Tomcat – it’s such a tiger with a funny snout. But it’s actually a tool that you should know how to use.
Apache Tomcat is a servlet container and web server that is used to host Java applications. Tomcat is an open source implementation of Java Servlet and JavaServer Pages technologies, released by the Apache Software Foundation. In this tutorial, we will describe the basic installation and configuration of Tomcat 9 on an Ubuntu 20.04.
Good to know at the beginning
Document root
Refers to the top-level directory of a web application, where all the application resources are located like JSP files, HTML pages, Java classes, and images.
Context path.
Refers to the location which is relative to the server’s address and represents the name of the web application. For example, if our web application is put under the $CATALINA_HOME\webapps\myapp directory, it will be accessed by the URL http://localhost/myapp, and its context path will be /myapp.
WAR
Is the extension of a file that packages a web application directory hierarchy in ZIP format and is short for Web Archive. Java web applications are usually packaged as WAR files for deployment. These files can be created on the command line or with an IDE like Eclipse. After deploying our WAR file, Tomcat unpacks it and stores all project files in the webapps directory in a new directory named after the project.
Deploying a web application to Apache Tomcat is very straightforward using a WAR (Web ARchive) file. By deploying we mean that we are placing a zipped web application in a location on the file system where Tomcat can make the web page(s) available to the world.
Tomcat requires that Java be installed on the server so that any Java application code can execute.
First, you need to update the apt-get package index:
sudo apt-get update
Then install the Java Development Kit using apt-get:
sudo apt-get install default-jdk
For security reasons, Tomcat must be run on behalf of a non-privileged user (ie not root). Due to the fact that we will put this application only for internal use, it can be used for this user that I use on a daily basis.
First, create a new tomcat group:
sudo groupadd tomcat
Then create a new tomcat user. We will add this user to the tomcat group, from the home directory /opt/tomcat (where we will be installing Tomcat) and also from the shell /bin/false (no one will be able to enter the account):
sudo useradd -s /bin/false -g tomcat -d /opt/tomcat tomcat
Now that our user is set up, we can download and install Tomcat.
The best way to install Tomcat 8 is to download the latest binary version and then configure it manually. Find the latest version of Tomcat 8 at Tomcat 8 Downloads. At the time of writing this article, the latest version is 8.5.5 but you should use the newer stable version if one is available. In the Binary Distributions section, and then from the Core list, copy the „tar.gz” link.
Next, go to the / tmp directory on the server. This is a good directory choice for downloading ephemeral stuff like the Tomcat archive, which will not come in handy after downloading the Tomcat content:
cd /tmp
curl -O http://apache.mirrors.ionfish.org/tomcat/tomcat-8/v8.5.5/bin/apache-tomcat-8.5.5.tar.gz
We will be installing Tomcat to the / opt / tomcat directory. Create a directory and then unpack the archive with the following commands:
sudo mkdir /opt/tomcat
sudo tar xzvf apache-tomcat-8*tar.gz -C /opt/tomcat --strip-components=1
The tomcat user we have created must have access to the Tomcat installation. Change to the directory where the Tomcat installation was unpacked and set the tomcat group ownership of the entire installation directory.
cd /opt/tomcat
sudo chgrp -R tomcat /opt/tomcat
Next, set the permission to read the conf directory and its contents for the tomcat group.
sudo chmod -R g+r conf
sudo chmod g+x conf
Make the tomcat user the owner of the webapps, work, temp, and logs directories:
sudo chown -R tomcat webapps/ work/ temp/ logs/
Now that the appropriate permissions are set, we can create a systemd file to manage the Tomcat process.
We want to be able to run Tomcat as a service, so we’ll be setting up the services file systemd.
Tomcat needs to know where Java is installed. The path is usually referred to as „JAVA_HOME”. The easiest way to find this location is to run this command:
sudo update-java-alternatives –l
With this information, we can create the services file systemd. Open the tomcat.service file in the / etc / systemd / system directory by typing:
sudo nano /etc/systemd/system/tomcat.service
Paste the following content into the services file. Change the value of the JAVA_HOME environment variable if necessary to match the value that was found on your system. You can also modify the memory allocation settings that are specified in CATALINA_OPTS:
When you are done, save and close the file. Then restart systemd daemon:
sudo systemctl daemon-reload
Start the Tomcat service by typing:
sudo systemctl start tomcat
Double check that Tomcat ran without errors by typing:
sudo systemctl status tomcat
Now that the Tomcat service is up and running, we can test it to make sure the default welcome page is available. Before we do this, we need to set up a firewall to allow our requests to access the service. If the necessary conditions are met, ufw will be enabled. Tomcat uses port 8080 to accept normal requests. You can allow traffic on this port by typing:
sudo ufw allow 8080
With a modified firewall, you can access the default welcome page by entering the IP address or domain in your web browser, then: 8080:
http://server_domain_or_IP:8080
After installing Apache Tomcat, a new variable should be available in the system – CATALINA_HOME. CATALINA_HOME
is the folder where Apache Tomcat is installed. CATALINA_HOME
is necessary because a lot of the files Tomcat will use are referred to from the variable CATALINA_HOME
. For instance log files are written inside CATALINA_HOME/logs
. Configuration is read from CATALINA_HOME/conf
To use the web application manager that comes with Tomcat, we need to add a login to our server. We will do this by editing the tomcat-users.xml file (in $CATALINA_HOME\conf directory):
sudo nano /opt/tomcat/conf/tomcat-users.xml
We will want to add a user who will have access to manager-gui and admin-gui (web applications that come with Tomcat). This can be done by specifying a user, similar to the example below, between the tomcat-users tags. More details about the different Tomcat roles can be found by following this official link. Remember to change your username and set a secure password:
<tomcat-users . . .> <role rolename="manager-gui"/> <role rolename="manager-script"/> <role rolename="admin-gui"/> <user username="admin" password="password" roles="manager-gui, admin-gui"/> </tomcat-users>
Now we should remove the restrictions that block access to selected applications. To change IP address restrictions, open the appropriate context.xml files. Inside, comment out IP address restrictions to allow connection from anywhere. Alternatively, if you only want to allow access to connections coming from your own IP address, you can add your public IP address to the list:
sudo nano /opt/tomcat/webapps/manager/META-INF/context.xml
sudo nano /opt/tomcat/webapps/host-manager/META-INF/context.xml
<Context antiResourceLocking="false" privileged="true" >
<!--<Valve className="org.apache.catalina.valves.RemoteAddrValve"
allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" />-->
</Context>
For our changes to take effect, the Tomcat service must be restarted:
sudo systemctl restart tomcat
Now that we have created the user, we can access the web management interface in the web browser again. Once again, you can bring up the correct interface by typing the domain name or the IP address of the server followed by port 8080 in the browser:
http://server_domain_or_IP:8080
Let’s look at the App Manager available via the link or
http://server_domain_or_IP/manager/html
Enter the account details that were added to the tomcat-users.xml file. Then you should see a page that looks like this:
[tutaj zdjęcie]
If there is another application that is already bound to this port, the startup console will let us know. To change the port, we can edit the server configuration file server.xml located at $CATALINA_HOME\conf\server.xml. By default, the connector configuration is as follows:
<Connector port="8080" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" />
Web Application Manager is used to manage Java applications. The application can be started, stopped, restarted, deployed, and removed. You can also run an application diagnostics (i.e. find a memory leak). Finally, information about the server is available at the bottom of this page.
Now let’s look at Host Manager available via link or
http://server_domain_or_IP/host-manager/html/
On the Virtual Host Manager page, you can add virtual hosts to host your applications.
Tomcat Installation Complete! Now you can design your own Java based web applications!