mod_jk for RHEL6


If you have a RHEL6 box which ships both Apache and Tomcat6 you might want to connect the two together. You probably have looked around for mod_jk as a RHEL6 RPM or SRPM (src.rpm).

You find that It isn't in EPEL, and it isn't in Red Hat Optional Server 6 RHN channel, etc.

It seems that the new way forward with RHEL/Fedora world is to use mod_proxy_ajp. For example, the RH/Fedora project Spacewalk switched from mod_jk to mod_proxy_ajp.

Note that mod_proxy_ajp is a core module of Apache 2.2 and newer so this should be a rather definitive/final change in recommended connector for Tomcat and Apache. Continue reading “mod_jk for RHEL6” »


Improving Apache Tomcat Security – A Step By Step Guide

Apache Tomcat boasts an impressive track record when it comes to security. According to the official Apache Tomcat Wiki Pages, there has never been a reported case of actual damage or significant data loss due to a malicious attack on any Apache Tomcat instance. Most vulnerabilities, both major and minor, are discovered by the Tomcat community itself or security researchers, and quickly patched. Thus, the default installation of Tomcat can be said to be "fairly secure".

Starting from this baseline, there are additional measures that can be taken to make Tomcat as secure as possible for a given use case. As with any security scenario, Tomcat security is a matter of balancing ease of use and access with restriction and hardening of access. For example, although it is technically more secure to disable Tomcat's deployment capabilities when moving to production, for many organizations the desire to automate deployment supersedes the security benefit of disabling these features. Continue reading “Improving Apache Tomcat Security – A Step By Step Guide” »


A Simple Step-By-Step Guide To Apache Tomcat SSL Configuration

Secure Socket Layer (SSL) is a protocol that provides security for communications between client and server by implementing encrypted data and certificate-based authentication. Technically, the term "SSL" now refers to the Transport Layer ouSecurity (TLS) protocol, which is based on the original SSL specification.

SSL is one of the most common ways of integrating secure communication on the internet, as it is a mature protocol that is well-supported by every major browser and a number of well-respected organizations provide third party SSL authentication services.

If you're using Apache Tomcat, chances are that at least some of the data you're handling is sensitive, and SSL is an easy way to offer your users security. The good news is that Tomcat fully supports the SSL protocol. The bad news is that the configuration process and SSL itself can be a little confusing for first-time users.

Don't worry! To help you get SSL working with your Tomcat servers, we've assembled a simple, comprehensive, step-by-step guide to using SSL with Tomcat. From an overview of how the protocol actually works, to clear, simple configuration instructions, this guide will help you get SSL running on your server in no time.
Tcat eliminates tedious configuration tasks. Create the correct configuration a single time, save it to a server profile, and apply it to other instances (or groups of instances) with a single click. Try Tcat for free today! Continue reading “A Simple Step-By-Step Guide To Apache Tomcat SSL Configuration” »


Install Tomcat 6 in Debian

This article outlines a procedure for installing Tomcat 6 in Debian Lenny. Keep in mind that this does not include Apache 2 installation or integration. Apache must be installed separately and integrated to work with Tomcat.

Add following line in sources list-

nano /etc/apt/sources.list

deb squeeze non-free

Update and install java

apt-get update
apt-get install sun-java6-jdk sun-java6-jre libtcnative-1

Ensure installed

java -version


nano ~/.bashrc

Add the following at the end of the file: Continue reading “Install Tomcat 6 in Debian” »