lighttpd and Java application servers: integrating JSP and Servlets

Posted 2007-09-09 in WWW by Johann.

In this blog entry, I’ll show you how to integrate lighttpd in a JEE environment. After performing all the changes, lighty will transparently proxy your Java application server.

1. When to use lighttpd

You can use lighttpd to

  • secure access to your application server
  • reduce load on your server by offloading static requests
  • load balance your application servers
  • use lighttpd’s spambot and bad bot blocking capabilities
  • get more request rewriting and redirecting flexibility
  • use the above flexibility to improve your search engine rankings
  • profit.

2. When not to use lighttpd

You might not like lighttpd if you

  • don’t like configuring software
  • use URL rewriting and ;jsessionid.

3. lighttpd modules you need

The following lighty modules are needed:

  • mod_access
  • mod_redirect
  • mod_rewrite
  • mod_proxy

Add them to your server.modules section:

server.modules = (
 "mod_accesslog",
 "mod_access",
 "mod_redirect",
 "mod_rewrite",
 "mod_proxy",
 "mod_status",
 "mod_evhost",
 "mod_expire"
)

4. Denying access to JEE directories

The WEB-INF and META-INF directories shouldn’t be accessible through lighttpd. Files from your development environment also shouldn’t be visible.

url.access-deny = ( "WEB-INF", ".classpath", ".project", "META-INF" )

5. Binding your application server to localhost

To prevent duplicate content penalties, your application server shouldn’t be visible from the web. Even if you run it on a high port, someone might eventually find it.

Binding a web site to localhost looks like this in Orion’s <name>-web-site.xml:

<web-site host="127.0.0.1" port="12345">
	<frontend host="johannburkard.de" port="80"/>

Consult your documentation if you aren’t using Orion.

6. Redirecting www. to non-www. hosts

Even if you don’t really need to do this, I recommend doing so. Removing duplicate content will improve your rankings.

The following snippet redirects all visitors from www.<domain> to <domain> with a 301 permanent redirect.

$HTTP["host"] =~ "^www\.(.*)$" {
 url.redirect = ( "^/(.*)" => "http://%1/$1" )
}

You should also redirect all additional domains (johannburkard.com, johann-burkard.org) to your main domain.

7. Proxying dynamic requests

We will use mod_proxy to proxy some requests to your Java application server.

Depending on your site’s structure, one of the following approaches will work better.

Simple JSP

If all you have is a bunch of Java Server Pages, the following mod_proxy rule is sufficient:

proxy.server = ( ".jsp" =>
 (
  ( "host" => "127.0.0.1",
    "port" => "12345"
  )
 )
)

Note that the JSP must be actual files. You cannot use Servlets mapped to these URIs.

Applications

If you use Servlets or more complex applications, you can proxy URIs by prefix:

proxy.server = ( "/blog/" =>
 (
  ( "host" => "127.0.0.1",
    "port" => "12345"
  )
 )
)

Proxying with exceptions

If most of your site is dynamic and you have a directory for static content (/assets, /static or so), you can proxy all requests except requests for static files:

$HTTP["url"] !~ "^/static" {
 proxy.server = ( "" =>
  (
   ( "host" => "127.0.0.1",
     "port" => "12345"
   )
  )
 )
}

8. Rewriting requests

lighttpd can dynamically rewrite requests. I mostly use this to use default.jsp as dynamic index file instead of index.html. Here’s an example:

url.rewrite-once = ( "^(.*)/$" => "$1/default.jsp",
 "^(.*)/([;?]+.*)$" => "$1/default.jsp$2" )

This is visible at gra0.com and internally rewrites all requests from / to /default.jsp (including jsessionid and query string).

mod_rewrite can also be used to make URLs shorter. For example, to remove the ?page=comments query string, I use the following:

url.rewrite-once = (
 "^/blog/(.*)\.html$" => "/blog/$1.html?page=comments"
)

9. Redirecting requests

You can use mod_redirect to redirect the user to a different URL. Contrary to mod_rewrite where the request is rewritten, a 301 permanent redirect will be sent to the browser.

In this example, I’m redirecting requests to an old domain to a new domain:

$HTTP["host"] == "olddomain.com" {
 url.redirect = (
  "^/(.*)$" => "http://newdomain.com/$1"
 )
}

10. More things to be aware of

  • The only IP address in your application server log files should be 127.0.0.1. If you need the original address, log the X-FORWARDED-FOR header.
  • Don’t analyze both lighttpd and application server logs – lighty’s log files already contain all requests.
  • You might want to set up virtual hosts sooner or later.
  • Use mod_expire to make resources cacheable. Doing so can make your site a lot faster and save you money.

2 comments

#1 2007-09-25 by Piero Sartini

Just want to note that with lighty 1.5 [1] there is ajp13 support in the proxy module (mod_proxy_backend_ajp13).

The ;jsessionid= issue is resolved as well (at least it worked for me after using the right regex).

[1] (http://blog.lighttpd.net/articles/2007/09/06/pre-release-lighttpd-1-5-0-r1992)

#2 2008-01-24 by Johann

Piero,

thanks for the linking, I'm looking forward to the 1.5 version of lighty.

Subscribe

RSS 2.0, Atom or subscribe by Email.

Top Posts

  1. DynaCloud - a dynamic JavaScript tag/keyword cloud with jQuery
  2. 6 fast jQuery Tips: More basic Snippets
  3. xslt.js version 3.2 released
  4. xslt.js version 3.0 released XML XSLT now with jQuery plugin
  5. Forum Scanners - prevent forum abuse
  6. Automate JavaScript compression with YUI Compressor and /packer/

Categories

Navigation