Fuseki2 with Tomcat on CentOS

Tomcat Installation on CentOS 7

CentOS 7.x comes with Tomcat 7.0.54, which works with OpenJDK 1.8.0_65 or Oracle Java. Java 8 is required from Fuseki v2.3.0 onward.

yum install tomcat tomcat-admin-webapps tomcat

Different from tarball download version, the installation is FHS-compatible:

• Start/Stop: tomcat.service
• Config: /etc/tomcat/* and /etc/sysconfig/tomcat
• Logs: /var/log/tomcat
• Webapps: /var/lib/tomcat/webapps

Tomcat Basic Configuration

Add an user for the web interface

• Add an user with admin roles in /etc/tomcat/tomcat-users.xml

It should then be possible to invoke

http://example.org:8080/manager

with the GUI manager application.

Enable utf-8

By default, even Tomcat 7.x does not work with utf-8. Two settings have to be changed:

• In server.xml, add URIEncoding="UTF-8" to the Connector statement for port 8080

• In web.xml, uncomment the following statement:

    <filter>
        <filter-name>setCharacterEncodingFilter</filter-name>
        <filter-class>org.apache.catalina.filters.SetCharacterEncodingFilter</filter-class>
        <init-param>
            <param-name>encoding</param-name>
            <param-value>UTF-8</param-value>
        </init-param>
        <async-supported>true</async-supported>
    </filter>

Fuseki2 Deployment

!!! TODO: DESCRIBE tomcat/bin/setenv.sh !!!

• Create a directory for FUSEKI_BASE (defaults to /etc/fuseki) on the host with write permissions for the tomcat user, e.g.

    chown -R :tomcat /etc/fuseki
    chmod -R g+w /etc/fuseki

• At least for the read/write services, make tdb and tdb_lucene directories writable by the tomcat user, e.g.

    chown -R :tomcat ./*/*/tdb*
    chmod -R g+w ./*/*/tdb*

• Optionally, unset FUSEKI_HOME environment variable - does not apply to war deployments
• Extract fuseki.war from the distribution zip file
• Upload/deploy it in the manager app via "WAR file to deploy", or copy it to the webapps directory indicated above
• In $FUSEKI_BASE/shiro.ini, enable access (remove restriction to localhost)
• Start Fuseki via the start button in the manager application. If something goes wrong with startup, details are in /var/log/tomcat/localhost.YYYY-MM-DD.log.
• Normally,

http://example.org:8080/fuseki

should come up with an overview page over defined datasets.

Security concept

The concept used for http://zbw.eu/beta/sparql relies on Apache httpd mechanisms, in particular basic auth for r/w and administrative access, and tries to ignore the mechanisms defined in tomcat and shiro.

1. The tomcat port 8080 is not accessible from outside (via firewall config).
2. Only query endpoints are allowed for public access. Therefore, for each of these endpoints, a reverse proxy is defined in the httpd config:

ProxyPass         /beta/sparql/stw/query  http://127.0.0.1:8080/fuseki/stw/query
ProxyPassReverse  /beta/sparql/stw/query  http://127.0.0.1:8080/fuseki/stw/query

3. The administrative interfaces for tomcat and for fuseki are also accessed via reverse proxy rules. The locations are protected by httpd basic auth.
4. For now, data loading and updates are only possible locally.

Legacy CentOS 5/6

Tomcat Installation on CentOS 5/6

Fuseki2 requires at least java 8 and tomcat 7, so the Redhat/CentOS tomcat6 package does not work (server error 500). A tomcat7 rpm seems not available. Therefore:

• Download the tomcat 7 distribution file and unpack it (e.g., as /opt/tomcat).
• Let $CATALINA_HOME env var point to this directory, and make sure that $JAVA_HOME is defined.
• Create linux user for tomcat.
• Make $CATALINA_HOME subdirectories
  • webapps
  • logs
  • work
  • temp
• ... writeable and $CATALINA_HOME/conf readable by this user.
• More detailed instructions and an example of a /etc/init.d/tomcat file here.

Tomcat Basic Configuration

• Add a role "manager-gui" and an user with that role in tomcat-users.xml

It should be possible to invoke

http://example.org:8080/manager

with the GUI manager application.

Fuseki 2 Installation on CentOS 5/6

• Create a directory for $FUSEKI_BASE to hold the Fuseki runtime files as well as the configuration (defaults to /etc/fuseki, which should be changed to, e.g. /opt/fuseki/run). Give write permissions for the tomcat user, e.g.

    chown -R :tomcat /opt/fuseki/run
    chmod -R g+w /opt/fuseki/run

• If databases are in different locations, at least for the read/write services, make tdb and tdb_lucene directories writable by the tomcat user, e.g.

    chown -R :tomcat ./*/*/tdb*
    chmod -R g+w ./*/*/tdb*

• Set $FUSEKI_BASE in the tomcat environment, by creating $CATALINA_HOME/bin/setenv.sh and adding

    export FUSEKI_BASE=/opt/fuseki/run

• Optionally, unset any $FUSEKI_HOME environment variable - does not apply to war deployments
• Extract fuseki.war from the distribution zip file
• Upload/deploy it in the manager app via "WAR file to deploy", or copy it to the webapps directory indicated above
• In $FUSEKI_BASE/shiro.ini, enable access (remove restriction to localhost)
• Start Fuseki via the start button in the manager application. If something goes wrong with startup, details are in $CATALINA_HOME/logs/localhost.YYYY-MM-DD.log.
• Normally,

http://example.org:8080/fuseki

should come up with an overview page over defined datasets.

Ruby Installation on CentOS 5

Fuseki's s-put procedures require Ruby. CentOS 5 comes with Ruby 1.8.5. This results in errors (e.g., /opt/fuseki/s-put:124: undefined method `start_with?' for "s-put":String (NoMethodError)).

Current Ruby (2.2.2) does not compile smoothly, so I used (somehow arbitrarily) ruby-1.9.2-p290.tar.gz.

  ./configure --prefix=/opt/ruby192
  make
  make test
  make install

For CentOS 6, a rpm package seems available.

Weblinks

• Jena dev repository
• Fuseki2
• Fuseki2 Text Query
• SPARQL Over HTTP
• Install Fuseki Jena Text
• Fuseki Tuning (with Jetty)