Apache Tomcat is the open source implementation of the Java Servlet, JavaServer Pages, Java Expression Language and Java WebSocket technologies. With Tomcat, you can power large-scale, mission-critical web applications. If you have a need to deploy Java servlets, you will need Tomcat. With Tomcat up and running, you can build your Web ARchive (WAR) and drop it into the deploy directory. Simple as that.
But is Tomcat easy to install? Let's find out.
As you might expect, I'll be demonstrating on the Ubuntu Server 16.04 platform. This process is handled completely from the command line, so prepare to type.
The first thing that must be done is the installation of the Java Development Kit. To do this, open up your terminal window and issue the following commands:
sudo apt-get update sudo apt-get install default-jdk
The second command will pick up quite a lot of dependencies, which you must okay in order for the installation to complete. Once the install of default-jdk finishes, you can move on to the next step.
Creating the Tomcat group and user
Now we must create both a group and user for Tomcat. The first thing to do is create the group with the command:
sudo groupadd tomcat
Next we add the user and add it to the tomcat group we just created. This is accomplished with the command:
sudo useradd -s /bin/false -g tomcat -d /opt/tomcat tomcat
The above command will ensure that no one can login with the user tomcat and sets the default home to /opt/tomcat (where we will be installing Tomcat).
And now we must install Tomcat on our server. Although you can install Tomcat from a repository, we're going to download the file and install it manually. To do that, you must first download the necessary file with the command:
curl -O http://apache.mirrors.ionfish.org/tomcat/tomcat-8/v8.5.12/bin/apache-tomcat-8.5.12.tar.gz
Note: In the above command, that is an O not a zero.
Now we'll create the target directory and unpack tomcat with the following two commands:
sudo mkdir /opt/tomcat sudo tar xzvf apache-tomcat-8*tar.gz -C /opt/tomcat --strip-components=1
Now we need to change the permissions for our newly created directory. This can be done with the following commands:
cd /opt/tomcat sudo chgrp -R tomcat /opt/tomcat sudo chmod -R g+r confsudo chmod g+x conf
Next change the ownership of a few subdirectories, with the command:
sudo chown -R tomcat webapps/ work/ temp/ logs/
Create the necessary systemd service file
We need to make sure that systemd is aware of tomcat, so it can be run as a service. To do this you need to first find out where java is installed. To find this location, issue the command:
sudo update-java-alternatives -l
You should be presented with the full path to the java installation. In my case, that path is:
The JAVA_HOME variable, however, must end in jre, so the path will be:
With that information in hand, you can create the necessary systemd service. To do this, issue the command sudo nano /etc/systemd/system/tomcat.service. In this new file, add the following contents (you can adjust the memory settings associated with the CATALINA environment as needed):
[Unit] Description=Apache Tomcat Web Application Container After=network.target [Service] Type=forking Environment=JAVA_HOME=/usr/lib/jvm/java-1.8.0-openjdk-amd64/jre Environment=CATALINA_PID=/opt/tomcat/temp/tomcat.pid Environment=CATALINA_HOME=/opt/tomcat Environment=CATALINA_BASE=/opt/tomcat Environment='CATALINA_OPTS=-Xms512M -Xmx1024M -server -XX:+UseParallelGC' Environment='JAVA_OPTS=-Djava.awt.headless=true -Djava.security.egd=file:/dev/./urandom' ExecStart=/opt/tomcat/bin/startup.sh ExecStop=/opt/tomcat/bin/shutdown.sh User=tomcat Group=tomcat UMask=0007 RestartSec=10 Restart=always [Install] WantedBy=multi-user.target
Save and close that file. Now reload the systemd daemon and start the Tomcat service with the following commands:
sudo systemctl daemon-reload sudo systemctl start tomcat
Test to ensure Tomcat is running with the command:
sudo systemctl status tomcat
You should see active (running) listed in the output (Figure A).
The web interface
At this point, you can point a web browser to http://IP_OF_SERVER:8080 to see the Tomcat web interface. However, if you attempt to click on the Manager App button, you will receive an HTTP Status 403 - Forbidden error. To fix that you must add a login to the web interface. To solve this issue, you must open the file /opt/tomcat/conf/tomcat-users.xml and adjust the <tomcat-users> section. Within that file, locate the roll rollname and user username section. You will see that section has been commented out with <!— and —> tags. Remove those two tags. Now you must add the following to that section:
<role rolename="manager"/> <role rolename="manager-gui"/> <user username="USER" password="PASSWORD" roles="manager,manager-gui,admin-gui,manager-gui,manager-script,manager-jmx,manager-status,admin-script"/>
Where USER is the username you want to add and PASSWORD is the password to be used.
Next we must allow remote connections to the manager-gui. If you will only be accessing the manager-gui from the machine Tomcat is installed on, you can skip this section. Issue the command sudo nano /opt/tomcat/webapps/manager/META-INF/context.xml to open the file for editing and comment out the Valve section (by encasing it in <!— and —>). The resulting code will look like:
<!--<Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" />-->
Now you can restart tomcat with the command:
sudo systemctl restart tomcat
Point your browser to http://IP_OF_SERVER:8080. Click on the Manager App button and login with the credentials you created in tomcat-users.xml. At this point you'll be logged into the manager gui and can begin working with your Tomcat server and manage your servlets.
You're ready to go
Tomcat is now ready to work for you. Make sure you spend plenty of time with the manager gui so you can understand what all can be done with the tool. Happy serving up those java servlets!
- How to install the OpenVAS vulnerability scanner on Ubuntu 16.04 (TechRepublic)
- How to harden Ubuntu Server 16.04 security in five steps (TechRepublic)
- How to install WordPress on Ubuntu 16.04 (TechRepublic)
- How to set up MySQL for remote access on Ubuntu Server 16.04 (TechRepublic)
- Canonical extends Ubuntu 12.04 support for paying customers (ZDNet)
Jack Wallen is an award-winning writer for TechRepublic and Linux.com. He’s an avid promoter of open source and the voice of The Android Expert. For more news about Jack Wallen, visit his website jackwallen.com.