Documentation Index

Introduction

The Apache Tomcat Native Library is an optional component for use with Apache Tomcat that allows Tomcat to use certain native resources for performance, compatibility, etc.

Specifically, the Apache Tomcat Native Library gives Tomcat access to the Apache Portable Runtime (APR) library's network connection (socket) implementation and random-number generator. See the Apache Tomcat documentation for more information on how to configure Tomcat to use the APR connector.

Features of the APR connector:

  • Non-blocking I/O for Keep-Alive requests (between requests)
  • Uses OpenSSL for TLS/SSL capabilities (if supported by linked APR library)
  • FIPS 140-2 support for TLS/SSL (if supported by linked OpenSSL library)

Select one of the links from the navigation menu (to the left) to drill down to the more detailed documentation that is available. Each available manual is described in more detail below.

Headlines

Building

Requirements

Build tc-native requires three components to be installed:

  • APR library
  • OpenSSL libraries
  • Java SE Development Kit (JDK)

In debian based Linux those dependencies could be installed by something like:

apt-get install libapr1.0-dev libssl-dev

In rpm based Linux those dependencies could be installed by something like:

yum install apr-devel openssl-devel

UNIX

On all the POSIX systems (Linux, Solaris, HP-UX, AIX etc...) a well-known configure and make is used to build tc-native.
In the jni/native runs:

./configure --help

to read the description of all the parameters.

./configure --with-apr=$HOME/APR \
            --with-java-home=$JAVA_HOME \
            --with-ssl=$HOME/OPENSSL \
            --prefix=$CATALINA_HOME

to create the includes and makefiles to be able to build tc-native.
Where:
$HOME/APR is something like /usr/bin/apr-1-config or the path where apr is installed.
$JAVA_HOME is something /home/jfclere/JAVA/jdk1.5.0_09 path to a JDK installation. Any JDK should work but it is advisable to use the same JVM version the JVM you use with Tomcat.
$HOME/OPENSSL is the path where OpenSSL is installed.
$CATALINA_HOME is the path where the produced libraries will be installed. Something like $HOME/apache-tomcat-6.0.16/

The configure is able to guess most of OpenSSL standard installations. So most of the time the following will be enough:

./configure --with-apr=/usr/bin/apr-1-config \
            --with-java-home=/home/jfclere/JAVA/jdk1.5.0_09/ \
            --with-ssl=yes \
            --prefix=$CATALINA_HOME

To build the libraries and install them:

make && make install

The libraries will be found in $CATALINA_HOME/lib

Windows

Download the windows sources of tc-native and extract them.

Download OpenSSL sources (See Binary Distributions) OpenSSL is a crypto software so check if you are allowed to download it. If not you can still use tc-native without SSL.

Download APR sources for Windows. (See Download) Extract them in jni and rename the apr-1.x.y directory to apr.

Use MS Visual Studio to open the workspace of the APR sources and build the library (libapr).

Use MS Visual Studio to open the workspace of the tc-native sources, adjust the OpenSSL includes and libraries location change the name of the libraries libeay32 and libssleay to libeay32MT and libssleayMT and build the tcn-native library. That should create a tcnative-1.dll.

Install and tests

Configuring Tomcat

Apache Tomcat comes with the AprLifecycleListener enabled by default. Still, you should check your conf/server.xml to ensure that something like the following is present, and uncommented:

<Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />

Please see the Apache Tomcat documentation for configuration specifics.

UNIX

Edit $CATALINA_HOME/bin/setenv.sh (creating the file if necessary) and add the path to the tc-native libraries to LD_LIBRARY_PATH. Something like:

LD_LIBRARY_PATH=$LD_LIBRARY_PATH:$CATALINA_HOME/lib
export LD_LIBRARY_PATH

Start tomcat and check for the messages like this ones:

Feb 8, 2008 12:27:41 PM org.apache.catalina.core.AprLifecycleListener init
INFO: Loaded APR based Apache Tomcat Native library 1.x.y.
Feb 8, 2008 12:27:41 PM org.apache.catalina.core.AprLifecycleListener init
INFO: APR capabilities: IPv6 [true], sendfile [true], accept filters [false], random [true].
Feb 8, 2008 12:27:41 PM org.apache.coyote.http11.Http11AprProtocol init
INFO: Initializing Coyote HTTP/1.1 on http-8080

Refer to the tomcat documentation to configure the connectors (See Tomcat6.0.x and Tomcat5.5.x)

Windows

Edit $CATALINA_BASE\bin\setenv.bat (creating the file if necessary) and add the path to the tc-native libraries, apr and OpenSSL to PATH. For example:

set PATH=%PATH;C:\cygwin\home\support\tomcat-native-current-win32-src\jni\native\Debug;C:\cygwin\home\support\tomcat-native-current-win32-src\jni\apr\Debug;C:\OpenSSL\lib\VC

Start tomcat and check for the messages like this ones:

Feb 8, 2008 2:48:17 PM org.apache.catalina.core.AprLifecycleListener init
INFO: Loaded APR based Apache Tomcat Native library 1.x.y.
Feb 8, 2008 2:48:17 PM org.apache.catalina.core.AprLifecycleListener init
INFO: APR capabilities: IPv6 [false], sendfile [true], accept filters [false], random [true].
Feb 8, 2008 2:48:18 PM org.apache.coyote.http11.Http11AprProtocol init
INFO: Initializing Coyote HTTP/1.1 on http-8080