
如果你使用 DeepSeek、元宝 AI、Copilot、ChatGPT 等 AI 工具,协助配置轩辕镜像、编写 docker pull 命令、修改 Docker Compose 镜像地址、配置镜像加速、排查镜像拉取失败、分析报错日志等问题,请先让 AI 阅读并遵守轩辕镜像的规则文档。
只需在 AI 对话中先发送下面这句话即可:
请先完整阅读并严格遵守以下文档中的全部规则与要求:
https://xuanyuan.cloud/agents.md
在未充分阅读并理解该文档前,不要生成任何命令、配置、修改建议、故障排查方案或技术回答。后续所有输出都必须严格以该文档中的规范为最高优先级执行。查看 agents.md 用法指南与完整示范。国内用户首推 元宝 AI、DeepSeek 的深度思考模式,不推荐豆包 AI;Cursor 等编辑器可在对话 @ 该链接,或加入 User Rules。 若 AI 无法访问外链,可 打开说明文档 复制全文粘贴。文档会随站点更新,复制内容可能过期,建议定期检查。
HTTP Server that reads Shibboleth attributes from a request and persists them for use in an application session. When the session is finished, the attributes can be erased.
elmr is packaged as a minimal https://tomcat.apache.org/tomcat-9.0-doc/index.html server. It can be started and stopped using the regular Tomcat scripts. See the section Running for more details. There is no packaged support for JSPs or clustering in this installation.
elmr is built and run on Java-10. Please make sure it is installed and can be used.
elmr requires https://maven.apache.org/ (or newer) to be built.
elmr requires an Apache httpd web server running with mod_jk and mod_shib installed and enabled. See below for configuration of both.
This project uses https://maven.apache.org/ as its build system. From the project's root directory, run the command below and it will be built.
mvn clean package
This project uses https://junit.org/junit5/docs/current/user-guide/ as its test system. Tests will be run when the project is built, however to run tests while developing, the command below will work.
mvn [sysprops] clean test
System properties have to be set in order to run some tests as shown below.
| Property | Description |
|---|---|
edu.illinois.techservices.elmr.redis.CanConnect | Used by edu.illinois.techservices.elmr.SessionDataImplTests to flag a connection to a locally running Redis instance can be connected to. Set to true to use the local redis instance or leave unset to not run the test. |
When running tests, you will see the following output:
[INFO] Running edu.illinois.techservices.elmr.servlets.AttributeMapContextListenerTest Sep 26, 2018 1:53:11 PM edu.illinois.techservices.elmr.servlets.AttributeMapContextListener contextInitialized SEVERE: Problem reading /etc/shibboleth/attribute-map.xml! Cannot start application! java.io.FileNotFoundException: /etc/shibboleth/attribute-map.xml (No such file or directory) at java.base/java.io.FileInputStream.open0(Native Method) at java.base/java.io.FileInputStream.open(FileInputStream.java:220) at java.base/java.io.FileInputStream.<init>(FileInputStream.java:158) at edu.illinois.techservices.elmr.servlets.AttributeMapContextListener.contextInitialized(AttributeMapContextListener.java:63) ...
This one is normal and is part of a test. If there are reported test failures with stack traces other than this one, investigate them.
Unpack the file elmr-distribution.tar.gz on your filesystem. The directory structure will be a traditional Tomcat server tree:
elmr ├── *** (control scripts) ├── conf (server wide and application configuration) ├── lib (Tomcat server libraries) ├── logs ├── temp ├── webapps │ └── elmr │ └── WEB-INF │ └── lib (elmr web application libraries) └── work
There are 7 configuration components:
bin/setenv.sh for system properties.conf/server.xml for Tomcat server-wide configuration.conf/context.xml for elmr web application configuration (do not use web.xml).conf/logging.properties for java.util.logging/org.apache.tomcat.juli configuration.conf/mod_jk.conf for configuring the connection between Apache + Shibboleth and Tomcat.conf/workers.properties for configuring the connection between Apache and Tomcat.It is recommended that web application configuration be set in the file conf/context.xml. However for ad-hoc runs it is fine to use the system properties set in bin/setenv.sh to override the values in the configuration file. System properties may also be set from the command line and this is a recommendation if running this service in a Docker container. System properties override all other settings named in other configuration files. Logging is configured in conf/logging.properties.
