Set up java architecture for web production;
Collect the Application software
Ø         jdk-1_5_0_15-linux-i586.rpm
Ø         apache-tomcat-6.0.26.tar.gz
Ø       httpd-2.2.16.tar.gz
Ø       apr-1.3.3
Ø       apr-util-1.3.4
Ø       postgresql-8.2.7
Ø       modsecurity_apache_2.5.12
Install Server Applications
1. Install JDK
 rpm –ivh  jdk-1_5_0_15-linux-i586.rpm
(Its default home directory is ‘/usr/java/jdk_1_5_15’)
  1. Install Tomcat 6.0.26
tar xzvf apache-tomcat-6.0.26.tar.gz –C /opt/
ln –s  apache-tomcat-6.0.26  tomcat6
  1. Install apache-ant-1.7.0
   cd apr-1.3.3
./configure --prefix=/usr/local
make && make install
  1. Install apr-util-1.3.4
cd apr-util-1.3.4
./configure --prefix=/usr/local  --with-apr=/usr/local
make
make install
  1. Ready to Install apache
5.1   Find exist apache and uninstall it
rpm –qa | grep httpd
rpm –e httpd
5.2   Install essential environment for apache
yum install kernel-headers glibc-headers glibc-devel libgomp gcc readline-devel glib-devel glib2-devel zlib-devel libtool
5.3   Install Openssl
yum install openssl
note: default directory is /usr/include/openssl
5.4   Install Mod_proxy
5.41. Enter apache source code’s directory: modules/proxy
5.4.2. Run commands as below to compile and modify httpd.conf and active mod_proxy:
apachepath/bin/apxs -c -i -a mod_proxy.c proxy_util.c
 
apachepath/bin/apxs -c -i -a mod_proxy_http.c proxy_util.c
5.5   Install mod_rewrite
5.5.1 find ./ -name "mod_rewrite.c"
./modules/mappers/mod_rewrite.c
5.5.2 apxs -c -i -a modules/mappers/mod_rewrite.c
  1. Install Apache 2.2.16
tar xzvf httpd-2.2.16.tar.gz
cd httpd-2.2.16
then you can use vi to set a file and type like this
  #! /bin/sh
#
# Created by configure
 
"./configure" \
"--prefix=/usr/local/apache2" \
"--enable-so" \
"--with-ssl=/usr/include/openssl" \
"--with-z=/usr/local/zlib" \
"--enable-rewrite" \
"--enable-modules=so" \
"$@"
  1. Install Ant1.7.0
tar xzvf apache-ant-1.7.0-bin.tar.gz –C /opt
note:download from http://archive.apache.org/dist/ant/binaries/ , you must check apache-ant-1.7.0/lib, it must not be null,for some source code is lack of lib files.
8.    Install postgresql
8.2  Create user and group:
groupadd -g 88 postgres
 
 useradd -u 88 -g 88 -d /usr/local/pgsql –m postgres
  passwd postgres
  chmod 755 /usr/local/pgsql/ 
8.3 unzip and complile
# su - postgres
$ tar xvfz postgresql-8.2.7.tar.gz
$ cd postgresql-8.2.7
$ ./configure 
–prefix=/usr/local/pgsql
$ make
At this time,meet an error,solution as below:
yum install gcc gcc-c++ autoconf automake
the second error,solution as below
yum install readline-devel
the third error,solution as below
yum install zlib-devel
$ make install
8.4 Create db data and initialize db: 
# mkdir /usr/local/pgsql/data
# chown postgres /usr/local/pgsql/data
# su - postgres
$ initdb -D /usr/local/pgsql/data
$ cd /usr/local/pgsql/data
8.5 Configure listen address and port.
$ vi postgresql.conf
listen_addresses = '*'
port = 5432
password_encryption = on
 8.5 Configure connection hosts trusted.
vim data/pg_hba.conf
$ vi pg_hba.conf
# IPv4 local connections:
host    all         all         127.0.0.1/32          trust
host    all         all         192.168.5.0/24          trust
 8.6 Configure startup options:
# cd postgresql-8.2.7
# cp contrib/start-scripts/linux /etc//init.d/postgres
# chmod 755 /etc/init.d/postgres
# /etc/rc.d/init.d/postgres start
 
