Page 1 of 2 12 LastLast
Results 1 to 10 of 18

Thread: Accessing Zimbra 5.0 Through Another Apache Instance (with AJP/mod_jk)

  1. #1
    Join Date
    Dec 2007
    Posts
    10
    Rep Power
    8

    Default Accessing Zimbra 5.0 Through Another Apache Instance (with AJP/mod_jk)

    Sorry to post the same question again, but somehow my original thread self-destructed after one day The server maintainers probably want to look into that...

    I would like to run Zimbra 5.0.0 GA open source edition alongside another web application on the same web server host/port. Both will be accessed through HTTPS on port 443; Zimbra will have its own virtual directory /zimbra/ and the other application will have a different directory.

    A method of accomplishing this is described in this tutorial, in which AJP is enabled on the Tomcat container, and then Apache is configured to use mod_jk to serve Zimbra. However, Zimbra 5.0 uses Jetty instead of Tomcat, and I haven't been able to get AJP working on Jetty. Based on the Jetty documentation, I've tried adding the following into /opt/zimbra/jetty/etc/jetty.xml.in:

    HTML Code:
    <Call name="addConnector">
      <Arg>
        <New id="ajp" class="org.mortbay.jetty.ajp.Ajp13SocketConnector">
          <Set name="port">8009</Set>
        </New>
      </Arg>
    </Call>
    ...but adding those lines actually takes down Jetty completely and stops the entire Zimbra web interface on all ports.

    The only Jetty log files I see are located in /opt/zimbra/jetty/logs and are named access_log.YYYY-MM-DD. Those files don't seem to contain anything useful. So I haven't found out yet what Jetty is choking on.

    Does anyone know if Zimbra's packaging of Jetty includes the necessary JAR files for enabling AJP?

    Thanks for helping.
    Last edited by dpward; 12-23-2007 at 03:57 PM.

  2. #2
    Join Date
    Dec 2007
    Posts
    10
    Rep Power
    8

    Default Figured it out

    Well I answered my own question...

    As I suspected, Zimbra's packaging of Jetty does not include the JAR file necessary to enable AJP. For Zimbra 5.0.0 GA, download Jetty 6.1.5, and extract jetty-6.1.5/lib/ext/jetty-ajp-6.1.5.jar to /opt/zimbra/jetty/lib/ext/jetty-ajp-6.1.5.jar.

    Next, the code block in my above post does indeed need to be added to /opt/zimbra/jetty/etc/jetty.xml.in.

    The only additional change from the directions for Zimbra 4.5 is that, to prevent service errors from appearing, /opt/zimbra/jetty/etc/service.web.xml.in needs to be modified as follows:

    To enable Zimbra user access, look for instances of the allowed.ports parameter where the value contains %%zimbraMailPort%% and %%zimbraMailSSLPort%%, like this for example:

    HTML Code:
          <param-name>allowed.ports</param-name>
          <param-value>%%zimbraMailPort%%, %%zimbraMailSSLPort%%, 7070, 7443, 7071</param-value>
    Then just add port 8009 to the end of the port list:

    HTML Code:
          <param-name>allowed.ports</param-name>
          <param-value>%%zimbraMailPort%%, %%zimbraMailSSLPort%%, 7070, 7443, 7071, 8009</param-value>
    To enable Zimbra admin access (which I haven't done), you should be able to do the same thing, except look for instances of allowed.ports where the value contains 7071, and then add 8009 to the end of the port list there as well.



    (I still don't know why my original thread imploded in this forum...)
    Last edited by dpward; 12-23-2007 at 03:59 PM.

  3. #3
    Join Date
    May 2006
    Location
    USA
    Posts
    6,242
    Rep Power
    21

    Default

    I see it, it got stuck in the anti-spam moderation database after you edited it, both Bill and I have tried to approve it without success (& delete it as it's now a duplicate). Don't worry about it, John will fix your entry in the database when he returns from holiday vacation (you can read more about it here: http://www.zimbra.com/forums/announc...ty-update.html). Anyways, welcome to the forums! Feel free to add your notes to the wiki articles as well for others who are starting to make the switch to 5.0
    Last edited by mmorse; 12-23-2007 at 04:09 PM. Reason: link

  4. #4
    Join Date
    Oct 2005
    Location
    Thatcher, AZ
    Posts
    5,606
    Rep Power
    21

    Default

    Sorry,
    Our forum was really hungry and ate your post. I've informed our support team of what happened, and you'll get an update.