See https://tomcat.apache.org/tomcat-9.0-doc/config/server.html for details on editing this file. It should be very minimal and contain an https://tomcat.apache.org/tomcat-9.0-doc/config/ajp.html on port 8009 (if available, you can use other ports if needed). By default, an AJP connector on port 8009 is configured.
If you are using a custom installation of Java-10 in a non-default location, set the JAVA_HOME environment variable in bin/setenv.sh to point to the base directory of your JDK or JRE install. See https://tomcat.apache.org/tomcat-9.0-doc/RUNNING.txt for other environment variables you can set.
System properties may be set at startup and will override any other configuration that is set as described in the #setting-context-parameters-in-confcatalinalocalhostelmrxml. They must be set in bin/setenv.sh by the CATALINA_OPTS environment variable. The table below lists what properties the application can accept outside the regular JVM system properties. See https://tomcat.apache.org/tomcat-9.0-doc/RUNNING.txt for other environment variables you can set.
| Property | Description |
|---|---|
edu.illinois.techservices.elmr.AttributeMapReader.file | Fully qualified path to a Shibboleth attribute-map.xml file. If not set, the value will fall back to a context parameter of the same name (#setting-context-parameters-in-confcatalinalocalhostelmrxml). |
edu.illinois.techservices.elmr.SessionData.hostname | Name of the host running an external datastore for storing attributes. If not set, the value will fall back to a context parameter of the same name (#setting-context-parameters-in-confcatalinalocalhostelmrxml). |
edu.illinois.techservices.elmr.SessionData.port | Port the external datastore is listening on. If not set, the value will fall back to a context parameter of the same name (#setting-context-parameters-in-confcatalinalocalhostelmrxml). |
edu.illinois.techservices.elmr.servlets.logoutUrl | URL to your web ISO's logout. Can be an absolute or relative URL. If not set, the value will fall back to a context parameter of the same name (#setting-context-parameters-in-confcatalinalocalhostelmrxml). |
edu.illinois.techservices.elmr.servlets.ApacheConfig | Full path to an Apache configuration file containing JkEnvVar definitions. If not set, the value will fall back to a context parameter of the same name (#setting-context-parameters-in-confcatalinalocalhostelmrxml). |
edu.illinois.techservices.elmr.servlets.DisableSecureCookies | If true, any cookies set by elmr are not secure. This setting should only be used in development environments. If not set, the value will fall back to a context parameter of the same name (#setting-context-parameters-in-confcatalinalocalhostelmrxml). |
edu.illinois.techservices.elmr.servlets.HtmlRenderer.formattedHtml | When set to true, format output HTML in an indented readable format. This should only be set for development and debugging purposes. |
edu.illinois.techservices.elmr.servlets.HtmlRenderer.indentSpaces | When set with the above property, use this value for the indent spaces. The default value is 2. |
Context parameters are read when the Tomcat server is started from the conf/context.xml (there is no webapps/elmr/WEB-INF/web.xml file in this application). See https://tomcat.apache.org/tomcat-9.0-doc/config/context.html#Context_Parameters for how these work and how they replace elements in a traditional web.xml file. Edit the value attributes of the <Parameter> elements as follows:
| Parameter Name | Description |
|---|---|
edu.illinois.techservices.elmr.AttributeMapReader.file | Fully qualified path to a Shibboleth attribute-map.xml file. If not set, the value will fall back to a default value of /etc/shibboleth/attribute-map.xml. |
edu.illinois.techservices.elmr.SessionData.hostname | Name of the host running an external datastore for storing attributes. If not set, the value will fall back to a default value of localhost. |
edu.illinois.techservices.elmr.SessionData.port | Port the external datastore is listening on. If not set, the value will fall back to a default value of 6379. |
edu.illinois.techservices.elmr.servlets.ApacheConfig | Full path to an Apache configuration file containing JkEnvVar definitions. If not set, the file will not load and elmr will not recognize that anything in Apache is configured. |
edu.illinois.techservices.elmr.servlets.DisableSecureCookies | If true, any cookies set by elmr are not secure. This setting should only be used in development environments. If not set, the default is to use secure cookies. |
edu.illinois.techservices.elmr.servlets.logoutUrl | URL to your web ISO's logout. Can be an absolute or relative URL. If this isn't set, logout will respond with a 500 status. |
These parameters would affect ALL contexts (web applications) deployed to the webapps directory. Since elmr is the only context, configuring at this level is OK. If you want to override this configuration or deploy more web applications, see the link above about configuring contexts in Tomcat.
