Fronting JBoss with Apache

Introduction

Many people prefer to have Apache forward web requests to their Bedework server.   They may do so because they are more comfortable in Apache or because they enjoy its flexibility.   In this scenario, Apache serves out static content (including, often, static Bedework content), fronts some PHP-based tools, such as phpPgAdmin, AND passes Bedework requests to JBoss at port 8080.  

There are at least two Apache2 modules that can pass requests to JBoss:  mod_jk and mod_proxy.   Both should work.  The instructions below assume mod_jk.   They also assume you are running on a Linux server.

Get Apache Ready

  1. Install apache2, if not already present, via yum, apt-get, or download
  2. Install libapache2-mod-jk (jk_mod.so) via yum, apt-get, or download
  3. cd to your apache configuration area, generally /etc/apache2 or /etc/httpd
  4. edit httpd.conf to load jk_mod.so

Set up Workers

Create a mod_jk workers file.  Our workers will be Bedework web clients running at port 8080.   The workers file can be placed anywhere.  In this example, we'll create a new directory called misc and create a file there called jk-workers.properties.   You can start with these contents:

# workers.properties
# See a default config at  /etc/libapache2-mod-jk/workers.properties

# The list of workers (can be more than one, but we won't need more here)
worker.list=bedework

# Define the worker
worker.bedework.port=8009
worker.bedework.host=localhost
worker.bedework.type=ajp13

# Specifies the load balance factor when used with
# a load balancing worker.
# Note:
#  ----> lbfactor must be > 0
#  ----> Low lbfactor means less work done by the worker
worker.bedework.lbfactor=1

Create an Apache Configuration file for your Bedework Server

You can get started with the following configuration, changing the path to your workers file, the location of your document root, and the server's URL

This configuration assumes that you are using Apache to serve out your static Bedework content.  More on this later.  It also assumes you are using https: for any Bedework clients that require a login.

JkWorkersFile /etc/httpd/misc/jk-workers.properties
#JkLogFile    /var/log/httpd/bedework/jk-mod.log
#JkLogLevel info
#JkLogStampFormat  "[%a %b %d %H:%M:%S %Y]"
JkOptions +ForwardURIProxy
#JkOptions +ForwardKeySize
JkOptions -ForwardDirectories
#JkRequestLogFormat "%w %V %T"
#JkShmFile /var/log/httpd/jk.shm

NameVirtualHost *:80
NameVirtualHost *:443

<Virtualhost *:80>
    DocumentRoot /opt/bedework/wwwDocRoot
    ServerName calendar.example.edu
    ErrorLog /var/log/httpd/calendars-error.log
    CustomLog /var/log/httpd/calendars-access.log combined
    Options Indexes

# mount the bedework jboss apps

    JkMount /* bedework

# unmount everything that is being served by Apache directly
# for directories, unmount both the directory itself (dirname) and then all under it (dirname/*)
    JkUnMount /bwAppRoot bedework
    JkUnMount /bwAppRoot/* bedework
    JkUnMount /bedework-common bedework
    JkUnMount /bedework-common/* bedework
    JkUnMount /tzdata.zip bedework
    JkUnMount /favicon.ico bedework
    JkUnMount /index.html bedework
    JkUnMount /phpPgAdmin bedework
    JkUnMount /phpPgAdmin/* bedework
    JkUnMount /urlbuilder bedework
    JkUnMount /urlbuilder/* bedework

# redirect secure web apps to https

    RedirectMatch  ^/caladmin(.*)$ https://calendar.example.edu/caladmin/
    RedirectMatch  ^/eventsubmit(.*)$ https://calendar.example.edu/eventsubmit/
    RedirectMatch  ^/ucal(.*)$ https://calendar.example.edu/ucal/

 </Virtualhost>

<Virtualhost *:443>

    DocumentRoot /opt/bedework/wwwDocRoot
    ServerName calendar.example.edu
    ErrorLog /var/log/httpd/calendars-error.log
    CustomLog /var/log/httpd/calendars-access.log combined
    Options Indexes

    SSLEngine on

    SSLCertificateFile /etc/httpd/ssl/certs/bedeworkcert.pem
   SSLCertificateKeyFile /etc/httpd/ssl/certs/bedeworkkey.pem

   # mount the bedework jboss apps

   JkMount /* bedework

   # umount everything that is being served by apache directly

    JkUnMount /bwResourcesRoot bedework
    JkUnMount /bwResourcesRoot/* bedework
    JkUnMount /bedework-common bedework
    JkUnMount /bedework-common/* bedework
    JkUnMount /tzdata.zip bedework
    JkUnMount /favicon.ico bedework
    JkUnMount /phpPgAdmin bedework
    JkUnMount /phpPgAdmin/* bedework
    JkUnMount /urlbuilder bedework
    JkUnMount /urlbuilder/* bedework
</Virtualhost>

Restart apache2 to test that the configuration is valid

In most cases, /etc/init.d/apache2 restart or /etc/init.d/httpd restart

Copy Static Content to Apache

If you've chosen to have Apache serve your Bedework static content, copy that content from JBoss to the Apache DocumentRoot you defined above.

  1. Create a directory called bedework-common in your wwwDocRoot and fill it with the contents of <quickstart>/jboss-5.1.0.GA/server/default/bwdeploy/bwcal.ear/bedework-common.war.
  2. Copy these files or directories from <quickstart>/jboss-5.1.0.GA/server/default/deploy/ROOT.war:
    1. urlbuilder
    2.  tzdata.zip
    3.  favicon.ico (unless you have your own ready to go)
  3. Create a directory called bwResourcesRoot in your wwwDocRoot and copy as many of these directories from <quickstart>/jboss-5.1.0.GA/server/default/deploy/ROOT.war as you need:
    1. caladminrsrc (admin client)
    2.  ucalrsrc (personal client)
    3.  eventsubmitrsrc (submissions client)
    4.  calrsrc.MainCampus (public client)

Try it

You should be able to reach your Bedework clients on port 80.

A note on jmx-console

If you'd like to make your JMX Console available, you'll need to edit <quickstart>/jboss-5.1.0.GA/server/default/deploy/jmx-console.war/WEB-inf/jboss-web.xml.   Add a virtual-host below security-domain.  The resulting file should look like this:

<!DOCTYPE jboss-web PUBLIC  
  "-//JBoss//DTD Web Application 5.0//EN"  
  "http://www.jboss.org/j2ee/dtd/jboss-web_5_0.dtd">   

<jboss-web>  
    <!-- Uncomment the security-domain to enable security. You will     
         need to edit the htmladaptor login configuration to setup the     
         login modules used to authentication users.   -->     
    <security-domain>java:/jaas/jmx-console</security-domain>     
    <virtual-host>calendar.mycollege.edu</virtual-host>
</jboss-web>

Bedework Enterprise Calendar, version 3.9