Enabling the Apache Tomcat web application server to support a limited access http protocol, is a prerequisite for the database administration operations to be carried out.
Before you begin
It is recommended that all connections to Content Delivery are encrypted using HTTPS schema. Therefore, when configuring Tomcat to allow inbound HTTP connections, we must limit them to exception. This is done by binding the Tomcat connector to a specific IP.
A standard exception is for the requests to originate locally. 127.0.0.1 is the loopback Internet protocol (IP) address also referred to as the localhost. The address is used to establish an IP connection to the same machine or computer being used by the end-user.
Note: If you want to execute database administration from a different remote system, then instead of 127.0.0.1 use the IP of that remote system. If you want to allow HTTP access to all remote system then don't specify the binding address in the Connector.
Note: If you are installing as Content Delivery you need to configure with the IP of the distribution node.
Procedure
- Configure the Apache Tomcat web application server.
- Open the server.xml file, found underneath the conf subdirectory, in a text editor.
- Add a connector with the following configuration:
<Connector port="8080" protocol="HTTP/1.1"
redirectPort="8443"
address="localhost"
useBodyEncodingForURI="false"
URIEncoding="UTF-8"
connectionTimeout="72000000"
compression="on"
compressionMinSize="10"
compressableMimeType="text/html,text/xml,application/xml,text/javascript,text/css,application/x-javascript"
maxHttpHeaderSize="65536"
/>
where port is the desired port for HTTP and redirectPort is the chosen port for the HTTPS/SSL enabled Connector.
Note: If you want to entirely remove this limitation then need to remove the address attribute. Tomcat will bind port to all available IPs.
Note: If you need to bind to multiple IPs then you need to configure multiple Connectors nodes where each Connector binds to each IP using the address attribute.
- Restart the Apache Tomcat service.
- Check if the Tomcat home page displays correctly with a non-secure connection by using the link
http://localhost/.