aspose file tools*
The moose likes Tomcat and the fly likes Apache and Tomcat integration - Mod Security Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Spring in Action this week in the Spring forum!
JavaRanch » Java Forums » Products » Tomcat
Bookmark "Apache and Tomcat integration - Mod Security" Watch "Apache and Tomcat integration - Mod Security" New topic
Author

Apache and Tomcat integration - Mod Security

john menoor
Greenhorn

Joined: Jul 04, 2013
Posts: 3
I have installed both Apache(v2.2.17) and Tomcat(v6.0.37) in my system.
Apache is using port 80 and Tomcat 8080. I didnt change the default port settings.

Then I tried integrating both Apache and Tomcat using mod_jk(v1.2.31) connector.

Steps I followed:

1. Downloaded mod_jk binary file from Internet and placed inside C:\Apache2217\modules
2. Created workers.properties file inside directory C:\Apache2217\conf with the following content:
worker.list=ajp13
worker.ajp13.port=8009
worker.ajp13.host=localhost
worker.ajp13.type=ajp13
3. Added following lines in C:\Apache2217\conf\httpd.conf file for Apache
<IfModule !mod_jk.c>
LoadModule jk_module modules/mod_jk.so
# tells Apache to load the mod_jk module
</IfModule>

<IfModule !mod_jk.c>
LoadModule jk_module modules/mod_jk.so
# tells Apache to load the mod_jk module
JkWorkersFile "conf/workers.properties"
#tells the location of properties file
JkLogFile "logs/mod_jk.log"
JkLogLevel error
JkMount /jsp-examples ajp13
JkMount /jsp-examples/* ajp13
JkMount /Application ajp13
JkMount /Application/* ajp13
</IfModule>
4. Added the following lines in C:\apache-tomcat-6.0.37\conf\server.xml file for Tomcat
<Listener className="org.apache.jk.config.ApacheConfig" modJk="C:/Apache2217/modules/mod_jk.so" />
<Listener className="org.apache.jk.config.ApacheConfig" append="true" forwardAll="false" modJk="C:/Apache2217/modules/mod_jk.so" />

Placed an application(sample.war) file inside C:\apache-tomcat-6.0.37\webapps. sample is a vulnerable app developed using JSP and Servlets.
I started Tomcat first and then Apache services using services.msc.
Able to access the application using http://localhost:8080/sample and it is working fine.

My doubt is I have integrated Apache and Tomcat, but why am I not able to access the application on port 80 using http://localhost:80/sample.
Note: I went for Tomcat because Apache only supports static pages written using html, php etc., but the vulnerable app I had is a dynamic one.
I configured Mod Security on Apache and I am afraid it won’t log the Tomcat traffic.
I refered link: http://palpapers.plynt.com/issues/20...t-into-waf-p1/ for the above procedure.

Please help me in resolving this issue.
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 16142
    
  21

These days I use mod_proxy instead of mod_jk, so my expertise is a bit rusty. But you cannot expect a URL such as http://localhost:80/sample to automatically route to Tomcat. After all, one of Apache's great strengths is its ability to serve content generated by a large variety of providers.

In short, you need a JkMount for /sample in order to get that URL routed to Tomcat.


Customer surveys are for companies who didn't pay proper attention to begin with.
john menoor
Greenhorn

Joined: Jul 04, 2013
Posts: 3
Able to integrate Apache and Tomcat.
Mod security hosted on Apache scans the Tomcat traffic.
I didnt change the Tomcat default port.

Deployed a WAR file in Tomcat webapps directory and accessed it using 80 port.

Followed steps given in http://www.avajava.com/tutorials/lessons/how-do-i-connect-apache-to-tomcat-using-the-mod-jk-module.html?page=1

It worked Succesfully!!!

Thanks All.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Apache and Tomcat integration - Mod Security