/
listeners.xml
492 lines (373 loc) · 20.3 KB
/
listeners.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
<?xml version="1.0" encoding="UTF-8"?>
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
contributor license agreements. See the NOTICE file distributed with
this work for additional information regarding copyright ownership.
The ASF licenses this file to You under the Apache License, Version 2.0
(the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<!DOCTYPE document [
<!ENTITY project SYSTEM "project.xml">
]>
<document url="listeners.html">
&project;
<properties>
<title>The LifeCycle Listener Component</title>
</properties>
<body>
<section name="Table of Contents">
<toc/>
</section>
<section name="Introduction">
<p>A <strong>Listener</strong> element defines a component that performs
actions when specific events occur, usually Tomcat starting or Tomcat
stopping.</p>
<p>Listeners may be nested inside a <a href="server.html">Server</a>,
<a href="engine.html">Engine</a>, <a href="host.html">Host</a> or
<a href="context.html">Context</a>. Some Listeners are only intended to be
nested inside specific elements. These constraints are noted in the
documentation below.</p>
</section>
<section name="Attributes">
<subsection name="Common Attributes">
<p>All implementations of <strong>Listener</strong>
support the following attributes:</p>
<attributes>
<attribute name="className" required="true">
<p>Java class name of the implementation to use. This class must
implement the <code>org.apache.catalina.LifecycleListener</code>
interface.</p>
</attribute>
</attributes>
</subsection>
</section>
<section name="Nested Components">
<p>No element may be nested inside a <strong>Listener</strong>.</p>
</section>
<section name="Standard Implementations">
<p>Unlike most Catalina components, there are several standard
<strong>Listener</strong> implementations available. As a result,
the <code>className</code> attribute MUST be used to select the
implementation you wish to use.</p>
<subsection name="APR Lifecycle Listener - org.apache.catalina.core.AprLifecycleListener">
<p>The <strong>APR Lifecycle Listener</strong> checks for the presence of
the APR/native library and loads the library if it is present. For more
information see the <a href="../apr.html">APR/native guide</a>.</p>
<p>This listener must only be nested within <a href="server.html">Server</a>
elements.</p>
<p>The following additional attributes are supported by the <strong>APR
Lifecycle Listener</strong>:</p>
<attributes>
<attribute name="SSLEngine" required="false">
<p>Name of the SSLEngine to use. <code>off</code>: do not use SSL,
<code>on</code>: use SSL but no specific ENGINE.</p>
<p>The default value is <b>on</b>. This initializes the
native SSL engine, which must be enabled in the APR/native connector by
the use of the <code>SSLEnabled</code> attribute.</p>
<p>See the <a href="http://www.openssl.org/">Official OpenSSL website</a>
for more details on supported SSL hardware engines and manufacturers.
</p>
<p>Tomcat Native 2.x onwards requires SSL so if SSLEngine is set to
<code>off</code> when using Tomcat Native 2.x onwards, the APR/native
library will be disabled.</p>
</attribute>
<attribute name="SSLRandomSeed" required="false">
<p>Entropy source used to seed the SSLEngine's PRNG. The default value
is <code>builtin</code>. On development systems, you may want to set
this to <code>/dev/urandom</code> to allow quicker start times.</p>
</attribute>
<attribute name="FIPSMode" required="false">
<p>The behaviour of this attribute depends on whether Tomcat Native has
been compiled against OpenSSL 1.x or OpenSSL 3.x.</p>
<p>For OpenSSL 1.x: Set to <code>on</code> to request that OpenSSL be in
FIPS mode (if OpenSSL is already in FIPS mode, it will remain in FIPS
mode).
Set to <code>enter</code> to force OpenSSL to enter FIPS mode (an
error will occur if OpenSSL is already in FIPS mode).
Set to <code>require</code> to require that OpenSSL <i>already</i> be
in FIPS mode (an error will occur if OpenSSL is not already in FIPS
mode).</p>
<p>For OpenSSL 3.x: <code>on</code>, <code>enter</code> and
<code>require</code> all behave the same way. If the FIPS provider is
the default provider, it will be used. If the FIPS provider is not the
default provider, an error will occur.</p>
<p>FIPS mode <em>requires you to have a FIPS-capable OpenSSL library</em>.
