Gitiles
Code Review Sign In
source.supwisdom.com / UniIdentify / tomcat / fd5ee81fec460cbe9ad65f300b0faf1bf03c19bc / . / tomcat-uid / webapps / docs / config / ajp.html
blob: 830e271c9efa5001c491cf7ce85161974e723495 [file] [log] [blame]
<html><head><META http-equiv="Content-Type" content="text/html; charset=iso-8859-1"><title>Apache Tomcat Configuration Reference (6.0.39) - The AJP Connector</title><meta name="author" content="Remy Maucherat"><meta name="author" content="Yoav Shapira"><meta name="author" content="Andrew R. Jaquith"><style type="text/css" media="print">
.noPrint {display: none;}
td#mainBody {width: 100%;}
</style></head><body bgcolor="#ffffff" text="#000000" link="#525D76" alink="#525D76" vlink="#525D76"><table border="0" width="100%" cellspacing="0"><!--PAGE HEADER--><tr><td><!--PROJECT LOGO--><a href="http://tomcat.apache.org/"><img src="../images/tomcat.gif" align="right" alt="
The Apache Tomcat Servlet/JSP Container
" border="0"></a></td><td><h1><font face="arial,helvetica,sanserif">Apache Tomcat 6.0</font></h1><font face="arial,helvetica,sanserif">Version 6.0.39, Jan 27 2014</font></td><td><!--APACHE LOGO--><a href="http://www.apache.org/"><img src="../images/asf-logo.gif" align="right" alt="Apache Logo" border="0"></a></td></tr></table><table border="0" width="100%" cellspacing="4"><!--HEADER SEPARATOR--><tr><td colspan="2"><hr noshade="noshade" size="1"></td></tr><tr><!--LEFT SIDE NAVIGATION--><td width="20%" valign="top" nowrap="nowrap" class="noPrint"><p><strong>Links</strong></p><ul><li><a href="../index.html">Docs Home</a></li><li><a href="index.html">Config Ref. Home</a></li></ul><p><strong>Top Level Elements</strong></p><ul><li><a href="server.html">Server</a></li><li><a href="service.html">Service</a></li></ul><p><strong>Executors</strong></p><ul><li><a href="executor.html">Executor</a></li></ul><p><strong>Connectors</strong></p><ul><li><a href="http.html">HTTP</a></li><li><a href="ajp.html">AJP</a></li></ul><p><strong>Containers</strong></p><ul><li><a href="context.html">Context</a></li><li><a href="engine.html">Engine</a></li><li><a href="host.html">Host</a></li><li><a href="cluster.html">Cluster</a></li></ul><p><strong>Nested Components</strong></p><ul><li><a href="globalresources.html">Global Resources</a></li><li><a href="listeners.html">Listeners</a></li><li><a href="loader.html">Loader</a></li><li><a href="manager.html">Manager</a></li><li><a href="realm.html">Realm</a></li><li><a href="resources.html">Resources</a></li><li><a href="valve.html">Valve</a></li></ul><p><strong>Cluster Elements</strong></p><ul><li><a href="cluster.html">Cluster</a></li><li><a href="cluster-manager.html">Manager</a></li><li><a href="cluster-channel.html">Channel</a></li><li><a href="cluster-membership.html">Channel/Membership</a></li><li><a href="cluster-sender.html">Channel/Sender</a></li><li><a href="cluster-receiver.html">Channel/Receiver</a></li><li><a href="cluster-interceptor.html">Channel/Interceptor</a></li><li><a href="cluster-valve.html">Valve</a></li><li><a href="cluster-deployer.html">Deployer</a></li><li><a href="cluster-listener.html">ClusterListener</a></li></ul><p><strong>Other</strong></p><ul><li><a href="filter.html">Filter</a></li><li><a href="systemprops.html">System properties</a></li></ul></td><!--RIGHT SIDE MAIN BODY--><td width="80%" valign="top" align="left" id="mainBody"><h1>Apache Tomcat Configuration Reference</h1><h2>The AJP Connector</h2><table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Table of Contents"><!--()--></a><a name="Table_of_Contents"><strong>Table of Contents</strong></a></font></td></tr><tr><td><blockquote>
<ul><li><a href="#Introduction">Introduction</a></li><li><a href="#Attributes">Attributes</a><ol><li><a href="#Common_Attributes">Common Attributes</a></li><li><a href="#Standard_Implementations">Standard Implementations</a></li></ol></li><li><a href="#Nested_Components">Nested Components</a></li></ul>
</blockquote></td></tr></table><table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Introduction"><strong>Introduction</strong></a></font></td></tr><tr><td><blockquote>
<p>The <strong>AJP Connector</strong> element represents a
<strong>Connector</strong> component that communicates with a web
connector via the <code>AJP</code> protocol. This is used for cases
where you wish to invisibly integrate Tomcat 6 into an existing (or new)
Apache installation, and you want Apache to handle the static content
contained in the web application, and/or utilize Apache's SSL
processing.</p>
<p>This connector supports load balancing when used in conjunction with
the <code>jvmRoute</code> attribute of the
<a href="engine.html">Engine</a>.</p>
<p>The native connectors supported with this Tomcat release are:
<ul>
<li>JK 1.2.x with any of the supported servers</li>
<li>mod_proxy on Apache httpd 2.x (included by default in Apache HTTP Server 2.2),
with AJP enabled: see
<a href="http://httpd.apache.org/docs/2.2/mod/mod_proxy_ajp.html">the httpd docs</a>
for details.</li>
</ul>
</p>
<p><b>Other native connectors supporting AJP may work, but are no longer supported.</b></p>
</blockquote></td></tr></table><table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Attributes"><strong>Attributes</strong></a></font></td></tr><tr><td><blockquote>
<table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Common Attributes"><!--()--></a><a name="Common_Attributes"><strong>Common Attributes</strong></a></font></td></tr><tr><td><blockquote>
<p>All implementations of <strong>Connector</strong>
support the following attributes:</p>
<table border="1" cellpadding="5"><tr><th width="15%" bgcolor="#023264"><font color="#ffffff">Attribute</font></th><th width="85%" bgcolor="#023264"><font color="#ffffff">Description</font></th></tr><tr><td align="left" valign="center"><code>allowTrace</code></td><td align="left" valign="center">
<p>A boolean value which can be used to enable or disable the TRACE
HTTP method. If not specified, this attribute is set to false.</p>
</td></tr><tr><td align="left" valign="center"><code>emptySessionPath</code></td><td align="left" valign="center">
<p>If set to <code>true</code>, all paths for session cookies will be set
to <code>/</code>. This can be useful for portlet specification implementations.
If not specified, this attribute is set to <code>false</code>.</p>
</td></tr><tr><td align="left" valign="center"><code>enableLookups</code></td><td align="left" valign="center">
<p>Set to <code>true</code> if you want calls to
<code>request.getRemoteHost()</code> to perform DNS lookups in
order to return the actual host name of the remote client. Set
to <code>false</code> to skip the DNS lookup and return the IP
address in String form instead (thereby improving performance).
By default, DNS lookups are disabled.</p>
</td></tr><tr><td align="left" valign="center"><code>maxHeaderCount</code></td><td align="left" valign="center">
<p>The maximum number of headers in a request that are allowed by the
container. A request that contains more headers than the specified limit
will be rejected. A value of less than 0 means no limit.
If not specified, a default of 100 is used.</p>
</td></tr><tr><td align="left" valign="center"><code>maxParameterCount</code></td><td align="left" valign="center">
<p>The maximum number of parameters (GET plus POST) which will be
automatically parsed by the container. A value of less than 0 means no
limit. If not specified, a default of 10000 is used. Note that
<code>FailedRequestFilter</code> <a href="filter.html">filter</a> can be
used to reject requests that hit the limit.</p>
</td></tr><tr><td align="left" valign="center"><code>maxPostSize</code></td><td align="left" valign="center">
<p>The maximum size in bytes of the POST which will be handled by
the container FORM URL parameter parsing. The feature can be disabled by
setting this attribute to a value less than or equal to 0.
