Chapter 4: Tomcat Architecture In practice, the container
Chapter 4: Tomcat Architecture In practice, the container at this level is usually an Engine and so it makes sense to discuss it in that role. As mentioned previously, an Engine is a request-processing component that represents the Catalina Servlet engine. It examines the HTTP headers to determine the virtual host or context to which requests should be passed. When the standalone configuration is used, the Engine that is used is the default one. This Engine does the checking mentioned earlier. When Tomcat is configured to provide Java servlet support for a Web server, the default class used to serve requests is overridden because the Web server has typically determined the correct destination of the request. The host name of the server to which the Engine belongs is set as a property in multi-homed machines. An Engine may contain Hosts representing a group of Web applications and Contexts representing a single Web application. The Realm The Realm for an Engine manages user authentication and authorization. During the configuration of an application, the administrator sets the roles that are allowed for each resource or group of resources, and the Realm is used to enforce this policy. Realms can authenticate against text files, database tables, LDAP servers, and the Windows network identity of the user. You learn more about this in Chapter 14 . A Realm applies across the entire Engine or top-level container, so applications within a container share user resources for authentication. This means that, for example, a manager for the intranet will have the same rights as the manager of the e-commerce site should both these applications be in the same Engine. The Realm may also be applied as a child at the Host, or even more specifically a Context. This means that the Realm, when applied at a Host level, is used by all Contexts (Web applications) that are associated with the Host. The Realm is an object that may be superceded by its children objects. This means a Realm may be attached to an Engine so that all of its children will inherit it. But if one of its children declares a Realm of its own at a Host or Context level, then that object will use its own Realm, instead of the parent. By default, a user must still authenticate separately to each Web application on the server. You will see how this can be changed in Chapter 6 , using single sign-on, but, in brief, this is implemented as a Valve in Tomcat. The Valves Valves are components that enable Tomcat to intercept a request and preprocess it. They are similar to the filter mechanism of the Servlet specifications, but are specific to Tomcat. Hosts, Contexts, and Engines may contain Valves. A Valve is essentially a super-filter, very similar to a servlet filter, but it intercepts and invokes at a much higher level. Valves are commonly used to enable single sign-on for all Hosts on a Server, as well as log request patterns, client IP addresses, and server usage patterns (peak traffic, bandwidth use, mean average requests per time unit, the resources that most requests ask for, and so on). This is known as request dumping , and a request dumper valve records the header information (the request URI, accepted languages, source IP,
For high quality website hosting services please check tomcat web hosting website.