Tomcat Basics

It's very important from an administrator's point of view, to know about the configuration files and their usage in the Tomcat environment. Configuration properties one-by-one, as follows:

• catalina.policy: This file describes the security policy permissions for Tomcat 7. It enforces the security policy permissions by JVM on the web application.

When catalina is executed with the -security option, the security policy mentioned in the catalina file is used and the web application security policy also gets executed.

• catalina.properties: This file contains the shared definition of the server, shared loader, and JARs, which need to be scanned at the time of the server startup.
• server.xml: This is one of the important configuration files of Tomcat. It holds critical information, such as the IP address, port, virtual host, context path, and so on.
• tomcat-users.xml: This file is used for authentication, authorization, and role-based definitions. It is used to implement a database of users/passwords/roles for authentication and container-managed security. To add/remove users or assign/unassign roles to existing users, edit this file.
• logging.properties: As the name suggests, it defines the logging properties of the Tomcat instances (such as startup logs).
• web.xml: This defines the default values for all web applications loaded into this instance of Tomcat, at the time of startup of the Tomcat instance. If a web application has its own deployment descriptor, its content will always override the configuration settings specified in this default descriptor.
• context.xml: The contents of this file will load with every application. Configuration of parameters such as session persistence, Comet connection tracking, and so on, are done here.

Any changes made in the server.xml file will be in effect after restarting the Tomcat instance.

Application level resources are not defined in the web.xml of the configuration folder. It would be better to define these in the application web.xml.