Monday, April 17, 2017
Deploying Alfresco To Apache Server
Deploying Alfresco To Apache Server
This guide will detail a setup to deploy Alfresco Share to a live server using Tomcat and Apache with mod_jk and mod_ssl it also covers the deployment of the Alfrescos SharePoint interface using Apache with mod_proxy.
Setting up Tomcat
First lets set up a default context so theres no prefix path visible in the URL for Alfresco share. The proper way to do this is by creating the file $CATALINA_BASE/conf/[enginename]/[hostname]/ROOT.xml. When Tomcat is located at /opt/alfresco/tomcat/ the full path will be /opt/alfresco/tomcat/conf/Catalina/localhost/ROOT.xml. Create the following XML document inside the file:<?xml version="1.0" encoding="UTF-8"?>The path attribute sets the context used in the URL. Using "" as the path thus means use as default. The docBase attribute sets where the real webapp is. When using Alfresco Share this is share.war by default, its not necessary to use the absolute path.
<Context path="" docBase="share.war">
</Context>
Now if you restart Tomcat you should be able to reach Alfresco Share at [host]:[port], without specifying the share prefix.
Next we need to setup a connector for Apache. Its possible this is already done on your Tomcat install by default, if not add the following in the Catalina Service section in $CATALINA_BASE/conf/server.xml:
...Restart Tomcat again for the connector to be available.
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
...
Setting up Apache
If you havent done already, install mod_jk (libapache2-mod-jk in Ubuntu).
First we define the workers, I used $CATALINA_BASE/conf/workers.properties as configuration file:
worker.list=tomcatThe name tomcat is arbitrary, so you can replace all occurrences with whatever you like.
worker.tomcat.port=8009
worker.tomcat.host=localhost
worker.tomcat.type=ajp13
worker.tomcat.lbfactor=1
Next point Apache to this configuration file. You can either edit your httpd.conf, or if youre using a distribution with a config dir setup (for example, /etc/apache2/conf.d/ in Ubuntu) create a file and add the following content:
JkWorkersFile /opt/alfresco/tomcat/conf/workers.propertiesRemember to use your own $CATALINA_BASE if its not /opt/alfresco/tomcat/.
Finally, setup a virtualhost that will connect to Tomcat:
<VirtualHost *:80>This will create a virtualhost at share.host.name (replace this with your (sub)domain location), will force port 80/http to be redirected to port 443/https (forces the secure connection, the 301 will tell the browser its a permanent redirect) and will serve all content (/*) using the worker tomcat as specified in our workers file (if you changed the name there, also change it here). Be sure to enter your own certificate information instead of what I entered.
ServerName share.host.name
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/(.*) https://share.host.name/$1 [R=301,L]
</VirtualHost>
<VirtualHost *:443>
ServerName share.host.name
JkMount /* tomcat
SSLEngine on
SSLCertificateKeyFile /etc/ssl/private/certificate.pem
SSLCertificateFile /etc/ssl/private/certificate.crt
SSLCACertificateFile /etc/ssl/private/authority.crt
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
downgrade-1.0 force-response-1.0
</VirtualHost>
You can extend this configuration file in the same way youd normally do with Apache, so you can add rewrite rules etc..
Restart Apache for the configuration to have effect.
You now have Alfresco Share on a user friendly location, with a user friendly and secure setup. If Alfresco explorer is deployed on the same Tomcat instance, you can reach it at https://[host]/alfresco. Your other webapps should also still be reachable at their context path.
If you want to do the same with Alfresco with the SharePoint Protocol youll have to set up another vhost in Apache, in this case we will use mod_proxy, like this:
<VirtualHost *:80>Finally, on your Alfrescos global.properties file youll have to set the following variables:
ServerName sharepoint.host.name
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/(.*) https://sharepoint.host.name/$1 [R=301,L]
</VirtualHost>
<VirtualHost *:443>
ServerName sharepoint.host.name
SSLEngine on
SSLCertificateKeyFile /etc/apache2/ssl/sharepoint.key
SSLCertificateFile /etc/apache2/ssl/sharepoint.crt
SSLCACertificateFile /etc/apache2/ssl/sharepoint.crt
SSLProxyEngine On
ProxyPass / http://localhost:7070/
ProxyPassReverse / http://localhost:7070/
ProxyPass /alfresco/ http://localhost:7070/alfresco/
ProxyPassReverse /alfresco/ http://localhost:7070/alfresco/
ProxyPass /share/ http://localhost:7070/share/
ProxyPassReverse /share/ http://localhost:7070/share/
ProxyPass /_vti_bin/ http://localhost:7070/_vti_bin/
ProxyPassReverse /_vti_bin/ http://localhost:7070/_vti_bin/
ProxyPass /_vti_inf.html http://localhost:7070/_vti_inf.html
ProxyPassReverse /_vti_inf.html http://localhost:7070/_vti_inf.html
ProxyPass /_vti_history/ http://localhost:7070/_vti_history/
ProxyPassReverse /_vti_history/ http://localhost:7070/_vti_history/
#RewriteCond %{SERVER_PORT} !443
#RewriteRule ^(.*)$ https://sharepoint.host.name/$1 [R,L]
SetEnvIf User-Agent ".*MSIE.*"
nokeepalive ssl-unclean-shutdown
downgrade-1.0 force-response-1.0
</VirtualHost>
vti.server.external.host=sharepoint.host.nameso that your Edit Online links are generated correctly.
vti.server.external.port=443
vti.server.external.protocol=https
download more info
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment