Administering Apache Tomcat Training

Duration: 4 days

Apache Tomcat Training Outline

 Introduction
o Overview of the Apache Software Foundation and the Jakarta Project
o Overview of Java EE as a platform
o Overview of the features and functionality specifically provided by Tomcat
 Installing Tomcat
o Installing the Java Runtime Environment (JRE)
o Tweaking the JRE for performance
o Performing the actual Tomcat installation
 Examining the Tomcat installation directories
o bin
o conf
o common
o lib
o logs
o server
o shared
o temp
o webapps
o work
 Configuring Tomcat
o server.xml (detailed walkthrough)
o web.xml
o context.xml
 Tomcat Valves (1 Hour)
o AccessLog and FastCommonAccessLog
o RequestFilterValve
o SingleSignOnValve (by request)
o RequestDumperValve (by request)
 Memory management and JMX monitoring
o Understanding Java garbage collection
o Using JAVA_OPTS, JMX and JConsole to monitor and tune Tomcat memory
usage
o Sizing Tomcat's JVM memory heap
o Using JMX and JConsole to configure Tomcat via Tomcat's MBeans
o Updating Tomcat's configuration via JMX "on the fly" without restarting
Tomcat
o Load testing with JMeter
o Using VisualVM (new monitoring tool built into JDK 7) and PSI Probe
o Controlling JMX MBeans via Ant
 Connecting databases with Tomcat applications
o Classic JDBC approach
o Better approach: JNDI resources
o Setting up and monitoring database connection pools
 Security
 o File system security
o Java security manager
o Realms, authentication, and authorization
o SSL
 Performance tuning strategies
o Additional JVM tuning tips
o Enabling parallel garbage collection
o Building native connectors
o Disabling/removing unneeded applications
o Tuning incoming connections and database connection pools
o Turning off Jasper development mode
o Precompiling JSPs
o Preloading servlets
 Tomcat 8 New Features [optional]
o Memory leak prevention and detection
o Servlet 3.1, JSP 2.3, and EL 2.3 support (and the practical implications of this
for Tomcat admins)
o Cross-site request forgery prevention (and how to configure)
o How Tomcat 8's new session management features prevent session fixation
attacks
o Alias support (which allow static content to be stored outside the WAR file)
 Running Tomcat behind Apache httpd or IIS [this section would be taught using your
web server and connector module of choice]
o Why run Tomcat behind Apache httpd or IIS?
o Installing  mod_jk (Apache httpd or IS) or mod_proxy_ajp and
mod_proxy_balancer (Apache httpd 2.4 or later only)
o Proxying traffic to Tomcat via AJP
o Monitoring the status of your web server’s connection to Tomcat
o Load balancing Tomcat via mod_jk or mod_proxy_balancer
 Tomcat Clustering
o Configuring mod_jk (in Apache or IIS) or mod_proxy_balancer (Apache 2.2 or
later only) as a load balancer
o Hardware load balancing as an alternative to software load balancing
o Sticky sessions
o Configuring a shared session back-end
 FileStore/JDBCStore (older approach, generally not recommended)
 Using the <Cluster /> tag
o Configuring the application to be distributable
o Setting up and testing failover