Each context in Tomcat is, by default, seperated into it's own file. These files can be found in TOMCAT_HOME/conf/ and always follow the same naming syntax of "apps-[appName].xml". Breaking each context out into it's own file allows for easier administration, however, if you do not wish to do maintain seperate file you may add contexts to the end of the TOMCAT_HOME/conf/server.xml file. First we will discuss how to create a very basic context file.

Create a context file in the TOMCAT_HOME/conf directory with the name apps-[yourAppName].xml

Start the file with the following lines: <?xml version="1.0" encoding="ISO-8859-1"?> <webapps>

The next line will tell Tomcat which URL will map to which web application, where the web application is located, the debug level you want for the application, and whether that application is reloadable. It should be noted that all directory paths are done relative to the TOMCAT_HOME directory. The line to do this looks like this; <Context path="/testApplication" docBase="webapps/testApp" debug="0" reloadable="true">.

The first attribute of the Context tag, path, determines how you access the web application from a url. The given path is what must be appended to the servers URL in order to access the application. For example, if your iPlanet server is iplanet.server.org then you would access your web application at iplanet.server.org/testApplication. The path you give can have as many "/"s in it as you want, and can contain any URL acceptable character.

The second attribte of the Context tag, docBase, is the location of your web application on the file system. As mentioned before, this path is always given relative to the TOMCAT_HOME path. Therefore, in this example, our application would be located /opt/tomcat/webapps/testApplication if our TOMCAT_HOME directory was /opt/tomcat. For windows users it might be located at d:\programs\tomcat\webapps\testApp" if Tomcat is installed in d:\programs\tomcat. This path should always point to the directory where the application are locate; standard practice usually puts the web application into the webapps directory.

The next two tags will rarely be change. The debug attribute can have a values of 0-9. 0 turns debug messages off while 1 - 9 print out more messages as you increase the number, meaning 9 prints out almost everything that is going on. You should NEVER leave debug messages turned on on a production server. You will most likely fill up your hard drive VERY fast. The reloadable tag also most often used on development servers. Setting this to "true" will tell Tomcat to reload servlet classes if they change. This allows developers to overwrite classes and use them without having to restart Tomcat. This feature however is error prone and can cause numerous exception and should therefore be turned off on productions servers.

To finish up this basic context descriptor file you need to close the Context and webapps tags by appending </Context> </webapps> to the end of your file. Thats all there is to creating a basic context discriptor.

Now that you have established a context within Tomcat you need to make the iPlanet server aware of it. This is done by editing the obj.conf again. There are a few things to be aware of though. First, it is better to have iPlanet handle requests for static content (HTML, gifs, jpgs, etc.). This requires that iPlanet be aware of your web applications location in order for it to access these files. While this is easily done you also want to deny web users access to the application's WEB-INF/ directory so that they can not access your Java classes and configuration files. Heres how all this is done.

First you need to make iPlanet aware of your web application's location. To this you need to add a line in your obj.conf file as follows: NamesTrans fn=pfx2dir from=[context path] dir="TOMCAT_HOME/webapps/[yourWebApp]". The context path referenced above is the same path you entered in your context descriptor in the "path" attribute. The directory path referenced above is the file system path to your web application. So for our example we've been using so far you would type NamesTrans fn=pfx2dir from="/testApplication" dir="/opt/tomcat/webapps/testApp" for Unix users or NameTrans fn=pfx2dir from="/testApplication" dir="d:\programs\tomcat\webapps\testApp" for the windows user.

The next step is secure your WEB-INF directory. This can be done one of two ways. The first way will only restrict the directory located in a specific web applications directory. This method should be used if you want to other people to have access to some applications' classes but not others. To do this you will need to add the line PathCheck fn="deny-existance" path="[pathToApp]/WEB-INF/*". In our example this would be PathCheck fn="deny-existance" path="/opt/tomcat/webapps/testApplication/WEB-INF/*" for Unix users and PathCheck fn="deny-existance" path="d:\programs\tomcat\webapps\testApplication\WEB-INF\*" for Windows users. Such a line would need to be added for everything application that wish to restrict access to. If you wish to deny web users access to every applications' class files, as is often the case, you need to add the following line: PathCheck fn="deny-existance" path="*/WEB-INF/*". This will make sure that no one can access any of your web applications' class files from the web.

The final step is to tell iPlanet exactly which requests you want sent to Tomcat. This is done by adding two more lines, per application that you wish to add, to the obj.conf file. The first line tells iPlanet to pass JSP requests to Tomcat. This is done with the directive NameTrans fn="assign-name" from="[context path]/*.jsp" name="servlet". In the case of our running example you would enter the line NameTrans fn="assign-name" from="testApplication/*.jsp" name="servlet". The next line tells iPlanet to pass off all Servlet requests to Tomcat. This is done using the directive NameTrans fn="assign-name" from="[context path]/servlet/*" name="servlet", so for our example we would use NameTrans fn=assign-name" from="/testApplication/servlet/*" name="servlet".

Overall, you should have added the following lines to your obj.conf file. PathCheck fn="deny-existance" path="*/WEB-INF/*" NamesTrans fn=pfx2dir from="/testApplication" dir="/opt/tomcat/webapps/testApp" NameTrans fn="assign-name" from="testApplication/*.jsp" name="servlet" NameTrans fn=assign-name" from="/testApplication/servlet/*" name="servlet" The last three lines must be added in for every web application that you wish the iPlanet server to be aware of.