Apache Tomcat 9 is the latest version available for the installation of the Tomcat web server. Tomcat is an open-source web server for Java-based applications developed by the Apache Foundation. We use Tomcat for deploying Java Servlet and JSP applications. To know more about the Apache Tomcat visit apache official site http://tomcat.apache.org/.
This tutorial will help you to install and configure the Tomcat 9 server on CentOS 8 and RHEL 8 Linux systems.
- Shell access
- sudo priviledged account access
Step 1 – Install Java
Java is the primary requirement for running Tomcat 9 on CentOS 8 Linux system. Make sure you have Java 8 or higher version installed in your system. Use the following command to install OpenJDK on your system.
sudo dnf install openjdk
Then check the installed Java version
java -versionopenjdk version "11.0.7" 2020-04-14 LTS OpenJDK Runtime Environment 18.9 (build 11.0.7+10-LTS) OpenJDK 64-Bit Server VM 18.9 (build 11.0.7+10-LTS, mixed mode, sharing)
Step 2 – Create Tomcat User
Many system administrators run Tomcat as a root user which is not the correct way for security purposes. So, create a separate account to run your Tomcat server on your system.
sudo useradd -m -d /opt/tomcat -U -s /bin/false tomcat
The above command will create a user with the name “tomcat” with a group named “tomcat”.
Step 3 – Download Tomcat 9 Archive
The Apache Tomcat is available on official download pages, Where you can select the nearest peers to download Tomcat faster. To download Apache Tomcat archive file from Apache tomcat official download server use the following command:
Then extract the archive file and copy all the files under the tomcat home directory
tar xzf apache-tomcat-9.0.63.tar.gz
sudo mv apache-tomcat-9.0.63/* /opt/tomcat/
Also, set the proper ownership of all files.
sudo chown -R tomcat:tomcat /opt/tomcat/
Step 4 – Enable Host/Manager for Remote IP
By default Tomcat manager and host-manager, pages are enabled to access from localhost only. To access these pages from the remote system, you have to allow your IP or IP range in the application-specific context.xml file.
- Manager – /opt/tomcat/webapps/manager/META-INF/context.xml
- Host Manager – /opt/tomcat/webapps/host-manager/META-INF/context.xml
Edit the above files one by one and add the IP address (like 192.168.1.10) or range of IP addresses to allow access. For reference see the below screenshot.
Save files and close.
Step 5 – Setup User Accounts
Now, configure your tomcat with user accounts to secure access of admin/manager pages. To do this, edit /opt/tomcat/conf/tomcat-users.xml file in your editor and paste the following code inside <tomcat-users> </tomcat-users> tags. We recommend changing the password in the below configuration with high secured password.
<!-- user manager can access only manager section --><role rolename=" manager-gui" /> <user username=" manager" password=" _SECRET_PASSWORD_" roles=" manager-gui" /> <!-- user admin can access manager and admin section both --><role rolename=" admin-gui" /> <user username=" admin" password=" _SECRET_PASSWORD_" roles=" manager-gui,admin-gui" />
Save the file and close.
Step 6 – Create Tomcat Start Script
Tomcat provides bash scripts to start, stop service. But, to make it simpl, create a startup script to manage Tomcat as systemd service. Let’s create a tomcat.service file with the following content:
sudo vim /etc/systemd/system/tomcat.service
Add the below snippet.
[Unit] Description=Tomcat 9 After=network.target [Service] Type=forking User=tomcat Group=tomcat Environment="JAVA_HOME=/usr/lib/jvm/jre" Environment="JAVA_OPTS=-Djava.security.egd=file:///dev/urandom" Environment="CATALINA_BASE=/opt/tomcat" Environment="CATALINA_HOME=/opt/tomcat" Environment="CATALINA_PID=/opt/tomcat/temp/tomcat.pid" Environment="CATALINA_OPTS=-Xms512M -Xmx1024M -server -XX:+UseParallelGC" ExecStart=/opt/tomcat/bin/startup.sh ExecStop=/opt/tomcat/bin/shutdown.sh [Install] WantedBy=multi-user.target
Reload the systemd daemon service to apply changes
sudo systemctl daemon-reload
Then, enable and start Tomcat service on your system
sudo systemctl enable tomcat.service
sudo systemctl start tomcat.service
Step 7 – Access Tomcat in Browser
Tomcat server works on port 8080 default. To access Tomcat on the web browser by connecting your server to port 8080.
If you are connecting from the local machine then use the localhost. To connect from a remote machine use the IP address of the system with port: