Versions Compared

Old Version 16

changes.mady.by.user Daniel Roy

Saved on

compared with

New Version 17

changes.mady.by.user Larry Mills-Gahl

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: comments on setup of CentOS 7 with Apache 2.4

...

Warning

Don't forget to change the password in JavaMonitor after you made the installation!

Notes on CentOS 7 64/ Apache 2.4

The yum repositories for deployment artifacts is a little out of date, so these instructions are based on wonder source and compiling the adaptor on the target system.

Compiling the Apache Adaptor

Code Block
languagebash
titleCompiling Apache 2.4 WebObjects Adaptor
$ sudo yum install httpd https-dev
$ # get the latest wonder source
$ git clone https://github.com/wocommunity/wonder.git
$ cd wonder/Utilities/Adaptors
$ # thanks to alextu for these commands to fix the make.config file
$ # (from his docker recipe)
$ sed -ri 's/ADAPTOR_OS = MACOS/ADAPTOR_OS = LINUX/g' make.config
$ sed -ri 's/ADAPTORS = CGI Apache2.2/ADAPTORS = Apache2.4/g' make.config
$ make
$ # move the compiled module to the modules directory (check your apache config
$ # but the default on CentOS7 is /usr/lib64/httpd/modules
$ cp Apache2.4/mod_WebObjects.so /usr/lib64/httpd/modules/

Configuring Apache for WebObjects

The standard apache.conf (found in the wonder source at  wonder/Utilities/Adaptors/Apache2.4/apache.conf) should work fine.  Here are a couple of modifications that worked for me:

The authorization for Apache changed between 2.2 and 2.4. If you're used to "Allow from all" or "Deny from all" you should know that Apache 2.4 syntax has changed so this is how those allows/denies work now. This is a mostly permissive structure restricting some of the verbs that are not used (We  have some configs that allow PUT, DELETE, PROPFIND, etc... but they don'tcall me "Little Paranoid Larry" for nothing.

Code Block
languagexml
titleApache Permissions Config
WebObjectsAlias /cgi-bin/WebObjects
<Location /cgi-bin/WebObjects/>
    <Limit GET POST OPTIONS >
      Require all granted
    </Limit>
    Require all denied
</Location>

FirewallD

CentOS7 switched to using FirewallD from IP Tables. I've tried to understand firewalld and I'm actually digging it even though it's a big change from IP Tables. Useful info on Firewalld can be found at Linux firewalld information at Oracle or FirewallD at Fedora

The cheat sheet commands that help get started are:

Panel
titleFirewallD Cheat Sheet

getting help on the command line: # firewall-cmd --help

checking the state of the firewall: # firewall-cmd --state

panic: firewall-cmd --panic-on

stop panic: # firewall-cmd --panic-off

set a service to a zone for runtime (not persistent) : firewall-cmd --zone=public --add-service=https

set a service to a zone permanently: firewall-cmd --permanent --zone=public --add-service=https

setup specific ports (like for WO instances) firewall-cmd --zone=public --permanent --add-port=2000-2020/tcp

reload the configuration: firewall-cmd --reload

find out what services the zone thinks should be handled at runtime (or permanently) : # firewall-cmd (–permanent) --zone=public --list-services

go nuts and specify rules to within an inch of their lives: # firewall-cmd --permanent --zone=public --add-rich-rule="rule family="ipv4" source address="192.168.0.4/24" service name="http" accept"

 

SELinux

As is mentioned in https://wiki.wocommunity.org/display/documentation/Installing+a+deployment+environment+on+RedHat,+CentOS+or+Amazon+Linux,
you can open up apache to network connections using the command:

Code Block
languagebash
titleSELinux 
$ # make sure you have the policy utils (yum install policycoreutils-python)
$ sudo setsebool -P httpd_can_network_connect=1


If you have additional problems with the SELinux configuration, check the context and ownership of files. More useful information on SELinux can be found at http://wiki.centos.org/HowTos/SELinux.