If not specified, this attribute is set to 2097152 (2 megabytes).</p>
</td></tr><tr><td align="left" valign="center"><code>maxSavePostSize</code></td><td align="left" valign="center">
<p>The maximum size in bytes of the POST which will be saved/buffered by
the container during FORM or CLIENT-CERT authentication. For both types
of authentication, the POST will be saved/buffered before the user is
authenticated. For CLIENT-CERT authentication, the POST is buffered for
the duration of the SSL handshake and the buffer emptied when the request
is processed. For FORM authentication the POST is saved whilst the user
is re-directed to the login form and is retained until the user
successfully authenticates or the session associated with the
authentication request expires. The limit can be disabled by setting this
attribute to -1. Setting the attribute to zero will disable the saving of
POST data during authentication. If not specified, this attribute is set
to 4096 (4 kilobytes).</p>
</td></tr><tr><td align="left" valign="center"><code>parseBodyMethods</code></td><td align="left" valign="center">
<p>A comma-separated list of HTTP methods for which request
bodies will be parsed for request parameters identically
to POST. This is useful in RESTful applications that want to
support POST-style semantics for PUT requests.
Note that any setting other than <code>POST</code> causes Tomcat
to behave in a way that does against the intent of the servlet
specification.
The HTTP method TRACE is specifically forbidden here in accordance
with the HTTP specification.
The default is <code>POST</code></p>
</td></tr><tr><td align="left" valign="center"><strong><code>port</code></strong></td><td align="left" valign="center">
<p>The TCP port number on which this <strong>Connector</strong>
will create a server socket and await incoming connections. Your
operating system will allow only one server application to listen
to a particular port number on a particular IP address.</p>
</td></tr><tr><td align="left" valign="center"><code>protocol</code></td><td align="left" valign="center">
<p>Sets the protocol to handle incoming traffic. The default value is
<code>AJP/1.3</code> and configures
<code>org.apache.jk.server.JkCoyoteHandler</code> the original blocking
Java connector by default.<br>
If the <code>PATH</code> (Windows) or <code>LD_LIBRARY_PATH</code>
(on most unix systems) environment variables contain the Tomcat
native library, the native/APR connector will automatically be
configured instead.<br>
To use an explicit protocol rather than rely on the auto-switching
mechanism described above, the following values may be used:<br>
<code>org.apache.jk.server.JkCoyoteHandler</code>
- original blocking Java connector<br>
<code>org.apache.coyote.ajp.AjpProtocol</code>
- new blocking Java connector that supports an executor<br>
<code>org.apache.coyote.ajp.AjpAprProtocol</code>
- the APR/native connector.<br>
Custom implementations may also be used.</p>
</td></tr><tr><td align="left" valign="center"><code>proxyName</code></td><td align="left" valign="center">
<p>If this <strong>Connector</strong> is being used in a proxy
configuration, configure this attribute to specify the server name
to be returned for calls to <code>request.getServerName()</code>.
See <a href="#Proxy Support">Proxy Support</a> for more
information.</p>
</td></tr><tr><td align="left" valign="center"><code>proxyPort</code></td><td align="left" valign="center">
<p>If this <strong>Connector</strong> is being used in a proxy
configuration, configure this attribute to specify the server port
to be returned for calls to <code>request.getServerPort()</code>.
See <a href="#Proxy Support">Proxy Support</a> for more
information.</p>
</td></tr><tr><td align="left" valign="center"><code>redirectPort</code></td><td align="left" valign="center">
<p>If this <strong>Connector</strong> is supporting non-SSL
requests, and a request is received for which a matching
<code>&lt;security-constraint&gt;</code> requires SSL transport,
Catalina will automatically redirect the request to the port
number specified here.</p>
</td></tr><tr><td align="left" valign="center"><code>request.registerRequests</code></td><td align="left" valign="center">
<p>This attribute controls request registration for JMX monitoring
of the Connector. It is enabled by default, but may be turned
it off to save a bit of memory.</p>
</td></tr><tr><td align="left" valign="center"><code>scheme</code></td><td align="left" valign="center">
<p>Set this attribute to the name of the protocol you wish to have
returned by calls to <code>request.getScheme()</code>. For
example, you would set this attribute to "<code>https</code>"
for an SSL Connector. The default value is "<code>http</code>".
