Prerequisites

  • Java 8 or later, which is available at http://www.oracle.com/technetwork/java/javase/downloads/index.html 
    If you're not sure which version you have, you can run 'which java' to see if Java is already installed. 
  • JAVA_HOME must point to the JRE/JDK. You can run ‘echo $JAVA_HOME’ (Linux) or 'echo %JAVA_HOME%' (Windows) to verify this.

  • PATH must include the path to java executable. You can run ‘java’ to verify that the executable is found.

  • CTP downloaded (via download link). You can request a download link by sending an email to your Parasoft representative.

Linux (Red Hat)

  1. Download Apache Tomcat 8 or higher from http://tomcat.apache.org/.
  2. Log in to the system as root.
  3. Extract Tomcat.
    tar –zxvf apache-tomcat-<version>
    This will create a new folder containing Tomcat.
  4. (Recommended) Move the extracted folder to a common installation location, such as /opt/tomcat.


You may also want to configure Tomcat to start automatically when the server starts. There are two ways to do this:

  • Edit init.d and using that to start/stop Tomcat, or 
  • Directly call <apache-tomcat-home>/bin/startup.sh

Editing init.d

cd /etc/init.d/
vi tomcat

Edit the file to look like this:

#!/bin/bash
# description: Tomcat Start Stop Restart
# processname: tomcat
# chkconfig: 234 20 80
JAVA_HOME=/usr/java/jdk1.7.0_21
export JAVA_HOME
PATH=$JAVA_HOME/bin:$PATH
export PATH
CATALINA_OPTS="-Xmx768m -XX:MaxPermSize=256m"
export CATALINA_OPTS
CATALINA_HOME=/usr/share/apache-tomcat-7.0.47
TOMCAT_OWNER=parasoft


case $1 in
start)
    su - $TOMCAT_OWNER -c $CATALINA_HOME/bin/startup.sh
;;
stop)  
    su - $TOMCAT_OWNER -c $CATALINA_HOME/bin/shutdown.sh
;;
restart)
    su - $TOMCAT_OWNER -c $CATALINA_HOME/bin/shutdown.sh
    su - $TOMCAT_OWNER -c $CATALINA_HOME/bin/startup.sh
;;
esac   
exit 0


where TOMCAT_OWNER=parasoft references a user named ‘parasoft’ to run the Tomcat service.


To start the Tomcat service:

    /etc/init.d/tomcat start

To stop the Tomcat service:

    /etc/init.d/tomcat stop

To restart the Tomcat service:

    /etc/init.d/tomcat restart

To ensure that Tomcat gets started automatically at boot: 

    chkconfig tomcat on

Directly Calling <apache-tomcat-home>/bin/startup.sh

Alternatively, you can start Tomcat by directly calling the <apache-tomcat-home>/bin/startup.sh script on Linux.  If starting Tomcat this way, you will need to create a <apache-tomcat-home>/bin/setenv.sh file with the following contents:

    CATALINA_OPTS="-Xmx768m -XX:MaxPermSize=256m"

Windows

  1. Download the Apache Tomcat 8 or later 32-bit/64-bit Windows Service Installer from
    http://tomcat.apache.org/ 
  2. Run the installer. Select the Service Startup option during installation.

     
     
  3. After installation, open the Tomcat configuration controls from the system tray.
     
  4. For Java Options, set the perm gen size using  -XX:MaxPermSize=256m
    (note that Java Options are separated by new lines, not spaces) and set the maximum  heap size to 768 MB.
     

Configuring SSL/HTTPS on Tomcat

CTP receives user passwords over a web interface.  To ensure that passwords are encrypted when they are sent over the network, Tomcat should be configured to use only the HTTPS connector.  For instructions on how to configure HTTPS in Tomcat, see the Apache Tomcat SSL/TLS Configuration HOW-TO topic (http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html or http://tomcat.apache.org/tomcat-8.0-doc/ssl-howto.html).

Be sure that the Tomcat secure connector sslEnabledProtocols only include "TLS" and not any "SSL" protocols.  SSL protocols are vulnerable to "Padding Oracle On Downgraded Legacy Encryption" (POODLE) man-in-the-middle attacks.

Here's an example of what a Tomcat secure connector might look like:

<Connector port="8443" protocol="org.apache.coyote.http11.Http11Protocol"
    maxThreads="150" SSLEnabled="true" scheme="https" secure="true"
    clientAuth="false" sslEnabledProtocols="TLS"
    keystoreFile="keystore.jks" keystorePass="changeit" 
    keystoreType="JKS" keyAlias="tomcat"
    URIEncoding="UTF-8" />

 


Additional Configuration for UTF-8 Encoding

To ensure proper parsing of Japanese characters and other non-ASCII characters, add URIEncoding="UTF-8" to the <Connector> in Tomcat's server.xml. For example:

<Connector port="8080" protocol="HTTP/1.1"
    connectionTimeout="20000"
    redirectPort="8443"
    URIEncoding="UTF-8" />
  • No labels