ofbiz-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Hardik Handa <Hardik.Ha...@hcl.com>
Subject RE: Running Ofbiz on Ubuntu with Apache front
Date Wed, 18 May 2011 04:27:45 GMT
We did the same for Windows, hope the following helps u in certain way

Steps to use Apache web server to cater all browser request for Ofbiz application on Windows


a.      I had chosen the path as D:\ApacheWebServer

b.      Open httpd.conf file present in “D:\ApacheWebServer\bin”  folder and perform below
mentioned changes in it

i.      Enable below mentioned modules

LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule ssl_module modules/mod_ssl.so
LoadModule vhost_alias_module modules/mod_vhost_alias.so

ii.     Enable below mentioned includes

Include conf/extra/httpd-vhosts.conf
Include conf/extra/httpd-ssl.conf

iii.    Add below mentioned lines at the end of httpd.conf file

<Proxy balancer://live-http>
                BalancerMember ajp://localhost:8009 route=APP01 connectiontimeout=20 timeout=300
<Proxy balancer://live-https>
                BalancerMember ajp://localhost:8009 route=APP01 connectiontimeout=20 timeout=300

c.      Open httpd-vhosts.conf file present in “D:\ApacheWebServer\conf\extra”  folder
and do mentioned changes in it

i.      Add mentioned lines immediately above the NameVirtualHost*:80 directive

ProxyRequests Off
<Proxy *>
AddDefaultCharset off
Order deny,allow
Allow from all
ProxyVia On

ii.     Modify ServerName to be ‘localhost’ and add ProxyPass entry within VirtualHost
tag. Sample is shown below

<VirtualHost *:80>
    ServerAdmin webmaster@dummy-host.hardik.in
    DocumentRoot "D:/ApacheWebServer/docs/dummy-host. hardik.in "
    ServerName localhost
    ServerAlias www.dummy-host. hardik.in
    ErrorLog "logs/localhost-error.log"
    CustomLog "logs/localhost-access.log" common
    ProxyPass / balancer://live-http/

d.      Open httpd-ssl.conf file present in “D:\ApacheWebServer\conf\extra”  folder and
do mentioned changes in it

i.      Change Virtual Host tag from <VirtualHost _default_:443> to <VirtualHost

ii.     Modify ServerName  entry to be localhost:443

iii.    Add ProxyPass entry just before the end of <VirtualHost> tag.

ProxyPass / balancer://live-https/

                Final <Virtual Host> tag should look like
<VirtualHost *:443>
DocumentRoot "D:/ApacheWebServer/htdocs"
ServerName localhost:443
ServerAdmin admin@ hardik.in
ErrorLog "D:/ApacheWebServer/logs/error.log"
TransferLog "D:/ApacheWebServer/logs/access.log"
SSLEngine on
SSLCertificateFile "D:/ApacheWebServer/conf/server.crt"
SSLCertificateKeyFile "D:/ApacheWebServer/conf/server.key"
<FilesMatch "\.(cgi|shtml|phtml|php)$">
    SSLOptions +StdEnvVars
<Directory "D:/ApacheWebServer/cgi-bin">
    SSLOptions +StdEnvVars
BrowserMatch ".*MSIE.*" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0
CustomLog "D:/ApacheWebServer/logs/ssl_request.log" \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
ProxyPass / balancer://live-https/

e.      Now we have to generate a security certificate for Apache SSL.
We will use OpenSSL utility which comes bundled with Apache installation.
OpenSSL utility presence can be checked by checking the presence of ‘openssl.exe’ file
in “D:\ApacheWebServer\bin”  folder
i.      Open command and move to “D:\ApacheWebServer\bin” folder
ii.     Run below mentioned command

openssl req -new -x509 -nodes -config D:/ApacheWebServer/conf/openssl.cnf -days 60 -out D:/ApacheWebServer/conf/server.crt
-keyout D:/ApacheWebServer/conf/server.key

                                                This will ask some basic certificate related
questions. Make sure that “Common Name” should be given as “localhost”. Here certificate
validity duration is given as 60 days