See <a href="#SSL Support">SSL Support</a> for more information.</p>
</td></tr><tr><td align="left" valign="center"><code>secure</code></td><td align="left" valign="center">
<p>Set this attribute to <code>true</code> if you wish to have
calls to <code>request.isSecure()</code> to return <code>true</code>
for requests received by this Connector (you would want this on an
SSL Connector). The default value is <code>false</code>.</p>
</td></tr><tr><td align="left" valign="center"><code>URIEncoding</code></td><td align="left" valign="center">
<p>This specifies the character encoding used to decode the URI bytes,
after %xx decoding the URL. If not specified, ISO-8859-1 will be used.
</p>
</td></tr><tr><td align="left" valign="center"><code>useBodyEncodingForURI</code></td><td align="left" valign="center">
<p>This specifies if the encoding specified in contentType should be used
for URI query parameters, instead of using the URIEncoding. This
setting is present for compatibility with Tomcat 4.1.x, where the
encoding specified in the contentType, or explicitly set using
Request.setCharacterEncoding method was also used for the parameters from
the URL. The default value is <code>false</code>.
</p>
</td></tr><tr><td align="left" valign="center"><code>useIPVHosts</code></td><td align="left" valign="center">
<p>Set this attribute to <code>true</code> to cause Tomcat to use
the ServerName passed by the native web server to determine the Host
to send the request to. The default value is <code>false</code>.</p>
</td></tr><tr><td align="left" valign="center"><code>xpoweredBy</code></td><td align="left" valign="center">
<p>Set this attribute to <code>true</code> to cause Tomcat to advertise
support for the Servlet specification using the header recommended in the
specification. The default value is <code>false</code>.</p>
</td></tr></table>
</blockquote></td></tr></table>
<table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#828DA6"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Standard Implementations"><!--()--></a><a name="Standard_Implementations"><strong>Standard Implementations</strong></a></font></td></tr><tr><td><blockquote>
<p>To use AJP, you
must specify the protocol attribute (see above).</p>
<p><strong>These implementations support the AJP 1.3 protocol.</strong></p>
<p>They support the following additional attributes (in addition to the
common attributes listed above):</p>
<table border="1" cellpadding="5"><tr><th width="15%" bgcolor="#023264"><font color="#ffffff">Attribute</font></th><th width="85%" bgcolor="#023264"><font color="#ffffff">Description</font></th></tr><tr><td align="left" valign="center"><code>address</code></td><td align="left" valign="center">
<p>For servers with more than one IP address, this attribute
specifies which address will be used for listening on the specified
port. By default, this port will be used on all IP addresses
associated with the server. A value of <code>127.0.0.1</code>
indicates that the Connector will only listen on the loopback
interface.</p>
</td></tr><tr><td align="left" valign="center"><code>backlog</code></td><td align="left" valign="center">
<p>The maximum queue length for incoming connection requests when
all possible request processing threads are in use. Any requests
received when the queue is full will be refused. The default
value is 100.</p>
</td></tr><tr><td align="left" valign="center"><code>bufferSize</code></td><td align="left" valign="center">
<p>The size of the output buffer to use. If less than or equal to zero,
then output buffering is disabled. The default value is -1
(i.e. buffering disabled)</p>
</td></tr><tr><td align="left" valign="center"><code>clientCertProvider</code></td><td align="left" valign="center">
<p>When client certificate information is presented in a form other than
instances of <code>java.security.cert.X509Certificate</code> it needs to
be converted before it can be used and this property controls which JSSE
provider is used to perform the conversion. For example it is used with
the AJP connectors, the <a href="http.html">HTTP APR connector</a> and
with the <a href="valve.html#SSL_Authenticator_Valve">
org.apache.catalina.valves.SSLValve</a>.If not specified, the default
provider will be used.</p>
</td></tr><tr><td align="left" valign="center"><code>connectionTimeout</code></td><td align="left" valign="center">
<p>The number of milliseconds this <strong>Connector</strong> will wait,
after accepting a connection, for the request URI line to be
presented. The default value is infinite (i.e. no timeout).</p>
</td></tr><tr><td align="left" valign="center"><code>deferAccept</code></td><td align="left" valign="center">
<p>Sets the <code>TCP_DEFER_ACCEPT</code> flag on the listening socket for
this connector. The default value is <code>true</code> where
<code>TCP_DEFER_ACCEPT</code> is supported by the operating system,
otherwise it is <code>false</code>.</p>
</td></tr><tr><td align="left" valign="center"><code>executor</code></td><td align="left" valign="center">
<p>A reference to the name in an <a href="executor.html">Executor</a> element.
