Apache Tomcat is an open-source web server with a servlet container for publishing Java-based web applications. Tomcat is developed and maintained by an open community of developers under the auspices of the Apache Software Foundation. As of today, Tomcat 10 is the latest stable version available for installation in development and production environments. To know more about the Apache Tomcat visit apache’s official site http://tomcat.apache.org/.
This tutorial will help you how to install Apache Tomcat 10 on the Debian 11 and Debian 10 Buster Linux systems.
Prerequisites
A running Debian 10 system with sudo privileged account shell access.
You can get cheaper instances from DigitalOcean hosting.
Step 1 – Install Java
Tomcat 10 required JRE 8 or higher version installed on your system. If your system doesn’t have JRE installed, Use the following commands to install OpenJDK to fulfill the requirements.
sudo apt updatesudo apt install default-jdk -y
Check the current active Java version:
java -version
openjdk 11.0.9.1 2020-11-04
OpenJDK Runtime Environment (build 11.0.9.1+1-post-Debian-1deb10u2)
OpenJDK 64-Bit Server VM (build 11.0.9.1+1-post-Debian-1deb10u2, mixed mode, sharing)
Step 2 – Create Tomcat User
It is good to have a dedicated user account for running a Tomcat server. To create a new user with the name “tomcat”, which is recommended for security purposes mainly for production deployments.
To create a new account, type:
sudo useradd -m -d /opt/tomcat -U -s /bin/false tomcat
The above command will create a user and group with the name “tomcat” in your system.
Step 3 – Install Tomcat on Debian 10
The Apache Tomcat development team releases the latest version of Tomcat from time to time. So it will be good check download the latest Tomcat version from the official download server. Use the below command to download Tomcat 10.
wget https://dlcdn.apache.org/tomcat/tomcat-10/v10.0.27/bin/apache-tomcat-10.0.27.tar.gz
After downloading the archive file, extract the file under the tomcat home directory /opt/tomcat with skipping parent folder.
sudo tar xzvf apache-tomcat-10*tar.gz -C /opt/tomcat --strip-components=1
Next, set the proper file permissions.
sudo chown -R tomcat:tomcat /opt/tomcat/sudo chmod -R u+x /opt/tomcat/bin
You have now the latest Tomcat application on your system.
Step 4 – Create Tomcat User
Now, configure your tomcat with user accounts to secure access of admin/manager pages. To do this, edit conf/tomcat-users.xml file in your editor and paste the following code inside <tomcat-users> </tomcat-users> tags. We recommend changing the password in the below configuration with high secured password.
sudo nano /opt/tomcat/conf/tomcat-users.xml
Add the following values. Make sure to change the password for admin and manager access.
<!-- user manager can access only manager section --> <role rolename="manager-gui " /> <user username="manager " password="_SECRET_PASSWORD_ " roles="manager-gui " /><!-- user admin can access manager and admin section both --> <role rolename="admin-gui " /> <user username="admin " password="_SECRET_PASSWORD_ " roles="manager-gui,admin-gui " />
Save file and close.
Step 5 – Enable Remote Tomcat Access
The default Tomcat manager and host-manager applications are accessible for localhost only. To allow access to these pages from the remote system, you need to modify the following configuration files.
You can either allow specific remote systems or allow all. Edit the context.xml file for manager and host manager application:
sudo nano /opt/tomcat/webapps/manager/META-INF/context.xml
Comment out the section added for IP address restriction to allow connections from anywhere.
<Context antiResourceLocking="false" privileged="true" >
<CookieProcessor className="org.apache.tomcat.util.http.Rfc6265CookieProcessor"
sameSiteCookies="strict" />
<!-- <Valve className="org.apache.catalina.valves.RemoteAddrValve"
allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" /> -->
...
</Context>
Also, edit the context.xml for the host-manager interface and comment on the similar section as above.
sudo nano /opt/tomcat/webapps/host-manager/META-INF/context.xml
Save all files and close them.
Step 6 – Create a Tomcat Systemd Unit File
Tomcat provides bash scripts to start, stop service. But, to make it simple, create a start-up script to manage Tomcat as a systemd service. Let’s create a tomcat.service file with the following content:
sudo nano /etc/systemd/system/tomcat.service
[Unit] Description=Tomcat After=network.target [Service] Type=forking User=tomcat Group=tomcat Environment="JAVA_HOME=/usr/lib/jvm/java-1.11.0-openjdk-amd64" Environment="JAVA_OPTS=-Djava.security.egd=file:///dev/urandom" Environment="CATALINA_BASE=/opt/tomcat" Environment="CATALINA_HOME=/opt/tomcat" Environment="CATALINA_PID=/opt/tomcat/temp/tomcat.pid" Environment="CATALINA_OPTS=-Xms512M -Xmx1024M -server -XX:+UseParallelGC" ExecStart=/opt/tomcat/bin/startup.sh ExecStop=/opt/tomcat/bin/shutdown.sh [Install] WantedBy=multi-user.target
Reload the systemd daemon service to load newly create files.
sudo systemctl daemon-reload
Now, start the Tomcat application for the first time.
sudo systemctl start tomcat.service
Next, enable the tomcat service to auto-start for subsequent system boots. This is more important for the production deployments.
sudo systemctl enable tomcat.service
As of now, the tomcat application is running on your system. You can verify the service status by executing the command as below. Make sure the status is showing “active (running)“.
sudo systemctl status tomcat.service
That’s it. You have successfully configured Tomcat 10 on your Debian system.
Step 7 – Access the Tomcat Web Interface
The default Tomcat server runs on port 8080. As you have configured Tomcat on your system, you can access the web interface from your system. You can access tomcat interfaces by entering your server’s IP address or a domain name pointed to that server, followed by port 8080 in your browser:
Change tecadmin.local with your server ip or domain or localhost.
http://tecadmin.local:8080/
You will see the page like below:
Tomcat Manager App is a web application packaged with the Tomcat server application. The Manager interface provides us with the basic functionality we need to manage our deployed web applications.
Click Manager App button home page or directly type /manager in browser url of main Tomcat server to access it.
http://tecadmin.local:8080/manager/
Tomcat Host Manager App is another web application packaged with Tomcat server application. Which is used to creates/removes Virtual Hosts within the Tomcat service. A Virtual Host allows you to define multiple hostnames on a single server.
Click Host Manager button home page or directly type /host-manager url in main Tomcat server to access it.
http://tecadmin.local:8080/host-manager/
Conclusion
Congratulations, You have a running Tomcat server on a Debian system. You can deploy a Java-based application using a tomcat server.
You may also need to create Virtualhosts in Tomcat or Secure your Tomcat applications with Let’s Encrypt SSL certificate.
2 Comments
I figured out my other issue, another program was listening on port 8080. But now I get an error: “The origin server did not find a current representation for the target resource or is not willing to disclose that one exists.” help?
hey, i tried this tutorial. now when i go to the address where i have tomcat running my browser asks me for credentials. i tried using the ones in /opt/tomcat/conf/tomcat-users.xml but it won’t work. Is this maybe set anywhere else?