最近应用需要升级Tomcat版本,启动时遇到的一些问题,记录一下。
背景:使用的docker容器,专门的运维人员帮忙升级了新的镜像。
问题:
1. 升级后直接重启了应用,发现不能访问。查看日志发现抛异常找不到配置文件,查看发现docker里面配置的配置文件都在原来的tomcat7的conf目录下,更改后重启。重启后仍然不成功,查看日志一步一步来。
2. 修改context.xml,报错:无法加载资源工厂类dbcp
[ERROR][org.springframework.web.context.ContextLoader] Context initialization failed org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'xxx' defined in ServletContext resource [/WEB-INF/applicationContext-beans.xml] Cannot resolve reference to bean 'dataSource' while setting bean property 'dataSource'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'dataSource' defined in ServletContext resource [/WEB-INF/applicationContext-dataSource.xml : Invocation of init method failed; nested exception is javax.naming.NamingException: 无法加载资源工厂类 [Root exception is java.lang.ClassNotFoundException:org.apache.tomcat.dbcp.dbcp.BasicDataSourceFactory]
搜索后发现tomcat7 和 tomcat8的工厂类名称发生了变化,所以找不到了,解决方法很简单,将conf目录下context.xml文件修改,
factory改为:
factory="org.apache.tomcat.dbcp.dbcp.BasicDataSourceFactory"
同时 tomcat7中一些参数名在Tomcat8中也发生了变化,比如:maxActive需改写为maxTotal,maxWait需改写为maxWaitMillis,还有一些可自行对照了改。
3. 修改server.xml,上述配置文件修改后,日志仍然报错:找不到JapperListener类,
java.lang.ClassNotFoundException: org.apache.catalina.core.JasperListener
对比tomcat7 与 tomcat 8 的 server.xml文件发现8里面没有这个类,直接注释掉。
启动后又报错:
The AJP Connector is configured with secretRequired="true" but the secret attribute is either null or "". This combination is not valid.
原来8版本的tomcat有个属性 secretRequired需要给设置值:
<Connector port=
"8009"
protocol=
"AJP/1.3"
redirectPort=
"8443"
/>
设置成""就可以了,也就是下面的设置结果:
<Connector port=
"8009"
protocol=
"AJP/1.3"
redirectPort=
"8443"
secretRequired=
""
/>
4. 修改web.xml文件
报错:
org.apache.tomcat.util.descriptor.web.SecurityConstraint.findUncoveredHttpMethods For security constraints with URL pattern [/*]
only the HTTP methods [TRACE HEAD DELETE OPTIONS PUT] are covered. All other methods are uncovered
修改方式类似下面这种改法:
<security-constraint>
<web-resource-collection>
<url-pattern>/bg/c/portal/protected</url-pattern>
<http-method>POST</http-method>
<http-method>GET</http-method>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>...</transport-guarantee>
</user-data-constraint>
</security-constraint>
改成下面这种,再增加一个安全配置,使所有的请求通过:
<security-constraint> <web-resource-collection> <url-pattern>/bg/c/portal/protected</url-pattern> <http-method>POST</http-method> <http-method>GET</http-method> </web-resource-collection> <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> </security-constraint> <security-constraint> <web-resource-collection> <url-pattern>/bg/c/portal/protected</url-pattern> </web-resource-collection> <user-data-constraint> <transport-guarantee>NONE</transport-guarantee> </user-data-constraint> </security-constraint>
后来还有登录页面出来了,但是登录不上去,可能使数据源的加密方式改了,需要重新加密用户名密码吧。因为是测试环境,直接使用了明文username/password。