Table of Contents

How to configure mod_proxy_ajp with Tomcat ?

mod_proxy_ajp is an Apache module which can be used to forward a client HTTP request to an internal Tomcat application server using the AJP protocol.

To respond to the question ”Why should I use mod_proxy_ajp rather than a classic mod_proxy ?”, here is a small recap:

  • You can gain a lot of flexibility (lot of the apache modules/features can be used especially “name-based virtual hosting”)
  • Practical for those who need to support Java applications along with PHP / Perl … (only one apache server is needed)
  • Certificates management is easier in apache configuration (this argument is a lot subjective)
  • It's not Tomcat's main objective to serve http static resources (not optimized for that)
  • Load balancing/cluster management is easier with an apache frontend

Tomcat configuration

You just have to create the AJP connector in the conf/server.xml file like that: 

<Connector port="8009" enableLookups="false" redirectPort="8443" protocol="AJP/1.3" />

This line will enable AJP connections to the 8009 port of your tomcat server (localhost for example).

Apache2 configuration

One way (useful if this apache is a global front end) is to create a virtual host for this application. 

Listen 1979
NameVirtualHost *:1979
<VirtualHost *:1979>
   ServerName localhost
   ErrorLog /var/log/apache2/ajp.error.log
   CustomLog /var/log/apache2/ajp.log combined
 
   <Proxy *>
     AddDefaultCharset Off
     Order deny,allow
     Allow from all
   </Proxy>
 
   ProxyPass / ajp://localhost:8009/
   ProxyPassReverse / ajp://localhost:8009/
</VirtualHost>
  • ProxyPass and ProxyPassReverse are classic reverse proxy directives used to forward the stream to another location.
  • ajp://... is the AJP connector location (your tomcat's server host/port)

What's the result ?

A web client will connect through HTTP to http://localhost:1979/ (supposing your apache2 server is running on localhost), the mod_proxy_ajp will forward you request transparently using the AJP protocol to the tomcat application server on localhost:8009.

, , , , ,

Discussion

MunkhbayarMunkhbayar, 2008/11/26 09:44

Hi. I follewed the above inctoructions and I got this:

Forbidden

You don't have permission to access /testAJP/index.jsp on this server.

What was wrong with me? and What should i do to resolve this?

Stéphane GullyStéphane Gully, 2008/11/27 08:14

Try to look at the apache log and at the tomcat log to see which one is blocking the access.

TyPhamTyPham, 2009/03/25 05:37

Hi, I want to configure this mod_proxy_ajp with Glassfish instead Tomcat, in this case does it support?

Stéphane GullyStéphane Gully, 2009/07/03 19:49

I don't know, I never used Glassfish.

Konstantin PetrukhnovKonstantin Petrukhnov, 2009/06/18 10:24

Thanks! it is most clearest explanation that i found in the internet. ErrorLog, CustomLog are optional If you specify <VirtualHost www.strangehostname.net:80> Then it will handle only requests that will go to www.strangehostname.net:80 All other requests will not be handled by this proxy.

Tip: you could specify separate ajp port per each service in tomcat. And then assign them to different hostnames in apache.

ShivaShiva, 2009/07/03 19:40

Please tell me what are all the modules in APACHE 2.2.10 needs to be enabled…

Thanks in advance

Stéphane GullyStéphane Gully, 2009/07/03 19:48

Its name is mod_proxy_ajp.

..alee..alee, 2009/07/15 17:13

one of the best explanation. I have been trying to work on it since yesterday but could not figure it out. but now it's working

ok one question, i want to add ProxyPassMatch directive. If i put in VirtualHost then it gives me error. Can someone help?

<VirtualHost *:80> 

 ServerName localhost
 <Proxy *>
   AddDefaultCharset Off
   Order deny,allow
   Allow from all
 </Proxy>
 ProxyPass / ajp://localhost:8009/
 ProxyPassReverse / ajp://localhost:8009/

# ProxyPassMatch ^(/photos/.*\.jpg)$! 

 
Alias /photos "F:\projects\AL\Photos"
<Directory "F:\projects\AL\Photos">
	Options Indexes MultiViews
	AllowOverride None
	Order allow,deny
	Allow from all
</Directory>

</VirtualHost>

NirmalNirmal, 2009/10/01 13:45

Thank You Very Much for the post. Saved me like nothing.

Thanks again.

Enter your comment
 

Categories

Partners

 
 

Recent changes RSS feed Valid XHTML 1.0 Valid CSS Driven by DokuWiki