core-jgi/jboss/server/adempiere/deploy/jbossweb-tomcat55.sar/serverTemplate.xml

128 lines
6.0 KiB
XML

<Server>
<!-- Use a custom version of StandardService that allows the
connectors to be started independent of the normal lifecycle
start to allow web apps to be deployed before starting the
connectors.
-->
<Service name="jboss.web"
className="org.jboss.web.tomcat.tc5.StandardService">
<!-- A HTTP/1.1 Connector on port 8080 -->
<Connector port="@ADEMPIERE_WEB_PORT@" address="${jboss.bind.address}"
maxThreads="250" strategy="ms" maxHttpHeaderSize="8192"
emptySessionPath="true"
enableLookups="false" redirectPort="@ADEMPIERE_SSL_PORT@" acceptCount="100"
connectionTimeout="20000" disableUploadTimeout="true"/>
<!-- A AJP 1.3 Connector on port 8009 -->
<Connector port="8009" address="${jboss.bind.address}"
emptySessionPath="true" enableLookups="false" redirectPort="8443"
protocol="AJP/1.3"/>
<!-- SSL/TLS Connector configuration using the admin devl guide keystore -->
<Connector port="@ADEMPIERE_SSL_PORT@" address="${jboss.bind.address}"
maxThreads="100" strategy="ms" maxHttpHeaderSize="8192"
emptySessionPath="true"
scheme="https" secure="true" clientAuth="false"
keystoreFile="@ADEMPIERE_KEYSTORE@"
keystorePass="@ADEMPIERE_KEYSTOREPASS@"
sslProtocol = "TLS" />
<Engine name="jboss.web" defaultHost="localhost">
<!-- The JAAS based authentication and authorization realm implementation
that is compatible with the jboss 3.2.x realm implementation.
- certificatePrincipal : the class name of the
org.jboss.security.auth.certs.CertificatePrincipal impl
used for mapping X509[] cert chains to a Princpal.
-->
<Realm className="org.jboss.web.tomcat.security.JBossSecurityMgrRealm"
certificatePrincipal="org.jboss.security.auth.certs.SubjectDNMapping"
/>
<!-- A subclass of JBossSecurityMgrRealm that uses the authentication
behavior of JBossSecurityMgrRealm, but overrides the authorization
checks to use JACC permissions with the current java.security.Policy
to determine authorized access.
<Realm className="org.jboss.web.tomcat.security.JaccAuthorizationRealm"
certificatePrincipal="org.jboss.security.auth.certs.SubjectDNMapping"
/>
-->
<Host name="localhost"
autoDeploy="false" deployOnStartup="false" deployXML="false">
<!-- Uncomment to enable request dumper. This Valve "logs interesting
contents from the specified Request (before processing) and the
corresponding Response (after processing). It is especially useful
in debugging problems related to headers and cookies."
-->
<!--
<Valve className="org.apache.catalina.valves.RequestDumperValve" />
-->
<!-- Access logger -->
<!--
<Valve className="org.apache.catalina.valves.FastCommonAccessLogValve"
prefix="localhost_access_log." suffix=".log"
pattern="common" directory="${jboss.server.home.dir}/log"
resolveHosts="false" />
-->
<!-- Uncomment to enable single sign-on across web apps
deployed to this host. Does not provide SSO across a cluster.
If this valve is used, do not use the JBoss ClusteredSingleSignOn
valve shown below.
-->
<!--
<Valve className="org.apache.catalina.authenticator.SingleSignOn" />
-->
<!-- Uncomment to enable single sign-on across web apps
deployed to this host AND to all other hosts in the cluster
with the same virtual hostname.
If this valve is used, do not use the standard Tomcat SingleSignOn
valve shown above.
This valve uses JGroups to communicate across the cluster. The
JGroups Channel used for this communication can be configured
by editing the "sso-channel.xml" file found in the same folder
as this file. If this valve is running on a machine with multiple
IP addresses, configuring the "bind_addr" property of the JGroups
UDP protocol may be necessary. Another possible configuration
change would be to enable encryption of intra-cluster communications.
See the sso-channel.xml file for more details.
Besides the attributes supported by the standard Tomcat
SingleSignOn valve (see the Tomcat docs), this version also supports
the following attribute:
partitionName the name of the cluster partition in which
this node participates. If not set, the default
value is "sso-partition/" + the value of the
"name" attribute of the Host element that
encloses this element (e.g. "sso-partition/localhost")
-->
<!--
<Valve className="org.jboss.web.tomcat.tc5.sso.ClusteredSingleSignOn" />
-->
<!-- Uncomment to check for unclosed connections and transaction terminated checks
in servlets/jsps.
Important: You need to uncomment the dependency on the CachedConnectionManager
in META-INF/jboss-service.xml
<Valve className="org.jboss.web.tomcat.tc5.jca.CachedConnectionValve"
cachedConnectionManagerObjectName="jboss.jca:service=CachedConnectionManager"
transactionManagerObjectName="jboss:service=TransactionManager" />
-->
</Host>
</Engine>
</Service>
</Server>