    Periodically (every 600 posts or so), our spam moderation system goes nuts. It gets cranky and eats a post. Sorry about that.

  5. #5
    Join Date
    May 2006
    Location
    USA
    Posts
    6,242
    Rep Power
    21

    Default

    Oh was it my turn to feed that thing?
    I see your hard at work updating the wiki Dpward - Thanks!
    Zimbra with Apache using mod jk - mod proxy - mod proxy ajp - Zimbra :: Wiki

  6. #6
    Join Date
    Dec 2007
    Posts
    10
    Rep Power
    8

    Default

    Thanks Mike and John for your help - as you saw, I have updated the wiki with the directions for what I did.

    I have created a enhancement request in Bugzilla concerning direct support for enabling/configuring AJP using the Zimbra administrative console/UI. This would avoid the need to modify files in the Jetty distribution by hand or to download the JAR file for AJP. Vote now: bug 23269


    Additionally, I am running into some occasional issues, and I can't figure out what is causing them:


    • Sometimes when I click on an attachment link in an e-mail, this message appears from Apache instead: "The server is temporarily unable to service your request due to maintenance downtime or capacity problems. Please try again later." This does not happen if I use Zimbra's HTTP/HTTPS ports.

    • After I import contacts from an Oulook PST file using the Zimbra utility, then I receive a "service failure" message when using that particular account right after I log in or click on certain items...but this only happens on the account that I imported the contacts into, AND only when I access it through AJP. It does not seem to cause any problems if I am using Zimbra's HTTP/HTTPS ports. The error goes away when I delete and recreate the account. I've only tried this with one PST file and it may be something specific to the data I am trying to import, I don't know...


    Any ideas?

  7. #7
    Join Date
    Jan 2008
    Posts
    79
    Rep Power
    7

    Default

    Hi!
    Trying to follow the instructions in this thread and in the wiki howto but I can't get it to work.

    I have a CentOS 5 with ZCS 5 and the httpd-rpm installed. I have copied the ajp-jar from the jetty-zip (this is missing from the wiki?) and changed jetty.xml.in and services.xml.in according to the instructions. I have also changed with zmprov the zimbraMailPort from 80 to 8090 (this is not so clear in the wiki).

    However, both jetty and httpd wants to bind to port 80 and I don't know what to do to zimbra to change that.. Any ideas?

    When I get this working I'm planning to update the wiki with the info for CentOS and my other experiences.

    TIA/K

  8. #8
    Join Date
    Dec 2007
    Posts
    10
    Rep Power
    8

    Default

    Kallisti,

    Have you restarted Jetty after changing the port to 8090?
    sudo -u zimbra /opt/zimbra/bin/zmmailboxdctl restart

    If so, is Jetty actually binding to both ports 80 and 8090 for HTTP, or just port 80? Can you attach your jetty.xml.in and any other files you changed?

  9. #9
    Join Date
    Jan 2008
    Posts
    79
    Rep Power
    7

    Default

    dpword,

    thanks for answering! For some reason I have a jetty.xml file aswell as an jetty.xml.in which made changing a bit difficult. Jetty didn't even start with some combinations. Right now I've got it working partially by removing the addConnector parts for http and https (including removing the inititializing of the connectors in the end).

