Apache Tomcat Configuration |
  
|
Apache Tomcat Configuration |
|
Note: Please see chapter Apache Tomcat Maintenance for details how to start/stop the Tomcat service.
Note: For details on the Tomcat Java properties, see http://j-integra.intrinsyc.com/support/com/doc/properties.html.
This chapter contains several guidelines how to configure Apache Tomcat after a successful installation. These post installation configuration settings will be defined in the Apache Tomcat Properties. Therefore, open the Tomcat configuration tool either from the Start menu or from the notification icon in the taskbar. Consider the previous chapter if you do not find the Tomcat Properties.
The first two settings (memory and COM settings) are mandatory and have to be configured in any case, whereas the security settings are optional. Configure the latter only if there is a security guideline that your network component communication is restricted for certain authentication methods which have to be synchronized with Apache Tomcat.
Tomcat memory settings (mandatory)
| • | Initial memory pool (this specifies the memory which is allocated when Tomcat starts) |
| • | Maximum memory pool (this specifies the maximum memory Tomcat is allowed to allocate) |
Note: It is recommended to set the Initial memory pool to at least 256 MB and the Maximum memory pool to at least 2048 MB.
Apache Tomcat configuration - Java memory settings
| • | -XX:MaxPermSize=256m (this option is needed for enabling Tomcat to load the big ArcObjects class library from Esri (1400 object classes)) |
Note: The entry -XX:MaxPermSize=256m is case sensitive. We recommend to insert the parameters in the Java Options using copy/paste.
If the parameters in the Java options are not entered correctly, Apache Tomcat will no longer start after a reboot.
Apache Tomcat configuration - MaxPermSize
After changing the Java options the Apache Tomcat must be restarted otherwise the changes will not take effect.
Tomcat security settings (optional)
If there is a security guideline that your network component communication is restricted for certain authentication methods, these methods have to be synchronized with Apache Tomcat.
Note: The parameter for the Tomcat security settings is just an optional parameter and only applies, if the complete environment follows a certain security guideline.
Note: If no LAN manager authentication level is set in your network or if LM, NTLM and NTLMv2 are not refused explicitly, you do not need to configure this setting.
Review your security setting of your GIS Server:
Execute secpol.msc, navigate to Security Settings > Local Policies > Security Options and double-click "Network security: LAN Manager authentication level".
Network security settings of GIS Server
Set the level in Java option of Tomcat configuration by adding:
| • | -DARCGIS_LM_COMPATIBILITY_LEVEL=<value of the level chosen from this list below> |
Value Meaning:
| • | 0: Clients use LM and NTLM authentication, but they never use NTLMv2 session security. Domain controllers accept LM, NTLM, and NTLMv2 authentication. |
| • | 1: Clients use LM and NTLM authentication, and they use NTLMv2 session security if the server supports it. Domain controllers accept LM, NTLM, and NTLMv2 authentication. |
| • | 2: Clients use only NTLM authentication, and they use NTLMv2 session security if the server supports it. Domain controller accepts LM, NTLM, and NTLMv2 authentication. |
| • | 3: Clients use only NTLMv2 authentication, and they can work with NTLMv2 session security if the server supports it. Domain controllers accept LM, NTLM, and NTLMv2 authentication. |
| • | 4: Clients use only NTLMv2 authentication, and they can work with NTLMv2 session security if the server supports it. Domain controller refuses LM authentication responses, but it accepts NTLM and NTLMv2. |
| • | 5: Clients use only NTLMv2 authentication, and they can work with NTLMv2 session security if the server supports it. Domain controller refuses LM and NTLM authentication responses, but it accepts NTLMv2. |
Tomcat security setting - LM compatibility setting