If this attribute is enabled, and the named executor exists, the connector will
use the executor, and all the other thread attributes will be ignored.
This attribute is not supported by the original blocking Java
connector.</p>
</td></tr><tr><td align="left" valign="center"><code>keepAliveTimeout</code></td><td align="left" valign="center">
<p>The number of milliseconds this <strong>Connector</strong> will wait for
another AJP request before closing the connection.
The default value is to use the value that has been set for the
connectionTimeout attribute.</p>
</td></tr><tr><td align="left" valign="center"><code>maxThreads</code></td><td align="left" valign="center">
<p>The maximum number of request processing threads to be created
by this <strong>Connector</strong>, which therefore determines the
maximum number of simultaneous requests that can be handled. If
not specified, this attribute is set to 200. If an executor is associated
with this connector, this attribute is ignored as the connector will
execute tasks using the executor rather than an internal thread pool.</p>
</td></tr><tr><td align="left" valign="center"><code>packetSize</code></td><td align="left" valign="center">
<p>This attribute sets the maximum AJP packet size in Bytes. The maximum
value is 65536. It should be the same as the <code>max_packet_size</code>
directive configured for mod_jk. Normally it is not necessary to change
the maximum packet size. Problems with the default value have been
reported when sending certificates or certificate chains. The default
value is 8192.</p>
</td></tr><tr><td align="left" valign="center"><strong><code>port</code></strong></td><td align="left" valign="center">
<p>The TCP port number on which this <strong>Connector</strong>
will create a server socket and await incoming connections. Your
operating system will allow only one server application to listen
to a particular port number on a particular IP address.</p>
</td></tr><tr><td align="left" valign="center"><code>request.secret</code></td><td align="left" valign="center">
<p>Only requests from workers with this secret keyword will be accepted.
</p>
</td></tr><tr><td align="left" valign="center"><code>request.shutdownEnabled</code></td><td align="left" valign="center">
<p>If true and a secret has been configured, a correctly formatted AJP
request (that includes the secret) will shutdown the Tomcat instance
associated with this connector. This is set to <code>false</code> by
default.</p>
</td></tr><tr><td align="left" valign="center"><code>request.useSecret</code></td><td align="left" valign="center">
<p>If set to <code>true</code>, then a random value for
<code>request.secret</code> will be generated. It is for use with
<code>request.shutdownEnabled</code>. This is set to <code>false</code>
by default.</p>
</td></tr><tr><td align="left" valign="center"><code>tcpNoDelay</code></td><td align="left" valign="center">
<p>If set to <code>true</code>, the TCP_NO_DELAY option will be
set on the server socket, which improves performance under most
circumstances. This is set to <code>true</code> by default.</p>
</td></tr><tr><td align="left" valign="center"><code>tomcatAuthentication</code></td><td align="left" valign="center">
<p>If set to <code>true</code>, the authentication will be done in Tomcat.
Otherwise, the authenticated principal will be propagated from the native
webserver and used for authorization in Tomcat.
The default value is <code>true</code>.</p>
</td></tr></table>
</blockquote></td></tr></table>
</blockquote></td></tr></table><table border="0" cellspacing="0" cellpadding="2"><tr><td bgcolor="#525D76"><font color="#ffffff" face="arial,helvetica.sanserif"><a name="Nested Components"><!--()--></a><a name="Nested_Components"><strong>Nested Components</strong></a></font></td></tr><tr><td><blockquote>
<p>None at this time.</p>
</blockquote></td></tr></table></td></tr><!--FOOTER SEPARATOR--><tr><td colspan="2"><hr noshade="noshade" size="1"></td></tr><!--PAGE FOOTER--><tr><td colspan="2"><div align="center"><font color="#525D76" size="-1"><em>
Copyright &copy; 1999-2014, Apache Software Foundation
</em></font></div></td></tr></table></body></html>