    Now I have httpd running on 80 and 443, jetty running ajp on 8009. httpd has a config file with /service, /zimbra, /zimbraAdmin and also /dav. WebDav is working correctly (the partially part...) through httpd into zimbra. Opening /zimbra gets me the login fine and I can enter the my user/pw. Then the mess starts as I get this:

    Code:
    invoke unable to parse response DOCTYPE HTML PUBLIC IETFDTD HTML 20ENhtmlheadtitle200 OKtitleheadbodyh1OKh1pThe server is temporarily unable to service yourrequest due to maintenance downtime or capacityproblems Please try again laterphraddressApache223 CentOS Server at localhost Port 80addressbodyhtml
    
    The server is temporarily unable to service your request due to maintenance downtime or capacity problems. Please try again later.
    Apache/2.2.3 (CentOS) Server at xxxxxx.xxx Port 443
    There is apparently somehing wrong with a port 80 in the middle.. In the access log (ssl_access_log) I get this:
    Code:
    "GET /zimbra HTTP/1.1" 302 -
    "GET /zimbra/ HTTP/1.1" 503 941
    and nothing more...

    /zimbraAdmin is similar. I get the login and after the user/pw it goes to loading. No big error but nothing happens. In the access log (ssl_access_log):
    Code:
    "GET /zimbraAdmin/ HTTP/1.1" 200 13662
    "GET /zimbraAdmin/res/I18nMsg,AjxMsg,ZMsg,ZaMsg,AjxKeys.js.zgz?v=080109202056&
    skin=beach HTTP/1.1" 200 27608
    "GET /zimbraAdmin/img/logo/favicon.ico HTTP/1.1" 200 894
    "GET /zimbraAdmin/css/dwt,common,zmadmin,login,msgview,spellcheck,images,skin.
    css?v=080109202056&skin=beach HTTP/1.1" 200 16169
    "GET /zimbraAdmin/js/Ajax_all.js.zgz?v=080109202056 HTTP/1.1" 200 132883
    "GET /zimbraAdmin/js/XForms_all.js.zgz?v=080109202056 HTTP/1.1" 200 33902
    "GET /zimbraAdmin/js/Zimbra_all.js.zgz?v=080109202056 HTTP/1.1" 200 8714
    "GET /zimbraAdmin/js/Admin_all.js.zgz?v=080109202056 HTTP/1.1" 200 202200
    which looks very good but nothing happens after this.

    So partially working, but I guess I must have messed up the ability for jetty to work when removing the http/https-connector. Although when they were in there httpd refused to start.

    /Kallisti

  10. #10
    Join Date
    Dec 2007
    Posts
    10
    Rep Power
    8

    Default

    Kallisti,

    The *.xml.in files are templates for the actual configuration files. When you start Zimbra, it takes these templates and uses them to generate jetty.xml, ../webapps/zimbra/WEB-INF/web.xml, etc.

    In the template files, you will see variables like %%zimbraMailPort%%. When Zimbra creates the actual configuration files, it uses the zmprov configuration to translate variables into values like 80 or 8080, comment out the addConnector sections for HTTP or HTTPS depending on the access mode, etc.

    My recommendation is to first restore all the original *.xml.in files in /opt/zimbra/jetty/etc (from the Zimbra source code).

    Modify jetty.xml.in to add in the addConnector section for AJP. Do not touch any of the other connectors.

    Next modify service.web.xml.in. Find the allowed.ports parameters throughout the file. For any of them that already contain %%zimbraMailPort%%, %%zimbraMailSSLPort%%, or 7071, you simply need to add port 8009 to the end of the line. Do not make any other changes. (Additional steps were added to the wiki by someone else that I think are unnecessary and are making things more complicated.)

    Read your zmprov configuration to make sure that zimbraMailMode, zimbraMailPort, and zimbraMailSSLPort are as desired.

    Stop HTTPD.

    Restart Jetty: sudo -u zimbra /opt/zimbra/bin/zmmailboxdctl restart

    Start HTTPD.

    Let me know what happens...

Similar Threads

  1. Replies: 31
    Last Post: 12-15-2007, 09:05 PM
  2. Replies: 22
    Last Post: 12-02-2007, 05:05 PM
  3. Replies: 8
    Last Post: 02-27-2007, 04:10 AM
  4. Post instsallation problems
    By Assaf in forum Installation
    Replies: 14
    Last Post: 01-29-2007, 11:38 AM
  5. FC3 Install and no zimbra ?
    By aws in forum Installation
    Replies: 10
    Last Post: 10-09-2005, 05:19 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •