Tomcat5.0+MySql配置JDBC，DBCP，SSL

2024-07-24 12:57:15

字體：大中小

供稿：網(wǎng)友

準(zhǔn)備環(huán)境:

1.j2sdk-1_4_2-windows-i586.exe

//jdk

2.mysql-4.0.20d-win.zip

//mysql數(shù)據(jù)庫(kù)

3.mysqlcc-0.9.4-win32.zip

//mysqlgui控制

4.jakarta-tomcat-5.0.27.exe

//tomcat服務(wù)器

5.mysql-connector-java-3.0.14-production.zip

//內(nèi)含mysql驅(qū)動(dòng)

安裝步驟:

1.安裝jdk

2.安裝tomcat

3.安裝mysql

4.安裝mysqlcc

5.將驅(qū)動(dòng)包解壓,拷貝mysql-connector-java-3.0.14-production-bin.jar

到tomcat/common/lib下

或者下載mm.mysql-2.0.14-you-must-unjar-me.jar，

解壓后拷貝其中的mm.mysql-2.0.14-bin.jar

tomcat5.0配置本例使用安裝密碼 198277

1.配置manager 管理應(yīng)用程序

在conf/server.xml 中

添加如下：

<service name="catalina">...    <context path="/manager" debug="0" privileged="true"             docbase="/usr/local/kinetic   /tomcat5/server/webapps/manager">    </context></service>

限制ip訪問(wèn)配置

<context path="/manager" debug="0" privileged="true"         docbase="/usr/local/kinetic   /tomcat5/server/webapps/manager">         <valve classname="org.apache.   catalina.valves.remoteaddrvalve"                allow="127.0.0.1"/></context>

測(cè)試為:http://localhost:8080/manager/html

2、配置jdbcrealm容器管理安全,以mysql-4.0數(shù)據(jù)庫(kù)為例

a.拷貝驅(qū)動(dòng)mm.mysql-2.0.14-bin.jar到common/lib/下

b.在數(shù)據(jù)庫(kù)ycg中建表

create table users (  user_name           varchar(15) not null primary key,  user_pass           varchar(15) not null);create table user_roles (  user_name           varchar(15) not null,  role_name           varchar(15) not null,  primary key (user_name, role_name));

c.修改server.xml如下(默認(rèn)數(shù)據(jù)庫(kù)為root,無(wú)密碼,如果有形如:

connectionurl="jdbc:mysql://localhost/authority?user=dbuser&password=dbpass")      <realm  classname="org.apache.catalina.   realm.jdbcrealm" debug="99"             drivername="    org.gjt.mm.mysql.driver"          connectionurl="jdbc:mysql:    //localhost/ycg?user=root"         connectionname=""    connectionpassword=""              usertable="users"      usernamecol="user_name"     usercredcol="user_pass"          userroletable="user_roles"    rolenamecol="role_name" />

d.在數(shù)據(jù)庫(kù)中添加入tomcat的默認(rèn)配置數(shù)據(jù):

e.啟動(dòng)mysql,啟動(dòng)tomcat,此后tomcat將從數(shù)據(jù)庫(kù)中讀用戶規(guī)則認(rèn)證.默認(rèn)的conf/tomcat-users.xml失效

3.dbcp的配置

a.設(shè)置

<parameter>    <name>removeabandoned</name>        <value>true</value>            </parameter>

可使失效的數(shù)據(jù)連接重新啟用.

配套設(shè)置

<parameter>    <name>removeabandonedtimeout</name>          <value>60</value>            </parameter>

失效時(shí)間

如果要寫入日志

設(shè)置

<parameter>    <name>logabandoned</name>         <value>true</value>            </parameter>

以上三個(gè)默認(rèn)都是false

b.以mysql為例,配置數(shù)據(jù)連接池

c.配置新的用戶與數(shù)據(jù)庫(kù),必須設(shè)定密碼,空密碼將導(dǎo)致連接失敗

e.

指定root密碼:

mysqladmin -u root -h localhost password "198277"

(需修改上面的jdbcrealm設(shè)置connectionurl="jdbc:mysql://localhost/ycg?user=root&password=198277")

命令mysql進(jìn)入匿名連接到服務(wù)器

密碼訪問(wèn)

shell> mysql -h host -u user -penter password: ********//如果root沒(méi)有密碼,以下是不成功的.(試過(guò)了) mysql> grant all privileges on *.* to [email protected]     ->   identified by 'javadude'  with grant option;mysql> create database javatest;mysql> use javatest;mysql> create table testdata(    ->   id int not null  auto_increment primary key,    ->   foo varchar(25),     ->   bar int);在conf/server.xml中<host></host>中添加<context path="/dbtest" docbase="dbtest"        debug="5" reloadable="true"   crosscontext="true">  <logger classname="org.apache.  catalina.logger.filelogger"             prefix="localhost_dbtest_log."     suffix=".txt"             timestamp="true"/>  <resource name="jdbc/testdb"               auth="container"               type="javax.sql.datasource"/>  <resourceparams name="jdbc/testdb">    <parameter>      <name>factory</name>      <value>org.apache.commons.dbcp.   basicdatasourcefactory</value>    </parameter>    <!-- maximum number of db connections  in pool. make sure you         configure your mysqld    max_connections large enough to handle         all of your db connections.    set to 0 for no limit.         -->    <parameter>      <name>maxactive</name>      <value>100</value>    </parameter>    <!-- maximum number of idle db connections to retain in pool.         set to 0 for no limit.         -->    <parameter>      <name>maxidle</name>      <value>30</value>    </parameter>    <!-- maximum time to wait for a  db connection to become available         in ms, in this example 10   seconds. an exception is thrown if         this timeout is exceeded.    set to -1 to wait indefinitely.         -->    <parameter>      <name>maxwait</name>      <value>10000</value>    </parameter>    <!-- mysql db username and password for db connections  -->    <parameter>     <name>username</name>     <value>javauser</value>    </parameter>    <parameter>     <name>password</name>     <value>javadude</value>    </parameter>    <!-- class name for the old mm. mysql jdbc driver - uncomment this entry and comment next         if you want to use this driver   - we recommend using connector/j though    <parameter>       <name>driverclassname</name>       <value>org.gjt.mm.mysql.driver</value>    </parameter>     -->        <!-- class name for the official mysql connector/j driver -->    <parameter>       <name>driverclassname</name>       <value>com.mysql.jdbc.driver</value>    </parameter>        <!-- the jdbc connection url for  connecting to your mysql db.         the autoreconnect=true argument    to the url makes sure that the         mm.mysql jdbc driver will    automatically reconnect if mysqld closed the         connection.  mysqld by default    closes idle connections after 8 hours.         -->    <parameter>      <name>url</name>      <value>jdbc:mysql://localhost:3306  /javatest?autoreconnect=true</value>    </parameter>            <parameter>              <name>removeabandoned</name>              <value>true</value>            </parameter>             <parameter>              <name>removeabandonedtimeout</name>              <value>60</value>            </parameter>            <parameter>              <name>logabandoned</name>              <value>true</value>            </parameter>  </resourceparams></context>

f.在web服務(wù)中調(diào)用.配置web.xml 如:

<web-app xmlns="http://java.sun.com/xml/ns/j2ee"    xmlns:xsi= "http://www.w3.org/2001/xmlschema-instance"    xsi:schemalocation= "http://java.sun.com/xml/ns/j2eehttp://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"    version="2.4">  <description>mysql test app</description>  <resource-ref>      <description>db connection</description>      <res-ref-name>jdbc/testdb</res-ref-name>      <res-type>javax.sql.datasource</res-type>      <res-auth>container</res-auth>  </resource-ref></web-app>

g.測(cè)試用test.jsp

<%@ taglib uri="http://java.sun.com/jsp/jstl/sql"prefix="sql" %><%@ taglib uri="http://java.sun.com/jsp/jstl/core"prefix="c" %><sql:query var="rs"datasource="jdbc/testdb">select id, foo, bar from testdata</sql:query><html>  <head>    <title>db test</title>  </head>  <body>  <h2>results</h2>  <c:foreach var="row" items="${rs.rows}">    foo ${row.foo}<br/>    bar ${row.bar}<br/></c:foreach>  </body></html>

h.新建web應(yīng)用

下載jakarta-taglibs-standard-1.1.0

copy jstl.jar and standard.jar to your web app's web-inf/lib

dbtest/    web-inf/        web.xml        lib/            jstl.jar            standard.jar    test.jsp

拷貝到webapps/ 下

i.啟動(dòng)mysql,tomcat

訪問(wèn):

http://localhost:8080/dbtest/test.jsp

顯示:

resultsfoo hellobar 12345

4.ssl的配置,以jdk1.4.2為例

a.進(jìn)入%java_home%/bin

運(yùn)行命令:keytool -genkey -alias tomcat -keyalg rsa

以tomcat 安裝密碼為198277,ketool設(shè)置密碼為198277為例

輸入keystore密碼： 198277

您的名字與姓氏是什么？

[unknown]： ycg

您的組織單位名稱是什么？

[unknown]： nju

您的組織名稱是什么？

[unknown]： nju

您所在的城市或區(qū)域名稱是什么？

[unknown]： nanjing

您所在的州或省份名稱是什么？

[unknown]： jiangsu

該單位的兩字母國(guó)家代碼是什么

[unknown]： nd

cn=ycg, ou=nju, o=nju, l=nanjing, st=jiangsu, c=nd 正確嗎？

[否]： y

輸入的主密碼

（如果和 keystore 密碼相同，按回車）： 198277

b.在你的d:/documents and settings/的當(dāng)前用戶目錄下可以找到.keystore文件.將其拷貝到conf/文件夾下.

c.在server.xml 中找到

<!--    <connector port="8443"    maxthreads="150" minsparethreads="25"    maxsparethreads="75"   enablelookups="false"    disableuploadtimeout="true"   acceptcount="100" debug="0"   scheme="https" secure="true"   clientauth="false" sslprotocol="tls" />    -->

去掉注釋

添加配置字段:keystorefile="/conf/.keystore" keystorepass="198277"

如:

<connector port="8443"  maxthreads="150" minsparethreads= "25" maxsparethreads="75"  enablelookups="false"   disableuploadtimeout="true"    acceptcount="100" debug="0"  scheme="https" secure="true"     clientauth="false" sslprotocol="tls"  keystorefile="/conf/.keystore"       keystorepass="198277"/>

d.測(cè)試為:

https://localhost:8443

e.在自己的程序中添加ssl認(rèn)證方式為:

在web.xml 中添加

<security-constraint><web-resource-collection><web-resource-name>success</web-resource-name><url-pattern>/</url-pattern><http-method>get</http-method><http-method>post</http-method></web-resource-collection><user-data-constraint><transport-guarantee>confidential</transport-guarantee></user-data-constraint></security-constraint>

f.用上提為例就是

修改web.xml 為

<web-app xmlns="http://java.sun.com/xml/ns/j2ee"    xmlns:xsi= "http://www.w3.org/2001/xmlschema-instance"    xsi:schemalocation= "http://java.sun.com/xml/ns/j2eehttp://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"    version="2.4">    <description>mysql test app</description><security-constraint><web-resource-collection><web-resource-name>success</web-resource-name><url-pattern>/</url-pattern><http-method>get</http-method><http-method>post</http-method></web-resource-collection><user-data-constraint><transport-guarantee>confidential</transport-guarantee></user-data-constraint></security-constraint>    <resource-ref>      <description>db connection</description>      <res-ref-name>jdbc/testdb</res-ref-name>      <res-type>javax.sql.datasource</res-type>      <res-auth>container</res-auth>  </resource-ref></web-app>

訪問(wèn):

https://localhost:8443/dbtest/test.jsp

g.如果與2配置的jdbcrealm結(jié)合起來(lái)進(jìn)行表單認(rèn)證

先在user_roles表中添加user_name:ycg role_name:web-user

在users表中添加user_name:ycg user_pass:198277

然后在web.xml中添加

<auth-constraint><role-name>web-user</role-name></auth-constraint><login-config> <auth-method>basic</auth-method> <realm-name>my member area</realm-name></login-config>

修改后的web.xml如:

<web-app xmlns="http://java.sun.com/xml/ns/j2ee"    xmlns:xsi= "http://www.w3.org/2001/xmlschema-instance"    xsi:schemalocation= "http://java.sun.com/xml/ns/j2eehttp://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"    version="2.4">    <description>mysql test app</description><security-constraint><web-resource-collection><web-resource-name>success</web-resource-name><url-pattern>/</url-pattern><http-method>get</http-method><http-method>post</http-method></web-resource-collection><auth-constraint><role-name>web-user</role-name></auth-constraint><user-data-constraint><transport-guarantee>confidential</transport-guarantee></user-data-constraint></security-constraint><login-config> <auth-method>basic</auth-method> <realm-name>my member area</realm-name></login-config>    <resource-ref>      <description>db connection</description>      <res-ref-name>jdbc/testdb</res-ref-name>      <res-type>javax.sql.datasource</res-type>      <res-auth>container</res-auth>  </resource-ref></web-app>

測(cè)試:

http://localhost:8080/dbtest/test.jsp

將通過(guò)ssl連接,并進(jìn)行表單認(rèn)證.用戶密碼可在user_roles,和users中添加.

5.中文亂碼問(wèn)題:

mysql 默認(rèn)編碼 iso

tomcat request 傳輸編碼 iso

如果要顯示中文

在*.jsp中添加

<head><%@ page language="java"contenttype="text/html;charset=gb18030"pageencoding="gb18030"%></head>

如果是數(shù)據(jù)傳輸中的亂碼(如用servlet從mysql數(shù)據(jù)庫(kù)讀出的數(shù)據(jù))用以下兩個(gè)轉(zhuǎn)碼函數(shù)轉(zhuǎn)碼，如果不清楚由哪種編碼轉(zhuǎn)成哪種編碼，就多嘗試。

//轉(zhuǎn)碼gbk轉(zhuǎn)iso    public string toiso(string input) {        try  {                byte[] bytes = input.getbytes("gbk");                return new string(bytes,"iso8859-1");        }catch(exception ex)   {        }        return input;    }        //轉(zhuǎn)碼is0轉(zhuǎn)gbk    public string togbk(string input) {        try {            byte[] bytes =    input.getbytes("iso8859-1");            return new string(bytes,"gbk");        }catch(exception ex) {        }        return input;    }

上一篇：Tomcat5配置mysql4數(shù)據(jù)源

下一篇：Tomcat 和 MySQL系統(tǒng)測(cè)試