Section | |||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Column | |||||||||||||
Section | |||||||||||||
|
...
Code Block | ||
---|---|---|
| ||
<!-- HTTPS Connector <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" SSLEnabled="true" maxThreads="150" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" keystoreFile="${catalina.home}/conf/keystore" keystorePass="password" connectionTimeout="20000" maxHttpHeaderSize="32768" connectionTimeout="20000" maxHttpHeaderSize="32768" useBodyEncodingForURI="true" /> --> |
Note that in case you want to change the default HTTPS port, you not only have to change the Tomcat connector's port above, but you also have to change the '''frevvo.port.ssl''' parameter found in </frevvo/-home>/tomcat/conf/localhost/frevvo.xml:
Code Block | ||
---|---|---|
| ||
<Parameter name="frevvo.port.ssl" value="8443" override="false"/> |
Additional info on how to use SSL on tomcat can be found on the How to solve javax.net ssl. SSLHandshakeException?
Currently you must not disable 's http port. In a future release this will be allowed. Disabling ' http port will cause your form server to malfunction as requires this port. For most cases it is sufficient to share the https version of your form/flow's Url and leave http open. However, if you want to force all form usage to be over https and feel it is not enough to simply share the https form Urls (as a user can switch to http as long as that port is open), we recommend that you deploy behind an Apache or IIS server. Close the http port on Apache or IIS but leave tomcat's http port open so that can POST back to itself when needed over http but no one outside can access it.
Code Block |
---|
External Access -> Proxy (Apache/IIS...) -> frevvo (tomcat) |
Note |
---|
If you plan to run the Tomcat bundle on IBM J9 JVM and you want to have the HTTPS connector enabled, you will need to change the encryption algorithm to IBM's X509 from the default Sun X509 implementation. |
To run HTTPS on IBM J9 JVM, add algorithm="IbmX509" attribute to the HTTPS connector:
Code Block | ||
---|---|---|
| ||
<!-- HTTPS Connector -->
<Connector port="8443" algorithm="IbmX509" protocol="org.apache.coyote.http11.Http11NioProtocol" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true" clientAuth="false"
sslProtocol="TLS" keystoreFile="${catalina.home}/conf/keystore" keystorePass="password"
connectionTimeout="20000" maxHttpHeaderSize="32768"
useBodyEncodingForURI="true" /> |
For more details, see below.
Tip |
---|
Java 7 will throw a "SEVERE: java.net.SocketException: Invalid argument: no further information" error in the <frevvo-home>/tomcat/logs/catalina.YYYY-MM-DD.log when used on a Windows 2003 system with Tomcat version 7.0.29 or earlier and the NIO http connector. If you should encounter this error, check the version of Tomcat. If it is below 7.0.30, upgrade to that version. Run the <frevvo-home>\tomcat\version.bat (Windows) or <frevvo-home>/tomcat/version.sh (UNIX) files to determine the version of Tomcat installed on your system. |
Tomcat Logfiles
By default, the server writes useful logging information to a daily logging file located here: <frevvo-home>/tomcat/logs/frevvo.log. You will see the logfiles listed below in <frevvo-home>/tomcat/logs. The current date appends to the logfile name for all the files except the frevvo log:
- catalina.YYYY-MM-DD.log - this log captures the stderr and stdout of the tomcat process including startup/shutdown messages. This is usually a small file.
- frevvo.log - all messages are logged to this file.
- localhost.YYYY.MM.DD.log - this tomcat logfile should be empty.
- localhost_access_log.YYYY - MM - DD.txt - is used to log all HTTP accesses to Tomcat. It is enabled by the following entry in <frevvo-home>/tomcat/conf/server.xml. Comment out the statement below to turn off logging to this file if it is not needed.
Code Block |
---|
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="${catalina.base}/logs"
prefix="localhost_access_log." suffix=".txt"
pattern="%h %l %u %t "%r" %s %b "%{Referer}r" "%{User-Agent}r" [%I %{JSESSIONID}c]" /> |
- host-manager.MM-DD-YYYY.log - this logfile is part of the tomcat distribution and is empty by default. It is a log file for the host-manager web application that is used to manage virtual hosts in tomcat. The host manager web-app is typically not needed because is preconfigured. Messages are written to this log only if the host-manager web application is being used.