If this attribute is set to anything other than <code>off</code>, the
<b>SSLEngine</b> must be enabled as well.</p>
<p>The default value is <code>off</code>.</p>
</attribute>
<attribute name="useOpenSSL" required="false">
<p>This attribute controls the auto-selection of the OpenSSL JSSE
implementation. The default is <code>true</code> which will use OpenSSL
if the native library is available and a NIO or NIO2 connector is used.</p>
</attribute>
</attributes>
</subsection>
<subsection name="Global Resources Lifecycle Listener - org.apache.catalina.mbeans.GlobalResourcesLifecycleListener">
<p>The <strong>Global Resources Lifecycle Listener</strong> initializes the
Global JNDI resources defined in server.xml as part of the <a
href="globalresources.html">Global Resources</a> element. Without this
listener, none of the Global Resources will be available.</p>
<p>This listener must only be nested within <a href="server.html">Server</a>
elements.</p>
<p>No additional attributes are supported by the <strong>Global Resources
Lifecycle Listener</strong>.</p>
</subsection>
<subsection name="JNI Library Loading Listener - org.apache.catalina.core.JniLifecycleListener">
<p>The <strong>JNI Library Loading Listener</strong> makes it possible
for multiple Webapps to use a native library, by loading the native
library using a shared class loader (typically the Common class loader but
may vary in some configurations)</p>
<p>The listener supports two mutually exclusive attributes, so one of them must be used, but you can not use both together:</p>
<attributes>
<attribute name="libraryName" required="false">
<p>The name of the native library, as defined in
<code>java.lang.System.loadLibrary()</code>
</p>
</attribute>
<attribute name="libraryPath" required="false">
<p>The absolute path of the native library, as defined in
<code>java.lang.System.load()</code>
</p>
</attribute>
</attributes>
</subsection>
<subsection name="JRE Memory Leak Prevention Listener - org.apache.catalina.core.JreMemoryLeakPreventionListener">
<p>The <strong>JRE Memory Leak Prevention Listener</strong> provides
work-arounds for known places where the Java Runtime environment uses
the context class loader to load a singleton as this will cause a memory
leak if a web application class loader happens to be the context class
loader at the time. The work-around is to initialise these singletons when
this listener starts as Tomcat's common class loader is the context class
loader at that time. It also provides work-arounds for known issues that
can result in locked JAR files.</p>
<p>This listener must only be nested within <a href="server.html">Server</a>
elements.</p>
<p>The following additional attributes are supported by the <strong>JRE
Memory Leak Prevention Listener</strong>:</p>
<attributes>
<attribute name="appContextProtection" required="false">
<p>Enables protection so that calls to
<code>sun.awt.AppContext.getAppContext()</code> triggered by a web
application do not result in a memory leak. Note that enabling this
protection will trigger a requirement for a graphical environment unless
Java is started in head-less mode. The default is <code>false</code>.
</p>
</attribute>
<attribute name="classesToInitialize" required="false">
<p>List of comma-separated fully qualified class names to load and initialize
during the startup of this Listener. This allows to pre-load classes that are
known to provoke classloader leaks if they are loaded during a request
processing. Non-JRE classes may be referenced, like
<code>oracle.jdbc.driver.OracleTimeoutThreadPerVM</code>.
The default value is empty, but specific JRE classes are loaded by other leak
protection features managed by other attributes of this Listener.</p>
</attribute>
<attribute name="driverManagerProtection" required="false">
<p>The first use of <code>java.sql.DriverManager</code> will trigger the
loading of JDBC Drivers visible to the current class loader and its
parents. The web application level memory leak protection can take care
of this in most cases but triggering the loading here has fewer
side-effects. The default is <code>true</code>.</p>
</attribute>
<attribute name="initSeedGenerator" required="false">
<p>The first use of <code>SeedGenerator</code>, an internal class of
the default security spi implementation, might create a thread on some
platforms. Depending on the timing of the first use of a secure random
this thread might become associated with a webapp classloader, causing
a memory leak. Setting this to <code>true</code> will initialize the
seed. The default is <code>false</code> to avoid consuming random if
not needed.</p>
</attribute>
<attribute name="urlCacheProtection" required="false">
<p>Enables protection so that reading resources from JAR files using
<code>java.net.URLConnection</code>s does not result in the JAR file
being locked. Note that enabling this protection disables caching by
default for all resources obtained via
<code>java.net.URLConnection</code>s. Caching may be re-enabled on a
case by case basis as required. Defaults to <code>true</code>.</p>
</attribute>
</attributes>
<subsection name="JreMemoryLeakPreventionListener Examples">
<p>The following is an example of how to configure the
<code>classesToInitialize</code> attribute of this listener.</p>
<p>If this listener was configured in server.xml as:</p>
<source><![CDATA[ <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener"
classesToInitialize="oracle.jdbc.driver.OracleTimeoutThreadPerVM" />]]></source>
<p>then the <code>OracleTimeoutThreadPerVM</code> class would be loaded
and initialized during listener startup instead of during request
processing.</p>
</subsection>
</subsection>
<subsection name="Security Lifecycle Listener - org.apache.catalina.security.SecurityListener">
<p>The <strong>Security Lifecycle Listener</strong> performs a number of
security checks when Tomcat starts and prevents Tomcat from starting if they
fail. The listener is not enabled by default. To enabled it uncomment the
listener in $CATALINA_BASE/conf/server.xml.</p>
<p>This listener must only be nested within <a href="server.html">Server</a>
elements.</p>
<p>The following additional attributes are supported by the <strong>Security
Lifecycle Listener</strong>:</p>
<attributes>
<attribute name="checkedOsUsers" required="false">
<p>A comma separated list of OS users that must not be used to start
Tomcat. If not specified, the default value of <b>root</b> is used. To
disable this check, set the attribute to the empty string. Usernames
are checked in a case-insensitive manner.</p>
</attribute>
<attribute name="minimumUmask" required="false">
<p>The least restrictive umask that must be configured before Tomcat
will start. If not specified, the default value of <b>0007</b> is used.
To disable this check, set the attribute to the empty string. The check
is not performed on Windows platforms.</p>
</attribute>
</attributes>
</subsection>
<subsection name="StoreConfig Lifecycle Listener - org.apache.catalina.storeconfig.StoreConfigLifecycleListener">
<p>The <strong>StoreConfig Lifecycle Listener</strong> configures a
StoreConfig MBean that may be used to save the current server configuration
in server.xml or the current configuration for a web application in a
context.xml file.</p>
<p>This listener must only be nested within <a href="server.html">Server</a>
elements.</p>
<p>The following additional attributes are supported by the
<strong>StoreConfig Lifecycle Listener</strong>:</p>
<attributes>
<attribute name="storeConfigClass" required="false">
<p>The name of the <code>IStoreConfig</code> implementation to use. If
not specified the default of
<code>org.apache.catalina.storeconfig.StoreConfig</code> will be
used.</p>
</attribute>
<attribute name="storeRegistry" required="false">
<p>The URL of the configuration file that configures how the
<code>IStoreConfig</code> is to save the configuration. If not specified
the built in resource
<code>/org/apache/catalina/storeconfig/server-registry.xml</code> will
be used.</p>
</attribute>
</attributes>
</subsection>
<subsection name="ThreadLocal Leak Prevention Listener - org.apache.catalina.core.ThreadLocalLeakPreventionListener">
<p>The <strong>ThreadLocal Leak Prevention Listener</strong> triggers the
renewal of threads in <a href="executor.html">Executor</a> pools when a
<a href="context.html">Context</a> is being stopped to avoid thread-local
related memory leaks. Active threads will be renewed one by one when they
come back to the pool after executing their task. The renewal happens
only for contexts that have their <code>renewThreadsWhenStoppingContext</code>
attribute set to <code>true</code>.</p>
<p>This listener must only be nested within <a href="server.html">Server</a>
elements.</p>
<p>No additional attributes are supported by the <strong>ThreadLocal Leak
Prevention Listener</strong>.</p>
</subsection>
<subsection name="UserConfig - org.apache.catalina.startup.UserConfig">
<p>The <strong>UserConfig</strong> provides feature of User Web Applications.
User Web Applications map a request URI starting with a tilde character ("~")
and a username to a directory (commonly named public_html) in that user's
home directory on the server.</p>
<p>See the <a href="host.html#User_Web_Applications">User Web Applications</a>
special feature on the <strong>Host</strong> element for more information.</p>
<p>The following additional attributes are supported by the
<strong>UserConfig</strong>:</p>
<attributes>
<attribute name="directoryName" required="false">
<p>The directory name to be searched for within each user home directory.
The default is <code>public_html</code>.</p>
</attribute>
<attribute name="userClass" required="false">
<p>The class name of the user database class.
There are currently two user database, the
<code>org.apache.catalina.startup.PasswdUserDatabase</code> is used on a
Unix system that uses the /etc/passwd file to identify valid users.
The <code>org.apache.catalina.startup.HomesUserDatabase</code> is used on
a server where /etc/passwd is not in use. HomesUserDatabase deploy all
directories found in a specified base directory.</p>
</attribute>
<attribute name="homeBase" required="false">
<p>The base directory containing user home directories. This is effective
only when <code>org.apache.catalina.startup.HomesUserDatabase</code> is
used.</p>
</attribute>
<attribute name="allow" required="false">
<p>A regular expression defining user who deployment is allowed. If this
attribute is specified, the user to deploy must match for this pattern.
If this attribute is not specified, all users will be deployed unless the
user matches a deny pattern.</p>
</attribute>
<attribute name="deny" required="false">
<p>A regular expression defining user who deployment is denied. If this
attribute is specified, the user to deploy must not match for this
pattern. If this attribute is not specified, deployment of user will be
governed by a allow attribute.</p>
</attribute>
</attributes>
</subsection>
<subsection name="Version Logging Lifecycle Listener - org.apache.catalina.startup.VersionLoggerListener">
<p>The <strong>Version Logging Lifecycle Listener</strong> logs Tomcat, Java
and operating system information when Tomcat starts.</p>
<p>This listener must only be nested within <a href="server.html">Server</a>
elements and should be the first listener defined.</p>
<p>The following additional attributes are supported by the <strong>Version
Logging Lifecycle Listener</strong>:</p>
<attributes>
<attribute name="logArgs" required="false">
<p>If <code>true</code>, the command line arguments passed to Java when
Tomcat started will be logged. If not specified, the default value of
<code>true</code> will be used.</p>
</attribute>
<attribute name="logEnv" required="false">
<p>If <code>true</code>, the current environment variables when Tomcat
starts will be logged. If not specified, the default value of
<code>false</code> will be used.</p>
</attribute>
<attribute name="logProps" required="false">
<p>If <code>true</code>, the current Java system properties will be
logged. If not specified, the default value of
<code>false</code> will be used.</p>
</attribute>
</attributes>
</subsection>
<subsection name="HTTPD mod_heartmonitor Listener - org.apache.catalina.ha.backend.HeartbeatListener">
<p>The <strong>HTTPD mod_heartmonitor Listener</strong> allows tomcat to send heart beat message to
the Apache HTTPD mod_heartmonitor module.</p>
<p>The following additional attributes are supported by the <strong>HTTPD mod_heartmonitor
Listener</strong>:</p>
<attributes>
<attribute name="Port" required="false">
<p>Port the connector that will received proxied traffic from HTTPD, default the first connector will be used</p>
</attribute>
<attribute name="Host" required="false">
<p>Host it is the IP corresponding the <strong>address</strong> of the connector that will received proxied traffic,
default empty the <strong>Port</strong> will be used</p>
</attribute>
<attribute name="proxyURL" required="false">
<p>proxyURL is the URL corresponding to the <strong>Location</strong> in httpd configuration of the heartbeat Handler,
default /HeartbeatListener</p>
</attribute>
<attribute name="ProxyList" required="false">
<p>ProxyList is the list of proxies from which tomcat is going to receive requests,
formatted like "address:port,address:port" once filled the multicast logic is disable and the multi parameters are
ignored</p>
</attribute>
<attribute name="Group" required="false">
<p>Group is the Multicast IP to broadcast messages to HTTPD, default 224.0.1.105</p>
</attribute>
<attribute name="Multiport" required="false">
<p>Multiport is the Multicast port to broadcast messages to HTTPD, default 23364</p>
</attribute>
<attribute name="Ttl" required="false">
<p>Ttl is the TTL for the broadcast messages, default 16</p>
</attribute>
</attributes>
</subsection>
</section>
</body>
</document>