We would like to make sur tomcat only listen to apache server which was not on localhost adress. It is a security measure to protect the tomcat port.
In order to do that we need to add the attribute “address” to the connector of the tomcat port.
Few words about the connector :
The HTTP Connector element represents a Connector component that supports the HTTP/1.1 protocol. It enables Catalina to function as a stand-alone web server, in addition to its ability to execute servlets and JSP pages.
<Connector port="8111" acceptCount="100" address="127.0.0.1" connectionTimeout="5000" keepAliveTimeout="10000" maxKeepAliveRequests="1" maxConnections="10000" protocol="HTTP/1.1" />
Few words about the attribute address :
For servers with more than one IP address, this attribute specifies which address will be used for listening on the specified port. By default, this port will be used on all IP addresses associated with the server.
NOTE : this solution uses HTTP protocol connector to connect to apache instead of AJP protocol. The connector AJP should be used between apache and tomcat for performance reason.
At first I used the localhost address(127.0.0.1) to make tomcat listening to this address. I wrongly assume the apache server was at the local address server.
Apache and tomcat would start with no errors. However the application would not start. There was no errors meaningful in the application logs, tomcat logs. At last i found some error in apache server error.log :
[Thu Jun 15 17:56:15 2017] [error] (111)Connection refused: proxy: HTTP: attempt to connect to 184.108.40.206:8111 (machine_adress) failed
[Thu Jun 15 17:56:15 2017] [error] ap_proxy_connect_backend disabling worker for (machine_adress)
This error helped to find a solution to this problem.
I checked the IP address 220.127.116.11 and I found out in /etc/hosts that the adress 18.104.22.168 was link to a server called apache_instance1
I check in apache configuration “httpd.conf” and I found out that the name of the server is :
Therefore to bind tomcat port to listen only to apache server, I had to do modify the attribute adress like this :
<Connector port="8111" acceptCount="100" address="apache_instance1" connectionTimeout="5000" keepAliveTimeout="10000" maxKeepAliveRequests="1" maxConnections="10000" protocol="HTTP/1.1" />
It fixes my problem.