Differences
This shows you the differences between two versions of the page.
| Next revision | Previous revision | ||
| redhat:web-server-redhat:tomcat-9-on-redhat [2020/01/23 12:57] – created michael | redhat:web-server-redhat:tomcat-9-on-redhat [2020/01/23 13:33] (current) – [How to Install Tomcat 9 on CentOS 8] michael | ||
|---|---|---|---|
| Line 2: | Line 2: | ||
| Apache Tomcat is an open-source implementation of the Java Servlet, JavaServer Pages, Java Expression Language, and Java WebSocket technologies. It is one of the most widely adopted applications and web servers in the world today. Tomcat is simple to use and has a robust ecosystem of add-ons. | Apache Tomcat is an open-source implementation of the Java Servlet, JavaServer Pages, Java Expression Language, and Java WebSocket technologies. It is one of the most widely adopted applications and web servers in the world today. Tomcat is simple to use and has a robust ecosystem of add-ons. | ||
| + | |||
| + | {{: | ||
| ===== Installation Tutorial ===== | ===== Installation Tutorial ===== | ||
| Line 8: | Line 10: | ||
| + | <WRAP center box 100%> | ||
| ==== Installing Java ==== | ==== Installing Java ==== | ||
| Line 14: | Line 17: | ||
| Run the following command as root or user with sudo privileges to install Java: | Run the following command as root or user with sudo privileges to install Java: | ||
| - | sudo dnf install java-11-openjdk-devel | + | < |
| Once the installation is complete, verify it by checking the Java version: | Once the installation is complete, verify it by checking the Java version: | ||
| - | java -version | + | |
| + | < | ||
| The output should look something like this: | The output should look something like this: | ||
| + | <sxh bash; gutter: false;> | ||
| openjdk version " | openjdk version " | ||
| OpenJDK Runtime Environment 18.9 (build 11.0.5+10-LTS) | OpenJDK Runtime Environment 18.9 (build 11.0.5+10-LTS) | ||
| OpenJDK 64-Bit Server VM 18.9 (build 11.0.5+10-LTS, | OpenJDK 64-Bit Server VM 18.9 (build 11.0.5+10-LTS, | ||
| + | </ | ||
| + | </ | ||
| + | <WRAP center box 100%> | ||
| ==== Creating a System User ==== | ==== Creating a System User ==== | ||
| Running Tomcat under the root user is a security risk. We'll create a new system user and group with home directory /opt/tomcat that will run the Tomcat service. To do so, enter the following command: | Running Tomcat under the root user is a security risk. We'll create a new system user and group with home directory /opt/tomcat that will run the Tomcat service. To do so, enter the following command: | ||
| - | sudo useradd -m -U -d /opt/tomcat -s /bin/false tomcat | ||
| + | < | ||
| + | </ | ||
| + | |||
| + | |||
| + | <WRAP center box 100%> | ||
| ==== Downloading Tomcat ==== | ==== Downloading Tomcat ==== | ||
| Tomcat binary distribution is available for download from the Tomcat downloads page. | Tomcat binary distribution is available for download from the Tomcat downloads page. | ||
| - | At the time of writing, the latest Tomcat version is 9.0.30. Before continuing with the next step, check the Tomcat 9 download page to see if a newer version is available. | + | At the time of writing, the latest Tomcat version is '' |
| - | Download the Tomcat zip file with wget to the /tmp directory: | + | Download the Tomcat zip file with '' |
| - | VERSION=9.0.30 | + | < |
| - | wget https:// | + | # wget https:// |
| - | Once the download is complete, extract the tar file to the /opt/tomcat directory:: | + | |
| + | Once the download is complete, extract the tar file to the /opt/tomcat directory: | ||
| + | |||
| + | < | ||
| - | sudo tar -xf / | ||
| Tomcat is updated on a regular basis. To have more control over versions and updates, we'll create a symbolic link called latest, that points to the Tomcat installation directory: | Tomcat is updated on a regular basis. To have more control over versions and updates, we'll create a symbolic link called latest, that points to the Tomcat installation directory: | ||
| - | sudo ln -s / | + | < |
| The system user that was previously created, must have access to the tomcat installation directory. Change the directory ownership to user and group tomcat: | The system user that was previously created, must have access to the tomcat installation directory. Change the directory ownership to user and group tomcat: | ||
| - | sudo chown -R tomcat: /opt/tomcat | + | |
| + | < | ||
| Make the shell scripts inside the bin directory executable: | Make the shell scripts inside the bin directory executable: | ||
| - | sudo sh -c 'chmod +x / | + | < |
| - | These scripts are used to start and stop Tomcat. | + | |
| + | These scripts are later used to start and stop Tomcat from the systemd unit file. | ||
| + | </ | ||
| + | |||
| + | <WRAP center box 100%> | ||
| ==== Creating a Systemd Unit File ==== | ==== Creating a Systemd Unit File ==== | ||
| Instead of manually starting and stopping the Tomcat server, we'll set it to run as a service. Open your text editor and create a tomcat.service unit file in the / | Instead of manually starting and stopping the Tomcat server, we'll set it to run as a service. Open your text editor and create a tomcat.service unit file in the / | ||
| - | sudo nano / | + | |
| + | < | ||
| Paste the following content: | Paste the following content: | ||
| - | / | + | <sxh bash> |
| [Unit] | [Unit] | ||
| Description=Tomcat 9 servlet container | Description=Tomcat 9 servlet container | ||
| Line 84: | Line 108: | ||
| [Install] | [Install] | ||
| WantedBy=multi-user.target | WantedBy=multi-user.target | ||
| - | Copy | + | </ |
| Save and close the file. | Save and close the file. | ||
| Notify systemd that a new service file exists, by typing: | Notify systemd that a new service file exists, by typing: | ||
| - | sudo systemctl daemon-reload | + | |
| + | < | ||
| Enable and start the Tomcat service: | Enable and start the Tomcat service: | ||
| - | sudo systemctl enable --now tomcat | + | < |
| - | Check the service status: | + | |
| - | sudo systemctl status tomcat | + | Check the service status; the output should show that the Tomcat server is enabled and running: |
| - | The output should show that the Tomcat server is enabled and running: | + | |
| + | < | ||
| + | <sxh bash; gutter: false;> | ||
| ● tomcat.service - Tomcat 9 servlet container | ● tomcat.service - Tomcat 9 servlet container | ||
| | | ||
| Line 100: | Line 129: | ||
| Process: 3957 ExecStart=/ | Process: 3957 ExecStart=/ | ||
| ... | ... | ||
| + | </ | ||
| + | </ | ||
| + | <WRAP center box 100%> | ||
| ==== Configuring Firewall ==== | ==== Configuring Firewall ==== | ||
| Line 108: | Line 140: | ||
| Use the following commands to open the necessary port: | Use the following commands to open the necessary port: | ||
| - | sudo firewall-cmd --permanent --zone=public --add-port=8080/ | + | < |
| - | sudo firewall-cmd --reload | + | sudo firewall-cmd --reload</ |
| - | Typically, when running Tomcat in a production environment, | + | |
| + | <WRAP center round tip 100%> | ||
| + | Typically, when running Tomcat in a production environment, | ||
| + | </ | ||
| + | |||
| + | </ | ||
| ===== Additional: Configuring Tomcat Web Management Interface ===== | ===== Additional: Configuring Tomcat Web Management Interface ===== | ||
| - | At this point, you should be able to access Tomcat with a web browser on port 8080. The web management interface is not accessible because we have not created a user yet. | + | At this point, you should be able to access Tomcat with a web browser on '' |
| + | |||
| + | Tomcat users and roles are defined in the '' | ||
| - | Tomcat users and roles are defined in the tomcat-users.xml file. | ||
| If you open the file, you will notice that it is filled with comments and examples describing how to configure the file. | If you open the file, you will notice that it is filled with comments and examples describing how to configure the file. | ||
| - | sudo nano / | + | < |