This will generate two files “server.crt” and “server.key” files in  “D:\ApacheWebServer\conf”
folder. Path of these files are already been configured in httpd-ssl.conf file in ‘SSLCertificateFile’
and ‘SSLCertificateKeyFile’ attributes

f.      Changes related to Apache web sever are done. Restart the Apache web server. If Apache
server does not start successfully then please check all configuration whether these are being
done correctly or not

Now we have to tell Ofbiz to start picking up Browser requests (http and https) from Apache.
Perform below mentioned steps

a.      Open url.properties  file (present in D:\ofBiz\framework\webapp\config(wherever u
have kept ur Ofbiz ) folder) and change http and https port to 80 and 443 respectively

b.      Open ofbiz-containers.xml file (present in D:\ofBiz\framework\base\config folder)
and perform below mentioned changes
i.      Comment whole “http-connector” property tag. This is required so that Ofbiz does
not entertain any direct http request. Every http request should come via Apache
ii.     Comment whole “https-connector” property tag. This is required so that Ofbiz does
not entertain any direct https request. Every https request should come via Apache
iii.    Add ‘packetSize’ property under “ajp-connector” property tag
<property name="ajp-connector" value="connector">
            <property name="packetSize" value="20000"/>

iv.     Modify two properties  ‘default-host’ and ‘jvm-route’  present within <container>
tag to values as shown below

<container name="catalina-container" class="org.ofbiz.catalina.container.CatalinaContainer">
                <property name="default-host" value="localhost"/>
                 <property name="jvm-route" value="APP01"/>

v.      Changes in Ofbiz are over. Now restart the Ofbiz server

Time to test the changes …

a.      First open  http://localhost/ecommerce URL on browser. You should get home page. This
certify that Ofbiz has started picking up http browser request through Apache.

b.      Now check HTTPS page. So click on “Sign in” link in header. Sign in page will
be displayed. Check that page URL is https , JSession ID has route id as APP01 and we have
got a certificate error. This proves that Ofbiz has started picking up https browser request
through Apache.

Certificate error is due to self-signed certificate that we have created. Once we get proper
trusted certificate from 3rd party this error will be fixed.
If you view the certificate , you will find that this is newly created certificate that we
have created earlier  (in one of the steps in this email).

Click on “Signin” button after enyering valid username and password. We will get logged
in page

c.      To access Ofbiz admin console, URL becomes https://localhost/catalog/control/main

After login, admin console is shown

d.      If you hit old Ofbiz URL http://localhost:8080/ecommerce (which have old port number
attached ), Ofbiz ecommerce page will not be opened. This proves that access to Ofbiz through
old port has been removed

Hardik Handa

-----Original Message-----
From: Gavin Mabie [mailto:gavin.mabie@urbannex.co.za]
Sent: Tuesday, May 17, 2011 7:33 PM
To: user@ofbiz.apache.org
Subject: Running Ofbiz on Ubuntu with Apache front


I am battling to get Ofbiz to serve pages to Apache.  I looked at the documentation but am
non-the-wiser.  The installation on Linux Ubuntu works fine for serving pages through port:8080.
 But when I try to get it to work with port:80, that's when the problems start.

This is my setup:

.         Ubuntu 8.x

.         Apache2

The documentation
Tricks-Cookbook-HowTo-HTTPD and the apaches config files are not necessarily the same.  For
example http.conf in the Ubuntu version of Apache2 is empty.


What Apache files do I need to change/adjust to configure the VirtualHost and SSL.  My app
is deployed in the hot-deploy component - and I would like m,y visitors to use www.example.com.

Thanks in advance.



The contents of this e-mail and any attachment(s) are confidential and intended for the named
recipient(s) only.
It shall not attach any liability on the originator or HCL or its affiliates. Any views or
opinions presented in
this email are solely those of the author and may not necessarily reflect the opinions of
HCL or its affiliates.
Any form of reproduction, dissemination, copying, disclosure, modification, distribution and
/ or publication of
this message without the prior written consent of the author of this e-mail is strictly prohibited.
If you have
received this email in error please delete it and notify the sender immediately. Before opening
any mail and
attachments please check them for viruses and defect.

View raw message