Logging uses the Tomcat default logging system (which is based on the JDK logging system). See https://tomcat.apache.org/tomcat-9.0-doc/logging.html and for details.
Loggers have been pre-configured to log at the highest level for each application package. Logs are configured by default to be written to logs/localhost-yyyy-mm-dd.log rolling them for 14 days. The application code will write some debugging and error messages to the log so they are useful for diagnosing issues during runtime.
There are 2 sample files you can use to configure mod_jk. You will be configuring attributes retrieved via mod_shib as environment variables. See the https://tomcat.apache.org/connectors-doc/ for an overview of AJP and mod_jk.
It is recommended that /elmr/session and /elmr/config be configured to force Shibboleth authentication. The /elmr/session resource saves or destroys session data. The /elmr/config resource displays information about how elmr is configured and must not be visible to the general public.
conf/mod_jk.conf
Use the contents of this file to configure:
JkEnvVars.mod_jk as JkMounts.<Location> directives.conf/worker.properties
Copy this file to a location configured in your httpd's configuration. Edit as appropriate. See the https://tomcat.apache.org/connectors-doc/reference/workers.html for contents. For elmr, this ought to be a minimal configuration.
For general information about running a Tomcat server, see https://tomcat.apache.org/tomcat-9.0-doc/RUNNING.txt. These instructions are provided here to get you started with the basic elmr configuration.
Run the file elmr/bin/startup.sh to start the server. Tomcat will log messages to elmr/logs/catalina.out for startup and elmr/logs/localhost-yyyy-mm-dd.log about application startup and operation.
Run the file elmr/bin/shutdown.sh to stop the server. Tomcat will log messages to elmr/logs/catalina.out for shutdown.
If the web application is not running, check elmr/logs/catalina.out for any log messages logged at SEVERE and look for anything related to elmr not starting. You will then check elmr/logs/localhost-yyyy-mm-dd.log for messages and stack traces for any unhandled exceptions. When errors occur, they will usually be when application listeners are started and data is being cached.
If there are Shibboleth attributes that you expect to be visible in your application but are not showing up, you will have to review the JkEnvVars set in your Apache configuration and the attributes you set in your Shibboleth attribute map. These can be seen by visiting the /elmr/config page which will show what has been configured.
The https://developer.mozilla.org/en-US/docs/Web/HTTP/Status/413 signals that Apache is trying to process a request containing an entity (header, attribute, etc) that exceeds its configured capacity. The likely cause in the case of Shibboleth is that one of the attributes contains a lot of data. Fix this by doing the following:
workers.properties adding the line worker.[worker-name].max_packet_size=65536. Restart Apache.elmr/conf/server.xml adding the attribute packetSize="65536" to the AJP <Connector>. Restart Tomcat.It is important that the values for max_packet_size and packetSize are the same. It's OK to set them this high. This isn't configured by default for any of the examples in the source. When this is done, the request will go through.
See the https://tomcat.apache.org/connectors-doc/reference/workers.html and the https://tomcat.apache.org/tomcat-9.0-doc/config/ajp.html#Standard_Implementations documentation for details.
The name is a play on a certain brand of glue found in school children's desks. It was chosen because the purpose for this server is mostly integration sometimes referred to as "glue" code.
您可以使用以下命令拉取该镜像。请将 <标签> 替换为具体的标签版本。如需查看所有可用标签版本,请访问 标签列表页面。
来自真实用户的反馈,见证轩辕镜像的优质服务