Tag Archives: tomcat

Tuning Tomcat

There can be cases when you face problems like server overloaded or underloaded but requests being rejected by Tomcat (or any other application/ web server). All these issues drill down to incorrect tuning of the server. Here is an interesting case study https://medium.com/netflix-techblog/tuning-tomcat-for-a-high-throughput-fail-fast-system-e4d7b2fc163f

From my personal experience, I found a few important parameters to be considered (specific to tomcat but other servers might have similar values)
maxThreads=”50″
maxConnections=”50″
acceptCount=”100″

maxThreads are actual worker threads which will actually execute the request or perform the requested operations. Setting this up correctly is tricky, as a value too high, means a lot of processing, hence CPU and memory can choke up. On the other hand, a value too low would mean we are not using server capabilities completely but still refusing requests as our all available threads are busy.

maxConnections are connections server is accepting. This will mostly depend on traffic you are expecting.

acceptcount is beyond maxConnections. Any requests which cannot be accommodated as a new connection will wait in a queue whose size is provided by acceptcount. If a request is received beyond acceptcount, it will be rejected by server.

In short, the total number of requests a server can handle at a time is acceptcount + maxconnections. And maxthread are actually threads fulfilling these requests.

More details- https://tomcat.apache.org/tomcat-7.0-doc/config/http.html
https://www.mulesoft.com/tcat/tomcat-connectors

Adding/ Removing Browser Authentication for tomcat app

There can be many cases in your projects where you would like to add a browser authentication for your project. But there will be a few where you will actually need to remove that. That’s what happen to me today. Checked out code for a project and tried to run on local tomcat instance, everything worked fine. When tried to open up the app like localhost:8080/myapp, browser asked for username and password. I had no idea about username and password.

So started by googling about removing browser authentication in tomcat, that was a mistake. Could not find a single site talking about removal of authentication. After spending 20 minutes, I got the idea to actually look for- how to set the browser authentication. And bam- that worked.

In your apps web.xml, there will be setting for <security-constraint> where you can set up the <login-config> as basic (or actually remove in my case).

<!–
Define the Members-only area, by defining
a “Security Constraint” on this Application, and
mapping it to the subdirectory (URL) that we want
to restrict.
–>
<security-constraint>
<web-resource-collection>
<web-resource-name>
Entire Application
</web-resource-name>
<url-pattern>/members/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>member</role-name>
</auth-constraint>
</security-constraint>
<!– Define the Login Configuration for this Application –>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>My Club Members-only Area</realm-name>
</login-config>

Source point 5 of  http://oreilly.com/java/archive/tomcat-tips.html