Introduction

Tomcat is an open-source web server developed by the Apache Software Foundation. It is widely used for hosting Java-based web applications. Built on Java technologies, Tomcat implements the Java Servlet and JavaServer Pages (JSP) specifications, acting as a bridge between web servers and Java applications. It efficiently handles dynamic content and client requests.

Tomcat is favored for its scalability, robustness, and strong community support. Its modular design and compliance with industry standards make it easy for developers to build and deploy web applications.

In this blog, we explain how to set up Tomcat on Linux. If you need instructions for other operating systems, please visit the official Tomcat website.

Step 1 – Install Java

You must have JRE (Java runtime environment) installed on your system. Tomcat 10 is required to have JRE 8 or higher version installed on your system. Use the following command to install OpenJDK to fulfil the requirements.

sudo apt update

Use the following command to download JDK Java to your system
sudo apt install default-jdk -y

After the installation, check the Java version with the following command. If you can’t see the version, there may be an issue with your Java installation that you’ll need to resolve.
java -version

Step 2 – Create Tomcat User

We recommended running a Tomcat server with a dedicated user account. Create a new user, which is recommended for security purposes mainly for production deployments.

sudo useradd -m -d /opt/tomcat -U -s /bin/false tomcat

The above command will create a user and group with the name “tomcat” in your system.

Step 3 – Install Tomcat 10

Use the below command to download Tomcat 10.

wget https://dlcdn.apache.org/tomcat/tomcat-10/v10.0.20/bin/apache-tomcat-10.0.20.tar.gz

Once the download is completed, extracted the downloaded archive and copy all content to the tomcat home directory.

sudo tar xzvf apache-tomcat-10*tar.gz -C /opt/tomcat --strip-components=1

sudo chown -R tomcat:tomcat /opt/tomcat/ sudo chmod -R u+x /opt/tomcat/bin

Step 4 – Create Tomcat User

Now, configure your tomcat with user accounts to secure access of admin/manager pages. To do this, edit conf/tomcat-users.xml file in your editor and paste the following code inside <tomcat-users> </tomcat-users> tags. We recommend changing the password in the below configuration with high secured password.

sudo nano /opt/tomcat/conf/tomcat-users.xml

Add the following values. Make sure to change the password for admin and manager access.

—————————————————————————————–

<!– user manager can access only manager section –>

<role rolename=”manager-gui” />

<user username=”manager” password=”_SECRET_PASSWORD_” roles=”manager-gui” />

<!– user admin can access manager and admin section both –>

<role rolename=”admin-gui” />

<user username=”admin” password=”_SECRET_PASSWORD_”

roles=”manager-gui,admin-gui” />

——————————————————————————————-

Save file and close.

Step 5 – Enable Remote Tomcat Access

The default Tomcat manager and host-manager applications are accessible for localhost only. To allow access to these pages from the remote system, you need to modify the following configuration files.

sudo nano /opt/tomcat/webapps/manager/META-INF/context.xml

Comment out the section added for IP address restriction to allow connections from anywhere.

—————————————————————————————-

<Context antiResourceLocking=”false” privileged=”true” >
<CookieProcessor className=”org.apache.tomcat.util.http.Rfc6265CookieProcessor”

sameSiteCookies=”strict” />
<!– <Valve className=”org.apache.catalina.valves.RemoteAddrValve”

allow=”127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1″ /> –> </Context>

——————————————————————————————

Similarly edit context.xml for host manager application in text editor: sudo nano /opt/tomcat/webapps/host-manager/META-INF/context.xml

Comment out the same section to allow connections from anywhere.

—————————————————————————————— |

<Context antiResourceLocking=”false” privileged=”true” >
<CookieProcessor className=”org.apache.tomcat.util.http.Rfc6265CookieProcessor”

|

</Context> ——————————————————————————————-| Save all files and close it.

Step 6 – Create a Tomcat Systemd Unit File

Tomcat provides bash scripts to start, stop service. But, to make it simple, create a startup script to manage Tomcat as systemd service. Let’s create a tomcat.service file with the following content:

sudo nano /etc/systemd/system/tomcat.service —————————————————————————————

[Unit] Description=Tomcat

…

sameSiteCookies=”strict” />
<!–<Valve className=”org.apache.catalina.valves.RemoteAddrValve”

allow=”127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1″ /> –>
… |

After=network.target

[Service]
Type=forking AmbientCapabilities=CAP_NET_BIND_SERVICE

User=tomcat Group=tomcat

Environment=”JAVA_HOME=/usr/lib/jvm/java-1.11.0-openjdk-amd64″ Environment=”JAVA_OPTS=-Djava.security.egd=file:///dev/urandom” Environment=”CATALINA_BASE=/opt/tomcat” Environment=”CATALINA_HOME=/opt/tomcat” Environment=”CATALINA_PID=/opt/tomcat/temp/tomcat.pid” Environment=”CATALINA_OPTS=-Xms512M -Xmx1024M -server -XX:+UseParallelGC”

ExecStart=/opt/tomcat/bin/startup.sh ExecStop=/opt/tomcat/bin/shutdown.sh

[Install] WantedBy=multi-user.target

—————————————————————————————-

*Note : AmbientCapabilities=CAP_NET_BIND_SERVICE helps to bind to port 80. Also change /opt/tomcat/conf/server.xml connector port from 8080 to 80 .

Reload the daemon using the following command
sudo systemctl daemon-reload

Let’s start the Tomcat service using the following command:
sudo systemctl start tomcat.service

And enable the Tomcat service to start automatically after the system reboots with the following command
sudo systemctl enable tomcat.service

Check the status of the Tomcat service. It should be in a running state if the setup is working correctly
sudo systemctl status tomcat.service

Step 7 – Access the Tomcat Web Interface

The default Tomcat server runs on port 8080. As you have configured Tomcat on your system, you can access web interface from your system. You can access tomcat interfaces by entering your server’s IP address or a domain name pointed to that server, followed by port 8080 in your browser:

Change flexicloud.local with your server ip or domain or localhost.

http://flexicloud.local:8080/ http://flexicloud.local:8080/manager/ http://flexicloud.local:8080/host-manager/

Reference : https://tecadmin.net/how-to-install-tomcat-10-on-ubuntu-20-04/

Conclusion

Tomcat is a useful tool for running Java Servlets and JSPs. It lets you run Java code on a web server made with Java. We hope this guide helped you install Tomcat on Linux and set up some basic configurations.