Catalina Functional Specifications

Apache Tomcat 7

Version 7.0.85, Feb 7 2018
Apache Logo

Links

Administrative Apps

Internal Servlets

Realm Implementations

Administrative Apps - Administered Objects

Table of Contents
Administered Objects Overview

This document defines the Administered Objects that represent the internal architectural components of the Catalina servlet container. Associated with each is a set of Supported Operations that can be performed when the administrative application is "focused" on a particular configurable object.

The following Administered Objects are defined:

Access Logger

An Access Logger is an optional Valve that can create request access logs in the same formats as those provided by web servers. Such access logs are useful input to hit count and user access tracking analysis programs. An Access Logger can be attached to an Engine, a Host, a Context, or a Default Context.

The standard component implementing an Access Logger is org.apache.catalina.valves.AccessLogValve. It supports the following configurable properties:

  • debug - Debugging detail level. [0]
  • directory - Absolute or relative (to $CATALINA_BASE) path of the directory into which access log files are created. [logs].
  • pattern - Pattern string defining the fields to be included in the access log output, or "common" for the standard access log pattern. See org.apache.catalina.valves.AccessLogValve for more information. [common]
  • prefix - Prefix added to the beginning of each log file name created by this access logger.
  • resolveHosts - Should IP addresses be resolved to host names in the log? [false]
  • suffix - Suffix added to the end of each log file name created by this access logger.
Connector

A Connector is the representation of a communications endpoint by which requests are received from (and responses returned to) a Tomcat client. The administrative applications shall support those connectors that are commonly utilized in Tomcat installations, as described in detail below.

For standalone use, the standard connector supporting the HTTP/1.1 protocol is org.apache.catalina.connectors.http.HttpConnector. It supports the following configurable properties:

  • acceptCount - The maximum queue length of incoming connections that have not yet been accepted. [10]
  • address - For servers with more than one IP address, the address upon which this connector should listen. [All Addresses]
  • bufferSize - Default input buffer size (in bytes) for requests created by this Connector. [2048]
  • debug - Debugging detail level. [0]
  • enableLookups - Should we perform DNS lookups on remote IP addresses when request.getRemoteHost() is called? [false]
  • maxProcessors - The maximum number of processor threads supported by this connector. [20]
  • minProcessors - The minimum number of processor threads to be created at container startup. [5]
  • port - TCP/IP port number on which this Connector should listen for incoming requests. [8080]
  • proxyName - Host name to be returned when an application calls request.getServerName(). [Value of Host: header]
  • proxyPort - Port number to be returned when an application calls request.getServerPort(). [Same as port]
Context

A Context is the representation of an individual web application, which is associated with a corresponding Host. Note that the administrable properties of a Context do not include any settings from inside the web application deployment descriptor for that application.

The standard component implementing a Context is org.apache.catalina.core.StandardContext. It supports the following configurable properties:

  • cookies - Should be use cookies for session identifier communication? [true]
  • crossContext - Should calls to ServletContext.getServletContext() return the actual context responsible for the specified path? [false]
  • debug - Debugging detail level. [0]
  • docBase - The absolute or relative (to the appBase of our owning Host) pathname of a directory containing an unpacked web application, or of a web application archive (WAR) file.
  • override - Should settings in this Context override corresponding settings in the Default Context? [false]
  • path - Context path for this web application, or an empty string for the root application of a Host. [Inferred from directory or WAR file name]
  • reloadable - Should Tomcat monitor classes in the /WEB-INF/classes directory for changes, and reload the application if they occur? [false]
  • useNaming - Should Tomcat provide a JNDI naming context, containing preconfigured entries and resources, corresponding to the requirements of the Java2 Enterprise Edition specification? [true]
  • workDir - Absolute pathname of a scratch directory that is provided to this web application. [Automatically assigned relative to $CATALINA_BASE/work]

Each Context is owned by a parent Host, and is associated with:

  • An optional Access Logger that logs all requests processed by this web application.
  • Zero or more Environment Entries representing environment entries for the JNDI naming context associated with a web application.
  • Zero or more JDBC Resources representing database connection pools associated with a web application.
  • A Loader representing the web application class loader used by this web application.
  • A Manager representing the session manager used by this web application.
  • An optional Realm used to provide authentication and access control information for this web application.
  • Zero or more Request Filters used to limit access to this web application based on remote host name or IP address.
Default Context

A Default Context represents a subset of the configurable properties of a Context, and is used to set defaults for those properties when web applications are automatically deployed. A Default Context object can be associated with an Engine or a Host. The following configurable properties are supported:

  • cookies - Should be use cookies for session identifier communication? [true]
  • crossContext - Should calls to ServletContext.getServletContext() return the actual context responsible for the specified path? [false]
  • reloadable - Should Tomcat monitor classes in the /WEB-INF/classes directory for changes, and reload the application if they occur? [false]
  • useNaming - Should Tomcat provide a JNDI naming context, containing preconfigured entries and resources, corresponding to the requirements of the Java2 Enterprise Edition specification? [true]

Each Default Context is owned by a parent Engine or Host, and is associated with:

  • Zero or more Environment Entries representing environment entries for the JNDI naming context associated with a web application.
  • Zero or more JDBC Resources representing database connection pools associated with a web application.
  • An optional Loader representing default configuration properties for the Loader component of deployed web applications.
  • An optional Manager representing default configuration properties for the Manager component of deployed web applications.
Default Deployment Descriptor

Default web application characteristics are configured in a special deployment descriptor named $CATALINA_BASE/conf/web.xml. This section describes the configurable components that may be stored there.

FIXME - Complete the description of default servlets, default mappings, default MIME types, and so on.

Engine

An Engine is the representation of the entire Catalina servlet container, and processes all requests for all of the associated virtual hosts and web applications.

The standard component implementing an Engine is org.apache.catalina.core.StandardEngine. It supports the following configurable properties:

  • debug - Debugging detail level. [0]
  • defaultHost - Name of the Host to which requests will be directed if the requested host is unknown. [localhost]
  • name - Logical name of this engine. [Tomcat Stand-Alone]

Each Engine is owned by a parent Service, and is associated with:

  • An optional Access Logger that logs all requests processed by the entire container.
  • A Default Context, representing default properties of a Context for automatically deployed applications for all associated Hosts (unless overridden by a subordinate component).
  • One or more Hosts representing individual virtual hosts supported by this container.
  • A Realm used to provide authentication and access control information for all virtual hosts and web applications (unless overridden by a subordinate component).
  • Zero or more Request Filters used to limit access to the entire container based on remote host name or IP address.
Environment Entry

An Environment Entry is the representation of a <env-entry> element from a web application deployment descriptor. It will cause the creation of a corresponding entry in the JNDI naming context provided to the corresponding Context. The following configurable properties are supported:

  • description - Description of this environment entry.
  • name - Environment entry name (relative to the java:comp/env context)
  • type - Environment entry type (must be one of the fully qualified Java classes listed in the servlet spec).
  • value - Environment entry value (must be convertible from String to the specified type.
Host

A Host is the representation of an individual virtual host, which has a unique set of associated web applications.

The standard component implementing a Host is org.apache.catalina.core.StandardHost. It supports the following configurable properties:

  • aliases - Zero or more DNS names that are also associated with this host (for example, a particular host might be named www.mycompany.com with an alias company.com).
  • appBase - Absolute or relative (to $CATALINA_BASE) path to a directory from which web applications will be automatically deployed.
  • debug - Debugging detail level. [0]
  • name - DNS Name of the virtual host represented by this object.
  • unpackWARs - Should web application archive files deployed by this virtual host be unpacked first? [true]

Each Host is owned by a parent Engine, and is associated with:

  • An optional Access Logger that logs all requests processed by this virtual host.
  • One or more Contexts representing the web applications operating on this Host.
  • A Default Context representing default Context properties for web applications that are automatically deployed by this Host.
  • A optional Realm used to provide authentication and access control information for all web applications associated with this virtual host (unless overridden by a subordinate component).

FIXME - Should we support configuration of the User Web Applications functionality?

JDBC Resource

A JDBC Resources represents a database connection pool (i.e. an implementation of javax.sql.DataSource that will be configured and made available in the JNDI naming context associated with a web application.

FIXME - properties of this administered object

Loader

A Loader represents a web application class loader that will be utilized to provide class loading services for a particular Context.

The standard component implementing a Loader is org.apache.catalina.loader.StandardLoader. It supports the following configurable properties:

  • checkInterval - Number of seconds between checks for modified classes, if automatic reloading is enabled. [15]
  • debug - Debugging detail level. [0]
  • reloadable - Should this class loader check for modified classes and initiate automatic reloads? [Set automatically from the reloadable property of the corresponding Context]

Each Loader is owned by a parent Context.

Manager

A Manager represents a session manager that will be associated with a particular web application. FIXME - Add support for advanced session managers and their associated Stores.

The standard component implementing a Manager is org.apache.catalina.session.StandardManager. It supports the following configurable properties:

  • checkInterval - Number of seconds between checks for expired sessions. [60]
  • debug - Debugging detail level. [0]
  • maxActiveSessions - The maximum number of active sessions that are allowed, or -1 for no limit. [-1]

Each Manager is owned by a parent Context.

Realm

A Realm represents a "database" of information about authorized users, their passwords, and the security roles assigned to them. This will be used by the container in the implementation of container-managed security in accordance with the Servlet Specification. Several alternative implementations are supported.

org.apache.catalina.realm.MemoryRealm initializes its user information from a simple XML file at startup time. If changes are made to the information in this file, the corresponding web applications using it must be restarted for the changes to take effect. It supports the following configurable properties:

  • debug - Debugging detail level. [0]
  • pathname - Absolute or relative (to $CATALINA_BASE) path to the XML file containing our user information. [conf/tomcat-users.xml]

org.apache.catalina.realm.JDBCRealm uses a relational database (accessed via JDBC APIs) to contain the user information. Changes in the contents of this database take effect immediately; however, the roles assigned to a particular user are calculated only when the user initially logs on (and not per request). The following configurable properties are supported:

  • connectionName - Database username to use when establishing a JDBC connection.
  • connectionPassword - Database password to use when establishing a JDBC connection.
  • connectionURL - Connection URL to use when establishing a JDBC connection.
  • debug - Debugging detail level. [0]
  • digest - Name of the MessageDigest algorithm used to encode passwords in the database, or a zero-length string for no encoding. [Zero-length String]
  • driverName - Fully qualified Java class name of the JDBC driver to be utilized.
  • roleNameCol - Name of the column, in the User Roles table, which contains the role name.
  • userCredCol - Name of the column, in the Users table, which contains the password (encrypted or unencrypted).
  • userNameCol - Name of the column, in both the Users and User Roles tables, that contains the username.
  • userRoleTable - Name of the User Roles table, which contains one row per security role assigned to a particular user. This table must contain the columns specified by the userNameCol and roleNameCol properties.
  • userTable - Name of the Users table, which contains one row per authorized user. This table must contain the columns specified by the userNameCol and userCredCol properties.

FIXME - Should we provide mechanisms to edit the contents of a "tomcat-users.xml" file through the admin applications?

Each Realm is owned by a parent Engine, Host, or Context.

Request Filter

FIXME - complete this entry

Server

FIXME - complete this entry

Service

FIXME - complete this entry

Comments

Notice: This comments section collects your suggestions on improving documentation for Apache Tomcat.

If you have trouble and need help, read Find Help page and ask your question on the tomcat-users mailing list. Do not ask such questions here. This is not a Q&A section.

The Apache Comments System is explained here. Comments may be removed by our moderators if they are either implemented or considered invalid/off-topic.


Copyright © 1999-2018, Apache Software Foundation