Table of contents
The OS was updated to Debian 11.2 on Jan 19th 2022
NorthStar did not run out of the box after the update. Neccesary fixes:
Issue: enable ajp on Port 8019
in server.xml (/etc/tomcat9/server.ml)
<Connector protocol="AJP/1.3"
address="0.0.0.0"
secretRequired="false"
port="8019"
redirectPort="8443" />
restart tomcat9 and apache2
check that ajp is listening on port 8019:
netstat -tunlp | grep 0.0.0.0:8019 tcp 0 0 0.0.0.0:8019 0.0.0.0:* LISTEN 65868/java
Pointing browser to https://northstar.mpifr-bonn.mpg.de/ should now work (default tomcat start page)
Issue: enable astron login authentication module
in /etc/default/tomcat9 include
-Djava.security.auth.login.config=$CATALINA_HOME/conf/astron.login
in the JAVA_OPTS directive
cp /usr/share/tomcat8/lib/astron-loginmodule.jar /usr/share/tomcat9/lib/
in /etc/tomcat9/server.xml change the default Engine:
<Engine name="Catalina" defaultHost="localhost">
<Realm className="org.apache.catalina.realm.LockOutRealm">
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
resourceName="UserDatabase"/>
</Realm>
<Realm appName="AstronLogin" className="org.apache.catalina.realm.JAASRealm" debug="99" roleClassNames="nl.astron.security.loginmodule.AstronRolePrincipal" userClassNames="nl.astron.security.loginmodule.AstronPrincipal" />
<Host name="localhost" appBase="webapps"
unpackWARs="true" autoDeploy="true">
<Valve className="org.apache.catalina.authenticator.SingleSignOn" />
<Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
prefix="localhost_access_log" suffix=".txt"
pattern="%h %l %u %t "%r" %s %b" />
</Host>
</Engine>
Restart of tomcat9 should throw no errors