Create the path for the entire environment
Add codes as below to /etc/profile
vim /etc/profile
export JAVA_HOME=/usr/java/jdk1.5.0_15
export JRE_HOME=$JAVA_HOME/jre
export TOMCAT_BASE=/opt/tomcat6
export JAVA_OPTS="-Djava.awt.headless=true -server -Xms768m -Xmx768m -XX:MaxPermSize=128m -XX:PermSize=128m -XX:MaxNewSize=128m -XX:NewSize=128m -Xincgc"
export TOMCAT_HOME=/opt/tomcat6
export CATALINA_HOME=/opt/tomcat6
export ANT_HOME=/opt/ant-1.7.0
export CLASSPATH=/opt/tomcat6
export HTTPD_HOME=/usr/local/apache2
export PGSQ_HOME=/usr/local/pgsql
export PATH=$JAVA_HOME/bin:$TOMCAT_HOME/bin:$HTTPD_HOME/bin:$PGSQ_HOME/bin:$PATH
export PATH=$PATH:$JAVA_HOME/bin:$ANT_HOME/bin
Integrate apache and tomcat with mod_proxy
   1. Modify apache’s configuration file:
   vim /usr/local/apache2/conf/httpd.conf
   include conf/extra/httpd-vhosts.conf (to get rid of “#”)
NameVitualHost 127.0.0.1:80
<VirtualHost *:80>
 ServerAdmin admin@test.us
 DocumentRoot /opt/tomcat6/website
 ErrorLog logs/tomcat-error_log
 CustomLog logs/tomcat-access_log common
 ProxyPass / ajp://localhost:8009/
 ProxyPa***everse / ajp://localhost:8009/
RewriteEngine On
RewriteCond %{QUERY_STRING} ^thumbnail=true$
RewriteRule ^/([^\.]*)([\.(jpg|gif|png)]*)$ /$1_thumb.jpg [PT]
</VirtualHost>
Configure apache with ssl
1.    Generate CA,including Server and client’s certificate and private keys.
[root@localhost bin]# openssl
OpenSSL> req -new -newkey rsa:1024 -nodes -out ca.csr -keyout ca.key -sha1
OpenSSL> x509 -trustout -signkey ca.key -days 3650 -req -in ca.csr -out ca.pem -sha1
OpenSSL> exit
[root@localhost bin]# echo "01" >ca.srl
[root@localhost bin]# ./openssl
OpenSSL> req -new -newkey rsa:1024 -nodes -out server.csr -keyout server.key -sha1
OpenSSL> x509 -CA ca.pem -CAkey ca.key -CAserial ca.srl -req -in server.csr -out server.pem -days 1085 -sha1
OpenSSL> req -new -newkey rsa:1024 -nodes -out client.csr -keyout client.key -sha1
OpenSSL> x509 -CA ca.pem -CAkey ca.key -CAserial ca.srl -req -in client.csr -out client.pem -days 365 -sha1
OpenSSL> pkcs12 -export -clcerts -in client.pem -inkey client.key -out client.p12 -name "client"
After last commands,it will generate files as follows
ca.csr ca.key ca.pem ca.srl server.csr server.key server.pem client.csr client.key client.pem client.p12
 
2.  modify httpd conf :  /usr/local/apache/conf/httpd.conf
# Secure (SSL/TLS) connections
Include conf/extra/httpd-ssl.conf
vim /usr/local/apache/conf/extra/httpd-ssl.conf
 
ServerName 192.168.0.88:443
DocumentRoot "/opt/tomcat6/website"
ServerName www.test.us:443
ServerAdmin admin@test.us
ErrorLog "/usr/local/apache2/logs/error_log"
TransferLog "/usr/local/apache2/logs/access_log"
ProxyPass / ajp://localhost:8009/
ProxyPa***everse / ajp://localhost:8009/
RewriteEngine On
RewriteCond %{QUERY_STRING} ^thumbnail=true$
RewriteRule ^/([^\.]*)([\.(jpg|gif|png)]*)$ /$1_thumb.jpg [PT]
SSLCertificateFile /usr/local/apache/conf/server.pem
SSLCertificateKeyFile /usr/local/apache/conf/server.key
SSLCACertificateFile /usr/local/apache/conf/ca.pem
SSLVerifyClient require
SSLVerifyDepth 1
OK,All install processes finished.