost" appBase="webapps"
unpackWARs="true" autoDeploy="true">
<!-- SingleSignOn valve, share authentication between web applications
Documentation at: /docs/config/valve.html -->
<!--
<Valve className="org.apache.catalina.authenticator.SingleSignOn" />
-->
<!-- Access log processes all example.
Documentation at: /docs/config/valve.html
Note: The pattern used is equivalent to using pattern="common" -->
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="localhost_access_log" suffix=".txt"
pattern="%h %l %u %t "%r" %s %b" />
</Host>
</Engine>
</Service>
</Server>
web.xml 来自我的应用程序 web-inf
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" id="WebApp_ID" version="3.0">
<display-name>Projectname</display-name>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
<welcome-file>index.htm</welcome-file>
<welcome-file>index.jsp</welcome-file>
<welcome-file>default.html</welcome-file>
<welcome-file>default.htm</welcome-file>
<welcome-file>default.jsp</welcome-file>
</welcome-file-list>
<servlet>
<servlet-name>ServletAdaptor</servlet-name>
<servlet-class>
com.sun.jersey.server.impl.container.servlet.ServletAdaptor</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>ServletAdaptor</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>
<security-constraint>
<web-resource-collection>
<web-resource-name>Projectname</web-resource-name>
<url-pattern>/context</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
</web-app>
我在 Eclipse 中创建了一个 Java Rest API (Dynamic Web) 项目(包括 Javax 和 Jersey 库)并将其部署到我的 Tomcat 8 服务器.
当我通过 HTTP(例如 http://www.mydomain.co.uk:8080/MyJavaProject/context_string/path_params)调用它时,它 returns 是一个基本的 JSON 响应,但是当我在服务器上启用 SSL/TLS 时,使用正版证书,它在 Postman 中给出 404 Not Found。
error.log 在 /path/MyJavaProject/context_string/path_params 上显示 file does not exist 错误,但该文件不存在,因为它是我的 REST API 中的参考参数,所以我不我想 Tomcat 不知道如何使用 WAR 文件。
如果我调用 https://www.mydomain.co.uk/MyJavaProject.
我的日志一切正常,现在没有显示任何错误。我已将安全值放入我的 web.xml 和我的应用 WEB-INF 中。 WAR 及其分解文件夹的权限均为 777.
我读到这个区域使用了一个叫做 context.xml 的东西,但如果设置了 autoDeploy-true(我的是),则可能会或可能不会使用。
我的问题是:如何确定 Tomcat 是否真的在我的应用程序中读取 context.xml 和 web.xml?这是我尝试解决 404 错误的最后一个想法。
这是我应用程序的 web.xml 文件:
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" id="WebApp_ID" version="3.0">
<display-name>MyProject</display-name>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
<welcome-file>index.htm</welcome-file>
<welcome-file>index.jsp</welcome-file>
<welcome-file>default.html</welcome-file>
<welcome-file>default.htm</welcome-file>
<welcome-file>default.jsp</welcome-file>
</welcome-file-list>
<servlet>
<servlet-name>ServletAdaptor</servlet-name>
<servlet-class>
com.sun.jersey.server.impl.container.servlet.ServletAdaptor</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>ServletAdaptor</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>
<security-constraint>
<web-resource-collection>
<web-resource-name>MyProject</web-resource-name>
<url-pattern>/context_string/*</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
</web-app>
这是我应用程序的 context.xml 文件:
<?xml version="1.0" encoding="UTF-8"?>
<Context docBase="" path="" reloadable="true">
</Context>
您需要在 apache2 或 nginx 中使用反向代理来将请求内部重定向到 tomcat。
https 在服务器上默认使用 443 端口。因此,您需要使用 https 定义一个新端口或重定向相同的端口。 阅读 this and this 以更改 apache2。
这更像是评论,但我无法添加评论。
使用此调用中的两条评论解决了问题。
端口冲突,所以我将server.xml和apache2/../000default.conf都改成了8443(我发现443不稳定)。 与此同时,我现在将“8443”作为我所有 URL 调用的端口,而不是没有端口。
我将其添加到 .conf 文件中:
SSLProxyEngine 开启
ProxyPass /MyProject/context https://www.mydomain.co.uk/MyProject/context
ProxyPassReverse /MyProject/context https://www.mydomain.co.uk/MyProject/context
还得 a2enmod proxy_http 和 将 VirtualHost 标签设置为 ip 而不是 '*',即 ipaddress.8443 为了更好地衡量,请使用
检查它是否有效
apache2ctl 配置测试
我并没有在我的应用程序中对 web.xml 做更多的事情,我从我的应用程序中删除了 context.xml。
这真的是一个调整旋钮和刻度盘直到它起作用的案例,我花了大约 2 周的时间。为什么不容易呢。
这是我的参考资料
apache2/..conf
<VirtualHost ipaddress:8443>
# The ServerName directive sets the request scheme, hostname and port that
# the server uses to identify itself. This is used when creating
# redirection URLs. In the context of virtual hosts, the ServerName
# specifies what hostname must appear in the request's Host: header to
# match this virtual host. For the default virtual host (this file) this
# value is not decisive as it is used as a last resort host regardless.
# However, you must set it for any further virtual host explicitly.
#ServerName www.example.com
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
# Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
# error, crit, alert, emerg.
# It is also possible to configure the loglevel for particular
# modules, e.g.
#LogLevel info ssl:warn
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<IfModule dir_module>
DirectoryIndex index.html
</IfModule>
LogLevel debug
#SetEnv HTTPS on
SSLEngine on
SSLCertificateFile /etc/ssl/certs/mydomain_co_uk.crt
SSLCertificateKeyFile /etc/ssl/private/www.mydomain.co.uk.key
# SSLCertificateKeyFile /etc/ssl/certs/mydomain_co_uk.pem
SSLCACertificateFile /etc/ssl/certs/mydomain_co_uk.ca-bundle
ServerName www.mydomain.co.uk
SSLProxyEngine on
ProxyPass /MyProject/context https://www.mydomain.co.uk/MyProject/context
ProxyPassReverse /MyProject/context https://www.mydomain.co.uk/MyProject/context
Alias /ProjectName"/var/lib/tomcat8/webapps/ProjectName"
<Directory "/var/lib/tomcat8/webapps/ProjectName">
Options Indexes FollowSymLinks
AllowOverride all
Allow from all
</Directory>
<Location />
Require all granted
</Location>
# For most configuration files from conf-available/, which are
# enabled or disabled at a global level, it is possible to
# include a line for only one particular virtual host. For example the
# following line enables the CGI configuration for this host only
# after it has been globally disabled with "a2disconf".
#Include conf-available/serve-cgi-bin.conf
</VirtualHost>
Server.xml
<Connector
protocol="org.apache.coyote.http11.Http11AprProtocol"
port="8443" maxThreads="200" clientAuth="false"
scheme="https" secure="true" SSLEnabled="true"
SSLCertificateFile="/etc/ssl/certs/mydomain_co_uk.crt"
SSLCertificateKeyFile="/etc/ssl/private/www.mydomain.co.uk.key"
SSLPassword="planetx"
SSLVerifyClient="optional" SSLProtocol="TLSv1+TLSv1.1+TLSv1.2"/>
<Engine name="Catalina" defaultHost="localhost">
<!--For clustering, please take a look at documentation at:
/docs/cluster-howto.html (simple how to)
/docs/config/cluster.html (reference documentation) -->
<!--
<Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/>
-->
<!-- Use the LockOutRealm to prevent attempts to guess user passwords
via a brute-force attack -->
<Realm className="org.apache.catalina.realm.LockOutRealm">
<!-- This Realm uses the UserDatabase configured in the global JNDI
resources under the key "UserDatabase". Any edits
that are performed against this UserDatabase are immediately
available for use by the Realm. -->
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
resourceName="UserDatabase"/>
</Realm>
<Host name="localhost" appBase="webapps"
unpackWARs="true" autoDeploy="true">
<!-- SingleSignOn valve, share authentication between web applications
Documentation at: /docs/config/valve.html -->
<!--
<Valve className="org.apache.catalina.authenticator.SingleSignOn" />
-->
<!-- Access log processes all example.
Documentation at: /docs/config/valve.html
Note: The pattern used is equivalent to using pattern="common" -->
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="localhost_access_log" suffix=".txt"
pattern="%h %l %u %t "%r" %s %b" />
</Host>
</Engine>
</Service>
</Server>
web.xml 来自我的应用程序 web-inf
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd" id="WebApp_ID" version="3.0">
<display-name>Projectname</display-name>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
<welcome-file>index.htm</welcome-file>
<welcome-file>index.jsp</welcome-file>
<welcome-file>default.html</welcome-file>
<welcome-file>default.htm</welcome-file>
<welcome-file>default.jsp</welcome-file>
</welcome-file-list>
<servlet>
<servlet-name>ServletAdaptor</servlet-name>
<servlet-class>
com.sun.jersey.server.impl.container.servlet.ServletAdaptor</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>ServletAdaptor</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>
<security-constraint>
<web-resource-collection>
<web-resource-name>Projectname</web-resource-name>
<url-pattern>/context</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
</web-app>