Documentation Center

Enabling restricted http protocol for the Apache Tomcat web application server

Enabling the Apache Tomcat web application server to support a limited access http protocol, is a prerequisite for the database administration operations to be carried out.

Before you begin

It is recommended that all connections to Content Delivery are encrypted using HTTPS schema. Therefore, when configuring Tomcat to allow inbound HTTP connections, we must limit them to exception. This is done by binding the Tomcat connector to a specific IP.

A standard exception is for the requests to originate locally. 127.0.0.1 is the loopback Internet protocol (IP) address also referred to as the localhost. The address is used to establish an IP connection to the same machine or computer being used by the end-user.

Procedure

  1. Configure the Apache Tomcat web application server.
    1. Open the server.xml file, found underneath the conf subdirectory, in a text editor.
    2. Add a connector with the following configuration:
      
      <Connector port="8080" protocol="HTTP/1.1" 
      		   redirectPort="8443"
      		   address="localhost"
      		   useBodyEncodingForURI="false" 
      		   URIEncoding="UTF-8"
      		   connectionTimeout="72000000"
      		   compression="on"
      		   compressionMinSize="10"
      		   compressableMimeType="text/html,text/xml,application/xml,text/javascript,text/css,application/x-javascript"
      		   maxHttpHeaderSize="65536" 
      		   />
      

      where port is the desired port for HTTP and redirectPort is the chosen port for the HTTPS/SSL enabled Connector.

  2. Restart the Apache Tomcat service.
  3. Check if the Tomcat home page displays correctly with a non-secure connection by using the link http://localhost/.