- manager.MM-DD.YYYY.log - this logfile is part of the tomcat distribution and is empty by default - this is the log file for the tomcat manager web application which is used to check the status of web apps, memory usage etc. Messages are written to this log only if the manager web app is being used.
Note |
---|
There will be three additional logfiles when running Tomcat as a Windows service:
|
Debugging logfile levels
The logging levels used by can be fine-tuned by editing the <frevvo -home>/tomcat/lib/logback.xml file. By default log level is set to INFO. The logging infrastructure will scan this file every 60 secs so you can live-change the log level. Here
is more configuration information . Stop to delete the logfiles. They will be recreated on start up.
You can obtain more debugging information, if needed, by following the steps below to change the loglevel. You will see the results of the changes in <frevvo-home>/tomcat/logs/frevvo.log.
- Go to <frevvo-home>/tomcat/lib
- Open the file logback.xml for editing
- Find <root level="INFO"> and change the word INFO to DEBUG. Save the file.
Loglevels are : TRACE, DEBUG, INFO, WARN, ERROR, OFF. ALL. They are case -sensitive so be sure to type them in upper case. The logging level is cummulative as shown below. Refer to this website for a description of the loglevels and some guidelines for using them.
- OFF = turns all logging off
- ERROR = ERROR
- WARN = WARN + ERROR,
- INFO = INFO + WARN + ERROR,
- DEBUG = DEBUG + INFO + WARN + ERROR,
- TRACE = DEBUG + INFO + WARN + ERROR
- ALL= turns all logging on
Configuring the logging level for catalina.log, localhost.log, host-manager.log, manager.log and local_access.log is done in <frevvo-home>/tomcat/conf/logging.properties Click here for more information.
If you are having issues running the server in an environment with proxy setups, load balancers etc. the forms.ui.filter logger can help. This logger will output additional information to the frevvo.log file to assist in determining what the frevvo servlet is seeing. To enable this logger uncomment the following line in logback.xml:
Code Block | ||
---|---|---|
| ||
<logger name="com.forms.forms.ui.filter" level="DEBUG" /> |
Logfile Rotation
The tomcat bundle install will automatically rotate log files daily. The logfile is the only one affected. Let's say the current date is 6 - 19 - 2013. The current days logging is saved to the frevvo.log file located in <frevvo-home>/tomcat/logs. On the next day, 6 - 20 - 2013, the log from the previous day is copied to a logfile stamped with the previous day's date. (frevvo_2013-06-19). This date stamped frevvo.log is moved into the <frevvo-home>\tomcat\logs\old directory. Logging for 6 - 20 - 2013 is saved in the frevvo.log in <frevvo-home>/tomcat/logs.
Session Timeout
's default web browser session timeout is 480 minutes. If a user is logged into the server to design forms, or to view their task list, or is using a form and filling in values but has not yet submitted the form, the session will expire after 480 minutes of inactivity. When the session expires the designer will have to re-login to to continue designing forms and form users will have to get a new instance of the form and re-enter the values.
If the maximum number of concurrent users are logged in simultaneously, and any of them are idle for more than 480 minutes, the next person who tries to log in will be able to do so successfully.
The session timeout can be changed by editing <frevvo-home>\frevvo\tomcat\webapps\frevvo\WEB-INF\web.xml. The session timeout setting unit is minutes. For example, to change from an 480 minutes (8 hr) session timeout to a 1 hour timeout change 480 to 60.
Code Block | ||
---|---|---|
| ||
<session-config>
<session-timeout>480</session-timeout>
</session-config> |
The default server session timeout can be overridden for each tenant. See the Edit Tenant topic for more information.
Tip |
---|
Tomcat session-config parameters can not be overridden in frevvo.xml. |
When a session times out, for example when a person is using a form and then pauses for longer than the configured <session-timeout>, they will see the following error the next time they enter a value into the form.
The following screen displays when a user tries to submit a form from a timed out session.
Editing Submissions
...
useBodyEncodingForURI="true" />
--> |
Note that in case you want to change the default HTTPS port, you not only have to change the Tomcat connector's port above, but you also have to change the '''frevvo.port.ssl''' parameter found in </frevvo/-home>/tomcat/conf/localhost/frevvo.xml:
Code Block | ||
---|---|---|
| ||
<Parameter name="frevvo.port.ssl" value="8443" override="false"/> |
Additional info on how to use SSL on tomcat can be found on the How to solve javax.net ssl. SSLHandshakeException?
Currently you must not disable 's http port. In a future release this will be allowed. Disabling ' http port will cause your form server to malfunction as requires this port. For most cases it is sufficient to share the https version of your form/flow's Url and leave http open. However, if you want to force all form usage to be over https and feel it is not enough to simply share the https form Urls (as a user can switch to http as long as that port is open), we recommend that you deploy behind an Apache or IIS server. Close the http port on Apache or IIS but leave tomcat's http port open so that can POST back to itself when needed over http but no one outside can access it.
Code Block |
---|
External Access -> Proxy (Apache/IIS...) -> frevvo (tomcat) |
Note |
---|
If you plan to run the Tomcat bundle on IBM J9 JVM and you want to have the HTTPS connector enabled, you will need to change the encryption algorithm to IBM's X509 from the default Sun X509 implementation. |
To run HTTPS on IBM J9 JVM, add algorithm="IbmX509" attribute to the HTTPS connector:
Code Block | ||
---|---|---|
| ||
<!-- HTTPS Connector -->
<Connector port="8443" algorithm="IbmX509" protocol="org.apache.coyote.http11.Http11NioProtocol" SSLEnabled="true"
maxThreads="150" scheme="https" secure="true" clientAuth="false"
sslProtocol="TLS" keystoreFile="${catalina.home}/conf/keystore" keystorePass="password"
connectionTimeout="20000" maxHttpHeaderSize="32768"
useBodyEncodingForURI="true" /> |
For more details, see below.
Tip |
---|
Java 7 will throw a "SEVERE: java.net.SocketException: Invalid argument: no further information" error in the <frevvo-home>/tomcat/logs/catalina.YYYY-MM-DD.log when used on a Windows 2003 system with Tomcat version 7.0.29 or earlier and the NIO http connector. If you should encounter this error, check the version of Tomcat. If it is below 7.0.30, upgrade to that version. Run the <frevvo-home>\tomcat\version.bat (Windows) or <frevvo-home>/tomcat/version.sh (UNIX) files to determine the version of Tomcat installed on your system. |
Tomcat Logfiles
By default, the server writes useful logging information to a daily logging file located here: <frevvo-home>/tomcat/logs/frevvo.log. You will see the logfiles listed below in <frevvo-home>/tomcat/logs. The current date appends to the logfile name for all the files except the frevvo log:
- catalina.YYYY-MM-DD.log - this log captures the stderr and stdout of the tomcat process including startup/shutdown messages. This is usually a small file.
- frevvo.log - all messages are logged to this file.
- localhost.YYYY.MM.DD.log - this tomcat logfile should be empty.
- localhost_access_log.YYYY - MM - DD.txt - is used to log all HTTP accesses to Tomcat. It is enabled by the following entry in <frevvo-home>/tomcat/conf/server.xml. Comment out the statement below to turn off logging to this file if it is not needed.
Code Block |
---|
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="${catalina.base}/logs"
prefix="localhost_access_log." suffix=".txt"
pattern="%h %l %u %t "%r" %s %b "%{Referer}r" "%{User-Agent}r" [%I %{JSESSIONID}c]" /> |
- host-manager.MM-DD-YYYY.log - this logfile is part of the tomcat distribution and is empty by default. It is a log file for the host-manager web application that is used to manage virtual hosts in tomcat. The host manager web-app is typically not needed because is preconfigured. Messages are written to this log only if the host-manager web application is being used.
- manager.MM-DD.YYYY.log - this logfile is part of the tomcat distribution and is empty by default - this is the log file for the tomcat manager web application which is used to check the status of web apps, memory usage etc. Messages are written to this log only if the manager web app is being used.
Note |
---|
There will be three additional logfiles when running Tomcat as a Windows service:
|
Debugging logfile levels
The logging levels used by can be fine-tuned by editing the <frevvo -home>/tomcat/lib/logback.xml file. By default log level is set to INFO. The logging infrastructure will scan this file every 60 secs so you can live-change the log level. Here
is more configuration information . Stop to delete the logfiles. They will be recreated on start up.
You can obtain more debugging information, if needed, by following the steps below to change the loglevel. You will see the results of the changes in <frevvo-home>/tomcat/logs/frevvo.log.
- Go to <frevvo-home>/tomcat/lib
- Open the file logback.xml for editing
- Find <root level="INFO"> and change the word INFO to DEBUG. Save the file.
Loglevels are : TRACE, DEBUG, INFO, WARN, ERROR, OFF. ALL. They are case -sensitive so be sure to type them in upper case. The logging level is cummulative as shown below. Refer to this website for a description of the loglevels and some guidelines for using them.
- OFF = turns all logging off
- ERROR = ERROR
- WARN = WARN + ERROR,
- INFO = INFO + WARN + ERROR,
- DEBUG = DEBUG + INFO + WARN + ERROR,
- TRACE = DEBUG + INFO + WARN + ERROR
- ALL= turns all logging on
Configuring the logging level for catalina.log, localhost.log, host-manager.log, manager.log and local_access.log is done in <frevvo-home>/tomcat/conf/logging.properties Click here for more information.
If you are having issues running the server in an environment with proxy setups, load balancers etc. the forms.ui.filter logger can help. This logger will output additional information to the frevvo.log file to assist in determining what the frevvo servlet is seeing. To enable this logger uncomment the following line in logback.xml:
Code Block | ||
---|---|---|
| ||
<logger name="com.forms.forms.ui.filter" level="DEBUG" /> |
Logfile Rotation
The tomcat bundle install will automatically rotate log files daily. The logfile is the only one affected. Let's say the current date is 6 - 19 - 2013. The current days logging is saved to the frevvo.log file located in <frevvo-home>/tomcat/logs. On the next day, 6 - 20 - 2013, the log from the previous day is copied to a logfile stamped with the previous day's date. (frevvo_2013-06-19). This date stamped frevvo.log is moved into the <frevvo-home>\tomcat\logs\old directory. Logging for 6 - 20 - 2013 is saved in the frevvo.log in <frevvo-home>/tomcat/logs.
Session Timeout
's default web browser session timeout is 480 minutes. If a user is logged into the server to design forms, or to view their task list, or is using a form and filling in values but has not yet submitted the form, the session will expire after 480 minutes of inactivity. When the session expires the designer will have to re-login to to continue designing forms and form users will have to get a new instance of the form and re-enter the values.
If the maximum number of concurrent users are logged in simultaneously, and any of them are idle for more than 480 minutes, the next person who tries to log in will be able to do so successfully.
The session timeout can be changed by editing <frevvo-home>\frevvo\tomcat\webapps\frevvo\WEB-INF\web.xml. The session timeout setting unit is minutes. For example, to change from an 480 minutes (8 hr) session timeout to a 1 hour timeout change 480 to 60.
Code Block | ||
---|---|---|
| ||
<session-config>
<session-timeout>480</session-timeout>
</session-config> |
The default server session timeout can be overridden for each tenant. See the Edit Tenant topic for more information.
Tip |
---|
Tomcat session-config parameters can not be overridden in frevvo.xml. |
When a session times out, for example when a person is using a form and then pauses for longer than the configured <session-timeout>, they will see the following error the next time they enter a value into the form.
The following screen displays when a user tries to submit a form from a timed out session.
Editing Submissions
Designer users can view/edit submissions by clicking the edit link on the submissions panel. Non designer users can view/edit submissions by clicking on the Shared Items tab if they have been granted permission to do so by the designer via the Access Control feature. The frevvo.submission.edit .link parameter must be set to the default value of true, for the edit link to be visible to any user. To disable the edit link on the submission panel, change the default value of true to false for the frevvo.submissions.edit.link configuration parameter in <frevvo-home>/WEB-INF/web.xml file. The web.xml file must be unzipped from the frevvo.war before it can be edited. Follow the instructions above to unzip, modify and rezip the war file.
Code Block |
---|
<context-param>
<param-name>frevvo.submission.edit.link</param-name>
<param-value>false</param-value>
<description>Show a link to edit the submission.</description>
</context-param> |
You can add the frevvo.submission.edit.link configuration property to the <frevvo-home>\tomcat\conf\catalina\localhost\frevvo.xml file instead of the web.xml file as discussed above. Here is an example that will disable submission editing when added to the frevvo war settings section of frevvo.xml:
Code Block |
---|
<Parameter name="frevvo.submission.edit.link" value="false" override="false"/> |
When the frevvo.submission.edit.link parameter has a value of false, the edit link is not visible on on form submission panels.
Hardware Requirements
The minimum recommended hardware configuration for your Live Forms server is:
...