Added by bowens, last edited by Mike Pumphrey on Apr 18, 2008  (view change)

Labels

 
(None)

War-file Installation for Servlet Containers

How to install GeoServer into servlet containers such as Tomcat, Jetty, and Jboss.

Under Construction
This page is under construction.

Following are some instructions on how to deploy Geoserver in Tomcat. These were tested on Debian etch using Tomcat 5.5. Depending on your platform and Tomcat setup these will vary.

Tomcat setup

The easiest method to deploy GeoServer is to use the administration or manager webapps. First a user(s) with the role "admin" (for administration webapp) or "manager" (for manager webapp) must be defined in
$CATALINA_HOME/conf/tomcat-users.xml

Enabling administration from a remote host

To enable remote administration you will also need to edit $CATALINA_HOME/conf/Catalina/localhost/admin.xml and manager.xml and add a request filter for the hostname or TCP/IP address of your administrative host.

Configuring the Tomcat security manager.

See the Security Manager HOW-TO. I needed to add the following entries to $CATALINA_HOME/conf/catalina.policy (note that if you are using the Debian Tomcat packages you will need to edit /etc/tomcat5.5/policy.d/04webapps.policy as catalina.policy is automatically built from the files in policy.d at Tomcat startup)

// The permissions granted to Geoserver
grant codebase "file:/var/lib/tomcat5.5/webapps/geoserver/-" {
        permission java.io.FilePermission "/var/lib/tomcat5.5/webapps/geoserver/data/-", "read,write,delete";
        permission java.util.PropertyPermission "*", "read,write";
        permission java.util.logging.LoggingPermission  "control";
        permission java.lang.RuntimePermission "getClassLoader";
        permission java.lang.RuntimePermission "preferences";
        permission java.lang.RuntimePermission "shutdownHooks";
        permission java.lang.reflect.ReflectPermission "suppressAccessChecks";
};

Deploying GeoServer

See GeoServer in Production Environment.  The Tomcat manager HowTo might be useful:http://tomcat.apache.org/tomcat-5.5-doc/html-manager-howto.html.

The meaning of "$CATALINA_HOME" is not explained. It looks like the name of a shell environment variable, but I don't know what defines it and what it should point to.

Posted by Scot E. Wilcoxon at Aug 29, 2007 14:12 Updated by Scot E. Wilcoxon

In the manager (http://localhost:8180/ on Debian) the variable is explained:
$CATALINA_HOME/webapps/ROOT/index.jsp
where "$CATALINA_HOME" is the root of the Tomcat installation directory.

You can find the installation directory with
dpkg -L tomcat5.5
which reveals this path (on Debian):
/var/lib/tomcat5.5/

Posted by mawe at Nov 28, 2007 08:22

There were some more permissions to set (see above) to run the examples:
//permission java.io.FilePermission "/var/lib/tomcat5.5/webapps/geoserver/data/sf/-", "read";
//permission java.io.FilePermission "/var/lib/tomcat5.5/temp/-", "read,write,delete";
// the above does not work, but relative paths seem to work
// add permission to read, write, delete for the data directory:
permission java.io.FilePermission "data/-", "read,write,delete";
// the following does not seem to be necessary:
//permission java.net.SocketPermission "127.0.0.1:8180", "connect";
//permission java.net.SocketPermission "127.0.0.1:8180", "resolve";

Errors were in the logfile (/var/log/tomcat5.5/catalina_.log):
Source could not be instantiated: java.security.AccessControlException: access denied (java.io.FilePermission /var/lib/tomcat5.5/temp/Geotools read)
4420SEVEREorg.vfny.geoserver.global.Data - FeatureTypeInfo sfRoads:::roads ignored - as DataStore sfRoads is broken:java.security.AccessControlException: access denied (java.io.FilePermission data/sf/roads.shp read)

Posted by mawe at Nov 28, 2007 10:37 Updated by mawe

Under construction for 8 months.

Posted by Scot E. Wilcoxon at Nov 29, 2007 15:03 Updated by Scot E. Wilcoxon

Because I've been told that running Ubuntu Tomcat is not a good idea, I installed Tomcat 6 from Apache's site.  I installed the GeoServer 1.6.3 .war file and it was running.  But Tomcat was running as root, which is also not a good idea.  So I ran it as user tomcat and added "-security" to startup.sh so the catalina.policy file would be invoked.  Now GeoServer won't start due to a "logging.properties" file which doesn't exist. "SEVERE: Error deploying web application archive geoserver.war
java.security.AccessControlException: access denied (java.io.FilePermission /opt
/apache-tomcat-6.0.16/webapps/geoserver/WEB-INF/classes/logging.properties read)"

If it's not one thing it's another. 

Just wanted to note that I appear to have had success installing from the WAR file on my Jetty based server.  I simply cd'd to my webapps folder under my Jetty install directory, wget'd the WAR file , unzipped, and then restarted the Jetty server.

Everything seems to work fine.

The server I am running this on is the Fedora-based Amazon EC2 instance that includes Jetty and Open BlueDragon, ami-041da868

remote administration worked out of the box also.  That doesn't seem right considering some of the other documentation here but maybe its just an EC2 thing.

The war file works out-of-the-box with the glassfish application server (v2ur2).

1) Install glassfish like explained
2) mv the war file to the autodeploy directory (optional, you can use the web admin to upload the war)
3)

Powered by a free Atlassian Confluence Open Source Project License granted to GeoServer . Evaluate Confluence today.

GeoServer wiki is hosted by OpenGeo - Contact Administrators