The Apache Tomcat software is an open source implementation of the Java Servlet, JavaServer Pages, Java Expression Language and Java WebSocket technologies.
Apache Tomcat software powers to run numerous large-scale, mission-critical web application across a diverse range of industries and organizations.
The Apache tomcat is very powerful and popular application server in the world and having a robust ecosystem of add-ons. It is straightforward to use and configure to run java applications.
In this tutorial, we will explain how to install and configure Tomcat 9 application server on Ubuntu 16.04.
We need a system running on Ubuntu 16.04, and having a user to login on the system with sudo privileges to execute installation command without any issue.
Tomcat application server needs Java to installed on the system. Here, we will install OpenJDK, which is default Java Development and runtime environment provided by Ubuntu 16.04.
You can install any java in your system ether OpenJDK or Oracle Java, follow this to install Java into Ubuntu.
The installation of OpenJDK is straightforward, first update the Ubuntu package repository index:
$ sudo apt update
Now, install OpenJDK using following command:
$ sudo apt install openjdk-11-jdk
Create Tomcat User
Due to some security issue, we are not running Tomcat under the root user privileges. So, we are creating a new system user to run Tomcat service with home directory “/opt/tomcat”:
$ sudo useradd -r -m -U -d /opt/tomcat -s /bin/false tomcat
Install Tomcat Application Server
To install Tomcat first need to download binary release of Tomcat 9 from the Tomcat application server download page.
At the time of writing this tutorial, the latest version of Tomcat is 9.0.36. Before continuing the next step to install Tomcat, you should check the Tomcat 9 download page for the latest release. If there is a new version of Tomcat is available, copy the link od the core “tar.gz” file from the Binary distribution section.
Use wget command to download Tomcat archive in the “/tmp” directory using the following command:
$ wget http://www-eu.apache.org/dist/tomcat/tomcat-9/v9.0.27/bin/apache-tomcat-9.0.27.tar.gz -P /tmp
After completing the download of Tomcat binary package, extract the package and move it to the “/opt/tomcat” directory using the following command:
$ sudo tar xf /tmp/apache-tomcat-9*.tar.gz -C /opt/tomcat
We can control Tomcat versions and updates by creating a symbolic link of tomcat installation directory with the name of “latest” as shown below:
$ sudo ln -s /opt/tomcat/apache-tomcat-9.0.27 /opt/tomcat/latest
When you want to upgrade Tomcat instance to the latest version, simple unpack the newer version of Tomcat and change the symlink point to the latest version.
Now we need to give access to the Tomcat installation directory to the tomcat user, as we want to run the tomcat service using this system user.
We can use the following command to change the directory ownership for user and group to Tomcat:
$ sudo chown -RH tomcat: /opt/tomcat/latest
The scripts available inside “bin” directory must be having executable permission:
$ sudo sh -c 'chmod +x /opt/tomcat/latest/bin/*.sh'
Create a system Unit File
If we want to run Tomcat as a service, we need to create a new unit file.
First, we will create a tomcat service file as name “tomcat.service” in the “/etc/system/system/” directory, using the following command:
$ sudo vim /etc/systemd/system/tomcat.service
Copy and paste the following configuration into the service file:
[Unit] Description=Tomcat 9 servlet container After=network.target [Service] Type=forking User=tomcat Group=tomcat Environment="JAVA_HOME=/usr/lib/jvm/default-java" Environment="JAVA_OPTS=-Djava.security.egd=file:///dev/urandom -Djava.awt.headless=true" Environment="CATALINA_BASE=/opt/tomcat/latest" Environment="CATALINA_HOME=/opt/tomcat/latest" Environment="CATALINA_PID=/opt/tomcat/latest/temp/tomcat.pid" Environment="CATALINA_OPTS=-Xms512M -Xmx1024M -server -XX:+UseParallelGC" ExecStart=/opt/tomcat/latest/bin/startup.sh ExecStop=/opt/tomcat/latest/bin/shutdown.sh [Install] WantedBy=multi-user.target
“you should modify the “JAVA_HOME” path as per your installation path”.
After saving the above service file, notify the system that we have a new unit file using the following command:
$ sudo systemctl daemon-reload
Now, start Tomcat service by executing the below command:
$ sudo systemctl start tomcat
We can use the following command to check the service status:
$ sudo systemctl status tomcat
* tomcat.service - Tomcat 9 servlet container Loaded: loaded (/etc/systemd/system/tomcat.service; disabled; vendor preset: enabled) Active: active (running) since Wed 2019-06-05 15:45:28 PDT; 20s ago Process: 1712 ExecStart=/opt/tomcat/latest/bin/startup.sh (code=exited, status=0/SUCCESS) Main PID: 1402 (java) Tasks: 47 (limit: 2319) CGroup: /system.slice/tomcat.service
If we are not getting any error in the service file, we will enable the Tomcat service to start it automatically on system boot time:
$ sudo systemctl enable tomcat
Adjust the Firewall
If a firewall protects your Ubuntu 16.04 system, and you want to access your Tomcat from the outside of your local network, need to open port 8080 on the firewall as tomcat service is running on default port 8080.
To open port 8080 from outside of the local network, execute below command:
$ sudo ufw allow 8080/tcp
Generally, we are using the Tomcat application server with a load balancer or reverse proxy server. It is the best practice to restrict access on port 8080 for the local network and use the application on a proxy server.
Configure Tomcat Web Management Interface
Now the Tomcat is successfully installed and running into the Ubuntu 16.04 machine. In the next step, we will check how to create a user to access the Tomcat’s web management interface.
We have a configuration file in Tomcat with name “tomcat-users.xml”. This file is a template with comment and examples of configuring a user and role.
To check the file, use below command:
$ sudo vim /opt/tomcat/latest/conf/tomcat-users.xml
To create a user to access Tomcat web interface with the access of Manager and admin, we need to create a user in the tomcat-user.xml file as shown below. It would be best if you changed the username and password as we use less secure user and password here:
<tomcat-users> <!-- Comments --> <role rolename="admin-gui"/> <role rolename="manager-gui"/> <user username="admin" password="admin_password" roles="admin-gui,manager-gui"/> </tomcat-users>
By default, Tomcat web management interface is accessible from localhost only. If you want to access it from remote location or IP, you have to remove these restrictions.
To open access to the web interface from anywhere, comment or remove these lines from these two files:
<Context antiResourceLocking="false" privileged="true" > <!-- <Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="127.d+.d+.d+|::1|0:0:0:0:0:0:0:1" /> --> </Context>
But I recommend you to allow your IP to access it from your IP, and due to security issue don’t open it for all.
To allow it from a specific IP you can simply add your IP into both files. For example, we enable your IP 126.96.36.199 to access the Manager and Host Manager app, as shown below:
<Context antiResourceLocking="false" privileged="true" > <Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="127.d+.d+.d+|::1|0:0:0:0:0:0:0:1|188.8.131.52" /> </Context>
The allowed IP addresses separated by vertical bar “|”. You can use it to add a single IP address or use a regular expression.
To take effect of the above configuration, always restart Tomcat services when you edit Tomcat configuration files:
$ sudo systemctl restart tomcat
Test the Tomcat Installation
Open your browser and assess Tomcat using IP address and port 8080, like http://<your_domain_or_IP_address>:8080
After successful installation of Tomcat you will get a similar screen shown below:
The Tomcat web application manager dashboard is available on url “http://<your_domain_or_IP_address>:8080/manager/html”. You can deploy, undeploy, start, stop and reload application from this manager window.
Similarly, Tomcat virtual host manager dashboard is available on url “http://<your_domain_or_IP_address>:8080/host-manager/html”. This dashboard you can use to create, delete and manage Tomcat virtual hosts.
To sign in above both panel, you can use username and password which have created for tomcat web interface access in the above steps.
You have installed Tomcat 9 on your Ubuntu 16.04 machine. You have learned to access tomcat applications, manager and host-manager dashboard. You lean to configure tomcat user to access web interfaces to manage tomcat services and virtual hosts.
If you want to know more about the Tomcat application server, you can visit official Apache Tomcat 9 Documentation site.
If you are getting any problem with this article or have any feedback, leave a comment below.