Prev   Next

Deploying

Table of Contents

1. Deploying into the Java WS Core container
1.1. Deploying and undeploying services
1.2. Recommended JVM settings for the Java WS Core container
2. Deploying into Tomcat
2.1. web.xml configuration
2.2. Enabling local invocations
2.3. Debugging
2.4. Creating WAR file
2.5. Deploying and undeploying services
3. Deploying into JBoss

The Globus services can be run either in the standalone Java WS Core container that is installed with GT, or deployed into Tomcat.

1. Deploying into the Java WS Core container

The standalone Java WS Core container can be started and stopped with the provided globus-start-container and globus-stop-container programs. There are also helper programs (available only with the full GT installation) to start and stop the container detached from the controlling terminal (globus-start-container-detached and globus-stop-container-detached).

1.1. Deploying and undeploying services

To deploy a service into Java WS Core container use the globus-deploy-gar tool. To undeploy a service use globus-undeploy-gar.

1.2. Recommended JVM settings for the Java WS Core container

It is recommended to increase the maximum heap size of the JVM when running the container. By default on Sun JVMs a 64MB maximum heap size is used. The maximum heap size can be set using the -Xmx JVM option. Example: 

 $ setenv GLOBUS_OPTIONS -Xmx512M $ $GLOBUS_LOCATION/bin/globus-start-container

The above example will make the container start with maximum heap size set to 512MB.

It is also recommended to experiment with other JVM settings to improve performance. For example, the -server option on Sun JVMs enables a server VM which can deliver better performance for server applications.

2. Deploying into Tomcat

To deploy a Java WS Core installation into Tomcat run:

$ cd $GLOBUS_LOCATION $ ant -f share/globus_wsrf_common/tomcat/tomcat.xml
    deploySecureTomcat \ -Dtomcat.dir=<tomcat.dir>

Where <tomcat.dir> is an absolute path to the Tomcat installation directory. Also, -Dwebapp.name=<name> can be specified to set the name of the web application under which the installation will be deployed. By default "wsrf" web application name is used.

The deploySecureTomcat task will update an existing Tomcat deployment if Java WS Core was already deployed under the specified web application name. The redeploySecureTomcat task can be used instead to overwrite the existing deployment.

[Note]Note

Please note that during deployment a subset of the files from Java WS Core installation is copied into Tomcat. Also, the copied files in Tomcat might have different permissions then the originals.

In addition to the above deployment step you will also need to modify the Tomcat <tomcat_root>/conf/server.xml configuration file. In particular you will need to add the following configuration entries:

  • Tomcat 4.1.x

    1. Add a HTTPS Connector in the <Service name="Tomcat-Standalone"> section and update the parameters appropriately with your local configuration:

      <Connector
            className="org.apache.catalina.connector.http.HttpConnector"
            port="8443" minProcessors="5"
            maxProcessors="75" authenticate="true"
            secure="true" scheme="https"
            enableLookups="true" acceptCount="10"
            debug="0"> <Factory
            className="org.globus.tomcat.catalina.net.HTTPSServerSocketFactory"
            proxy="/path/to/proxy/file"
            cert="/path/to/certificate/file"
            key="/path/to/private/key/file"
            cacertdir="/path/to/ca/certificates/directory"
            encryption="true"/> </Connector>

      In the above the proxy, cert, key and cacertdir attributes are optional. Furthermore, the proxy and the combination of cert and key attributes are mutually exclusive. The encryption attribute is also optional (defaults to true if not set).

      [Important]Important

      The credentials and certificate configuration is used only by the connector and is not used by the rest of the web services stack in Globus Toolkit. To configure credentials for use in the toolkit, refer Section 1, “Security Descriptors Introduction”.

      The mode attribute can also be set to specify the connection mode. There are two supported connection modes: ssl and gsi. The ssl mode indicates a regular SSL connection mode. The gsi mode indicates a SSL connection mode with transport-level delegation support. The ssl mode is the default mode if the mode attribute is not specified. Please note that the gsi mode is intended for advanced users only.

    2. Add a HTTPS Valve in the <Engine name="Standalone" ... > section:

      <Valve
            className="org.globus.tomcat.catalina.valves.HTTPSValve"/>

  • Tomcat 5.0.x

    1. Add a HTTPS Connector in the <Service name="Catalina"> section and update the parameters appropriately with your local configuration: 

      <Connector
            className="org.globus.tomcat.coyote.net.HTTPSConnector"
            port="8443" maxThreads="150"
            minSpareThreads="25" maxSpareThreads="75"
            autoFlush="true" disableUploadTimeout="true"
            scheme="https" enableLookups="true"
            acceptCount="10" debug="0"
            proxy="/path/to/proxy/file"
            cert="/path/to/certificate/file"
            key="/path/to/private/key/file"
            cacertdir="/path/to/ca/certificates/directory"
            encryption="true"/>

      In the above the proxy, cert, key and cacertdir attributes are optional. Furthermore, the proxy and the combination of cert and key attributes are mutually exclusive. The encryption attribute is also optional (defaults to true if not set).

      [Important]Important

      The credentials and certificate configuration is used only by the connector and is not used by the rest of the web services stack in Globus Toolkit. To configure credentials for use in the toolkit, refer Section 1, “Security Descriptors Introduction”.

      The mode attribute can also be set to specify the connection mode. There are two supported connection modes: ssl and gsi. The ssl mode indicates a regular SSL connection mode. The gsi mode indicates a SSL connection mode with transport-level delegation support. The ssl mode is the default mode if the mode attribute is not specified. Please note that the gsi mode is intended for advanced users only.

    2. Add a HTTPS Valve in the <Engine name="Catalina" ... > section:

      <Valve
            className="org.globus.tomcat.coyote.valves.HTTPSValve"/>

  • Tomcat 5.5.x

    1. Add a HTTPS Connector in the <Service name="Catalina"> section of the Tomcat config file and update the parameters appropriately with your local configuration: 

       
   <Connector
   className="org.globus.tomcat.coyote.net.HTTPSConnector"
   port="8443" maxThreads="150"
   minSpareThreads="25" maxSpareThreads="75"
   autoFlush="true" disableUploadTimeout="true"
   scheme="https" enableLookups="true"
   acceptCount="10" debug="0"
   protocolHandlerClassName="org.apache.coyote.http11.Http11Protocol"
   socketFactory="org.globus.tomcat.catalina.net.BaseHTTPSServerSocketFactory"
   proxy="/path/to/proxy/file" cert="/path/to/certificate/file"
   key="/path/to/private/key/file"
   cacertdir="/path/to/ca/certificates/directory"
   encryption="true"/>

      In the above the proxy, cert, key and cacertdir attributes are optional. Furthermore, the proxy and the combination of cert and key attributes are mutually exclusive. The encryption attribute is also optional (defaults to true if not set).

      [Important]Important

      The credentials and certificate configuration is used only by the connector and is not used by the rest of the web services stack in Globus Toolkit. To configure credentials for use in the toolkit, refer Section 1, “Security Descriptors Introduction”.

      The mode attribute can also be set to specify the connection mode. There are two supported connection modes: ssl and gsi. The ssl mode indicates a regular SSL connection mode. The gsi mode indicates a SSL connection mode with transport-level delegation support. The ssl mode is the default mode if the mode attribute is not specified. Please note that the gsi mode is intended for advanced users only.

    2. Add a HTTPS Valve in the <Engine name="Catalina" ... > section of the Tomcat config file:

      <Valve
   className="org.globus.tomcat.coyote.valves.HTTPSValve55"/>
[Note]Note

It is recommend to run Tomcat with Java 1.4.2+.

2.1.  web.xml configuration

You may have to edit <tomcat.dir>/webapps/wsrf/WEB-INF/web.xml if you are running Tomcat on a non-default port, that is if not using port 8443 (HTTPS). For example, if you run Tomcat on port 443 using HTTPS then the WSRF servlet entry should be modified to have the following defaultProtocol and defaultPort parameters:

<web-app> ... <servlet>
      <servlet-name>WSRFServlet</servlet-name>
      <display-name>WSRF Container Servlet</display-name>
      <servlet-class> org.globus.wsrf.container.AxisServlet
      </servlet-class> <init-param>
      <param-name>defaultProtocol</param-name>
      <param-value>https</param-value> </init-param>
      <init-param> <param-name>defaultPort</param-name>
      <param-value>443</param-value> </init-param>
      <load-on-startup>true</load-on-startup> </servlet>
      ... </web-app>

Alternatively, you can use the setDefaults Ant task to set the default protocol/port in the web.xml file: 

$ cd $GLOBUS_LOCATION $ ant -f share/globus_wsrf_common/tomcat/tomcat.xml setDefaults \
        -Dtomcat.dir=<tomcat.dir> \
        -DdefaultPort=<port>
        -DdefaultProtocol=<protocol>

Also, by default the webContext property is set to the directory name of the web application on the file system. However, sometimes the context under which the web application is published might be different from the directory name of the application. In such cases it is necessary to explicitly configure the published context name in the web.xml file. To configure the web application context name set the webContext parameter in web.xml file. For example (assuming services are published under http://localhost:8080/foo/services) the webContext should be set to:

<web-app> ... <servlet>
      <servlet-name>WSRFServlet</servlet-name> ...
      <init-param> <param-name>webContext</param-name>
      <param-value>foo</param-value> </init-param> ...
      <load-on-startup>true</load-on-startup> </servlet>
      ... </web-app>

2.2. Enabling local invocations

To enable local invocation in Tomcat you must add axis-url.jar to the CLASSPATH before starting Tomcat.

For example on Windows: 

> cd <tomcat.dir> > set
      CLASSPATH=<tomcat.dir>\common\lib\axis-url.jar > bin\startup

On Unix/Linux (csh/tcsh): 

$ cd <tomcat.dir> $ setenv CLASSPATH
      <tomcat.dir>/common/lib/axis-url.jar $ bin/startup

2.3. Debugging

2.3.1. Tomcat log files

Please always check the Tomcat log files under the <tomcat.dir>/logs directory for any errors or exceptions.

2.3.2. Enabling Log4J debugging

  • Tomcat 4.1.x

    Copy $GLOBUS_LOCATION/lib/common/commons-logging-*.jar files to <tomcat.dir>/common/lib directory. Also, copy <tomcat.dir>/webapps/wsrf/WEB-INF/classes/log4j.properties file to <tomcat.dir>/common/classes/ directory. Then configure the Log4j configuration file in <tomcat.dir>/common/classes/ directory appropriately. The debugging settings will affect all the code in all web applications.

  • Tomcat 5.0.x, 5.5.x

    Copy $GLOBUS_LOCATION/lib/common/log4j-*.jar and $GLOBUS_LOCATION/lib/common/commons-logging-*.jar files to <tomcat.dir>/webapps/wsrf/WEB-INF/lib/ directory. Then configure the Log4j configuration file in <tomcat.dir>/webapps/wsrf/WEB-INF/classes/ directory appropriately. The debugging settings will only affect the web application code.

2.4. Creating WAR file

To create a .war of a Java WS Core installation do: 

$ cd $GLOBUS_LOCATION $ ant -f share/globus_wsrf_common/tomcat/tomcat.xml war
        -Dwar.file=<war.file>

Where <war.file> specifies the absolute path of the war file.

Please note that deploying a war file might not be enough to have a working Java WS Core deployment. For example, in some cases the xalan.jar must be placed in the endorsed directory of the container.

2.5. Deploying and undeploying services

Assuming Java WS Core is already deployed into Apache Tomcat (as described in Deploying Java WS Core), use the globus-deploy-gar tool with the -tomcat <tomcat.dir> option to deploy your GT service directly into Tomcat. Similarly, to undeploy a service, use the globus-undeploy-gar tool with the -tomcat <tomcat.dir> option to undeploy the service from Tomcat.

Alternatively, to indirectly deploy a service into Tomcat, first deploy the service into a regular GT installation using the globus-deploy-gar tool and then redeploy the GT installation into Tomcat (as described in Deploying Java WS Core). Similarly, to undeploy a service, first undeploy the service from a regular GT installation using globus-undeploy-gar tool and then redeploy the GT installation into Tomcat.

[Note]Note

Some GT services may not work properly in Tomcat.

3. Deploying into JBoss

To deploy a Java WS Core installation into JBoss (version 4.0.x+) do the following:

  1. Run:

    $ cd $GLOBUS_LOCATION $ ant -f share/globus_wsrf_common/tomcat/jboss.xml
            deployJBoss \ -Djboss.dir=<jboss.dir>

    Where <jboss.dir> is an absolute path to the JBoss installation directory. Also, -Dwebapp.name=<name> can be specified to set the name of the web application under which the installation will be deployed. By default "wsrf" web application name is used.

  2. Add a HTTPS Connector in the <Service name="Catalina"> section of the Tomcat config file and update the parameters appropriately with your local configuration: 

     
   <Connector
   className="org.globus.tomcat.coyote.net.HTTPSConnector"
   port="8443" maxThreads="150"
   minSpareThreads="25" maxSpareThreads="75"
   autoFlush="true" disableUploadTimeout="true"
   scheme="https" enableLookups="true"
   acceptCount="10" debug="0"
   protocolHandlerClassName="org.apache.coyote.http11.Http11Protocol"
   socketFactory="org.globus.tomcat.catalina.net.BaseHTTPSServerSocketFactory"
   proxy="/path/to/proxy/file" cert="/path/to/certificate/file"
   key="/path/to/private/key/file"
   cacertdir="/path/to/ca/certificates/directory"
   encryption="true"/>

    In the above the proxy, cert, key and cacertdir attributes are optional. Furthermore, the proxy and the combination of cert and key attributes are mutually exclusive. The encryption attribute is also optional (defaults to true if not set).

    [Important]Important

    The credentials and certificate configuration is used only by the connector and is not used by the rest of the web services stack in Globus Toolkit. To configure credentials for use in the toolkit, refer Section 1, “Security Descriptors Introduction”.

    The mode attribute can also be set to specify the connection mode. There are two supported connection modes: ssl and gsi. The ssl mode indicates a regular SSL connection mode. The gsi mode indicates a SSL connection mode with transport-level delegation support. The ssl mode is the default mode if the mode attribute is not specified. Please note that the gsi mode is intended for advanced users only.

  3. Add a HTTPS Valve in the <Engine name="Catalina" ... > section of the Tomcat config file:

    <Valve
   className="org.globus.tomcat.coyote.valves.HTTPSValve55"/>
[Note]Note

JBoss 4.0.x+ installation with embedded Tomcat is required.

The Tomcat configuration file should be under <jboss.dir>/default/deploy/jbossweb-tomcat55.sar/server.xml.

Prev   Next
Configuring Home Testing