| - | Tomcat users are defined the user in the tomcat-users.xml file. To create a new user that can access the tomcat web interface (manager-gui and admin-gui), edit file as shown below. Make sure you change the username and password to something more secure: | + | |
| - | / | + | Tomcat users are defined the user in the '' |
| + | |||
| + | <sxh xml> | ||
| < | < | ||
| <!-- | <!-- | ||
| Line 132: | Line 172: | ||
| < | < | ||
| </ | </ | ||
| - | Copy | + | </ |
| By default Tomcat web management interface is configured to allow access only from the localhost. | By default Tomcat web management interface is configured to allow access only from the localhost. | ||
| If you need to access the web interface from anywhere open the following files and comment or remove the lines highlighted in yellow: | If you need to access the web interface from anywhere open the following files and comment or remove the lines highlighted in yellow: | ||
| - | / | + | |
| + | < | ||
| + | |||
| + | <sxh xml> | ||
| <Context antiResourceLocking=" | <Context antiResourceLocking=" | ||
| <!-- | <!-- | ||
| Line 144: | Line 188: | ||
| --> | --> | ||
| </ | </ | ||
| - | Copy | + | </ |
| - | / | + | |
| + | < | ||
| + | |||
| + | <sxh xml> | ||
| <Context antiResourceLocking=" | <Context antiResourceLocking=" | ||
| <!-- | <!-- | ||
| Line 152: | Line 199: | ||
| --> | --> | ||
| </ | </ | ||
| - | Copy | + | </ |
| Please note, allowing access from anywhere is not recommended because it is a security risk. | Please note, allowing access from anywhere is not recommended because it is a security risk. | ||
| If you want to access the web interface only from a specific IP, instead of commenting the blocks add your public IP to the list. | If you want to access the web interface only from a specific IP, instead of commenting the blocks add your public IP to the list. | ||
| - | Let's say your public IP is 41.41.41.41 and you want to allow access only from that IP: | + | Let's say your public IP is '' |
| - | / | + | < |
| + | |||
| + | <sxh xml> | ||
| <Context antiResourceLocking=" | <Context antiResourceLocking=" | ||
| <Valve className=" | <Valve className=" | ||
| | | ||
| </ | </ | ||
| - | Copy | + | </ |
| - | / | + | |
| + | < | ||
| + | |||
| + | <sxh xml> | ||
| <Context antiResourceLocking=" | <Context antiResourceLocking=" | ||
| <Valve className=" | <Valve className=" | ||
| | | ||
| </ | </ | ||
| - | Copy | + | </ |
| The list of allowed IP addresses is a list separated with vertical bar |. You can add single IP addresses or use a regular expressions. | The list of allowed IP addresses is a list separated with vertical bar |. You can add single IP addresses or use a regular expressions. | ||
| Once done, restart the Tomcat service for changes to take effect: | Once done, restart the Tomcat service for changes to take effect: | ||
| - | sudo systemctl restart tomcat | + | < |
| + | ---- | ||
| + | |||
| + | <WRAP center box 100%> | ||
| ==== Testing Management Interface Installation ==== | ==== Testing Management Interface Installation ==== | ||
| - | Open your browser and type: http://< | + | Open your browser and type: '' |
| Upon successful installation, | Upon successful installation, | ||
| + | {{: | ||
| + | |||
| + | ---- | ||
| + | |||
| + | Tomcat web application manager dashboard allows you to deploy, undeploy, start, stop, and reload your applications. It is available at: '' | ||
| + | |||
| + | {{: | ||
| + | |||
| + | ---- | ||
| + | |||
| + | Tomcat virtual host manager dashboard allows you to create, delete, and manage Tomcat virtual hosts. It is available at: '' | ||
| - | Tomcat web application manager dashboard allows you to deploy, undeploy, start, stop, and reload your applications. It is available at: http://< | + | {{:redhat:web-server-redhat:tomcat-host-manager.jpg|}} |
| + | </ | ||
| - | Tomcat virtual host manager dashboard allows you to create, delete, and manage Tomcat virtual hosts. It is available at: http://< | ||