Image: Jack Wallen

Apache Tomcat is the open source implementation of the Java Servlet, JavaServer Pages, Java Expression Language and Java WebSocket technologies. With Tomcat, you can power large-scale, mission-critical web applications. If you have a need to deploy Java servlets, you will need Tomcat. With Tomcat up and running, you can build your Web ARchive (WAR) and drop it into the deploy directory. Simple as that.

But is Tomcat easy to install? Let’s find out.

As you might expect, I’ll be demonstrating on the Ubuntu Server 16.04 platform. This process is handled completely from the command line, so prepare to type.

Installing Java

The first thing that must be done is the installation of the Java Development Kit. To do this, open up your terminal window and issue the following commands:

sudo apt-get update
​sudo apt-get install default-jdk

The second command will pick up quite a lot of dependencies, which you must okay in order for the installation to complete. Once the install of default-jdk finishes, you can move on to the next step.

Creating the Tomcat group and user

Now we must create both a group and user for Tomcat. The first thing to do is create the group with the command:

sudo groupadd tomcat

Next we add the user and add it to the tomcat group we just created. This is accomplished with the command:

sudo useradd -s /bin/false -g tomcat -d /opt/tomcat tomcat

The above command will ensure that no one can login with the user tomcat and sets the default home to /opt/tomcat (where we will be installing Tomcat).

Installing Tomcat

And now we must install Tomcat on our server. Although you can install Tomcat from a repository, we’re going to download the file and install it manually. To do that, you must first download the necessary file with the command:

curl -O

Note: In the above command, that is an O not a zero.

Now we’ll create the target directory and unpack tomcat with the following two commands:

sudo mkdir /opt/tomcat
​sudo tar xzvf apache-tomcat-8*tar.gz -C /opt/tomcat --strip-components=1

Now we need to change the permissions for our newly created directory. This can be done with the following commands:

cd /opt/tomcat
​sudo chgrp -R tomcat /opt/tomcat
​sudo chmod -R g+r confsudo chmod g+x conf

Next change the ownership of a few subdirectories, with the command:

sudo chown -R tomcat webapps/ work/ temp/ logs/

Create the necessary systemd service file

We need to make sure that systemd is aware of tomcat, so it can be run as a service. To do this you need to first find out where java is installed. To find this location, issue the command:

sudo update-java-alternatives -l

You should be presented with the full path to the java installation. In my case, that path is:


The JAVA_HOME variable, however, must end in jre, so the path will be:


With that information in hand, you can create the necessary systemd service. To do this, issue the command sudo nano /etc/systemd/system/tomcat.service. In this new file, add the following contents (you can adjust the memory settings associated with the CATALINA environment as needed):

Description=Apache Tomcat Web Application Container


Environment='CATALINA_OPTS=-Xms512M -Xmx1024M -server -XX:+UseParallelGC'




Save and close that file. Now reload the systemd daemon and start the Tomcat service with the following commands:

sudo systemctl daemon-reload
​sudo systemctl start tomcat

Test to ensure Tomcat is running with the command:

sudo systemctl status tomcat

You should see active (running) listed in the output (Figure A).

Figure A

The web interface

At this point, you can point a web browser to http://IP_OF_SERVER:8080 to see the Tomcat web interface. However, if you attempt to click on the Manager App button, you will receive an HTTP Status 403 – Forbidden error. To fix that you must add a login to the web interface. To solve this issue, you must open the file /opt/tomcat/conf/tomcat-users.xml and adjust the section. Within that file, locate the roll rollname and user username section. You will see that section has been commented out with tags. Remove those two tags. Now you must add the following to that section:

Where USER is the username you want to add and PASSWORD is the password to be used.

Next we must allow remote connections to the manager-gui. If you will only be accessing the manager-gui from the machine Tomcat is installed on, you can skip this section. Issue the command sudo nano /opt/tomcat/webapps/manager/META-INF/context.xml to open the file for editing and comment out the Valve section (by encasing it in ). The resulting code will look like:

Now you can restart tomcat with the command:

sudo systemctl restart tomcat

Point your browser to http://IP_OF_SERVER:8080. Click on the Manager App button and login with the credentials you created in tomcat-users.xml. At this point you’ll be logged into the manager gui and can begin working with your Tomcat server and manage your servlets.

You’re ready to go

Tomcat is now ready to work for you. Make sure you spend plenty of time with the manager gui so you can understand what all can be done with the tool. Happy serving up those java servlets!

Subscribe to the Data Insider Newsletter

Learn the latest news and best practices about data science, big data analytics, artificial intelligence, data security, and more. Delivered Mondays and Thursdays

Subscribe to the Data Insider Newsletter

Learn the latest news and best practices about data science, big data analytics, artificial intelligence, data security, and more. Delivered Mondays and Thursdays