If you need to run Java-based web applications, it’s time you check out Apache Tomcat. Apache Tomcat is an open-source lightweight implementation of the Jakarta EE platform that allows you to serve up Java-based web services. And, installing Tomcat on Ubuntu is a great way to get started.
Apache Tomcat provides many ways to implement Java-based technologies from Java Servlets, JavaServer Pages, and Java Expression Language. In this tutorial, you will learn how to install Apache Tomcat 10.0 on an Ubuntu Linux machine.
Table of Contents
This post will be a step-by-step tutorial. To follow along, be sure you have the following:
- An Ubuntu 14.04.4 LTS or greater Linux machine. This tutorial uses Ubuntu 18.04.5 LTS with a public IP address 188.8.131.52.
Apache Tomcat is supported on all Windows, Linux, and macOS operating systems.
Installing the Java Runtime (JRE)
The basis of all Java applications is the runtime environment. Apache Tomcat’s job is to serve up Java-based applications. Before it can do that, however, the host must be able to run Java applets. The JRE is the way to make that happen.
To install the JRE on your Ubuntu machine:
1. First, connect to your Ubuntu machine via SSH.
2. Run the
sudo apt update command to ensure Ubuntu has all of the latest packages available for installation.
# Updating Package Repositories for the Latest Version # Sudo is used to elevate permissions for a non-privileged account sudo apt update
Although this tutorial uses the root user, it is typically best practice to use a less-privileged account that is a member of the sudoers group.
Apache Tomcat requires a Java Standard Edition Runtime Environment (JRE) version 8 or later.
# Installing the JRE sudo apt install default-jdk
4. Now, run the
java --version to verify the JRE version installed. You will see
openjdk 11.0.11 in the command output if the installation is successful.
checking the java version java --version
At time of writing, the latest version available of OpenJDK is 11.0.11, but your version may be different.
Creating an Apache Tomcat User and Group
Like all other services in Linux, Tomcat must run under a specific user account to access various system resources. You could run Tomcat using the God-like root account, which has full privileges to the entire system, but that gives Tomcat way too many privileges and could pose a security risk.
To minimize Tomcat’s unnecessary rights, let’s create an Apache Tomcat user and group under which the server will run.
While still connected to your Ubuntu machine:
1. First, create a new group tomcat with the
groupadd command. You need this group to secure the configuration files of tomcat located at /opt/tomcat/conf by only reading and executing privileges.
sudo groupadd tomcat
2. Next, create the Apache Tomcat user with the
-s– Don’t allow an interactive login for this user by setting the shell to
/bin/falseas you don’t want anybody to use this as a login user.
-g– Assign the new
tomcatuser to the
tomcatgroup that was previously created.
sudo useradd -s /bin/false -g tomcat tomcat
sudo useradd -s /bin/false -g tomcat tomcat
3. Finally, verify that the
tomcat user and group exist with the
id command, as shown below. The
id command displays the user ID, group ID, and the groups that a user account is a member of.
The UID, GID, and group numbers may differ in your case, but all should have (tomcat) name as shown below.
Installing Apache Tomcat
Now that you have installed the JRE and have created a user account and group for Tomcat to use, it’s time to install Apache Tomcat!
1. First, create a directory for Apache Tomcat to be installed using the
">mkdir command. Navigate into that directory with the
cd command, as shown below. Although you can install tomcat in any directory, it is recommended that the software is installed under opt directory.
# Creating the directory tomcat under opt and changing to this directory. mkdir /opt/tomcat cd /opt/tomcat
2. Now, download the latest version of Tomcat using the below
wget command. The below command is downloading Apache Tomcat version 10.0.6.
Check the latest version of Apache Tomcat on the official site.
After a successful download, extract the Apache Tomcat archive to the previously created /opt/tomcat directory with the
-x– Extract the entire archive or one or more files from an archive.
-z– Decompress the archive using the GZip.
-v– Show all files as extracted by the tar command.
-f– Specifies the file to extract.
--strip-components=number– Remove the specified number of leading components from each extracted file (i.e. specifying a
directory/filewould result in
-C– Extract the files into a specified folder.
sudo tar xzvf apache-tomcat-10*tar.gz -C /opt/tomcat --strip-components=1
Updating Apache Tomcat User and Group Permissions
With Apache Tomcat installed, and as mentioned previously, it is important to run Apache Tomcat with a non-root user account. In the following steps, you will update Apache Tomcat to run as the previously created
tomcat user and group.
1. Change into the /opt/tomcat directory by running the
2. Now, change the group membership for the /opt/tomcat directory and all child directories with the chgrp command. You are changing the group here because the Tomcat configuration files will be managed by this group when Tomcat service starts.
# Change the /opt/tomcat directory group membership to tomcat recursively (-R) sudo chgrp –R tomcat /opt/tomcat # Verify that the group has been changed to tomcat ls -lh
3. Next, grant the
tomcat group read and execute access to the /opt/tomcat/conf directory and all contained files with the chmod command. Tomcat uses the /opt/tomcat/conf directory to perform various functions such as specify Java Servlet to use, information about the user, etc.
To secure the configuration files, it is important to have the group as tomcat with only read and execute permissions because if an attacker compromises the Tomcat process, they can’t change the Tomcat configuration, deploy new web applications or modify existing web applications.
sudo chmod -R g+r conf # Assign Read permission to the tomcat group on conf sudo chmod -R g+x conf # Assign Execute permission to the tomcat group on conf
4. Finally, Set the
tomcat user as the owner of the webapps, work, temp, and logs folders inside the /opt/tomcat directory using the chown command. Setting the
tomcat as the owner of these directories allows the Tomcat service to read, write and execute all files in these directories.
# Assign tomcat as an owner to the entire directory # The. signifies that you are operating on the current directory sudo chown -R webapps/ work/ temp/ logs/
Create a Tomcat Systemd Service File
Although you can start Apache Tomcat, it would not stay running once you leave the current command-line session or restart the server. This is where the systemd comes in! For Apache Tomcat to run in the background, and launch on startup, you must configure Apache Tomcat as a systemd service.
1. Run the
update-java-alternatives command which provides the installation path of java, also know as the JAVA_HOME environmental variable. It is important to locate the installation directory of the JRE before you create a systemd service.
sudo update-java-alternatives -l
In the following screenshot, you can see that the tutorial’s Ubuntu machine has the OpenJDK JRE installing in the /usr/lib/jvm/* folder.
2. Next, create the file tomcat.service under the /etc/systemd/system directory with your favorite editor. Creating the service within /etc/systemd/system runs the service in the background after each reboot.
sudo touch /etc/systemd/system/tomcat.service
3. Paste the below content into the tomcat.service file. Before saving the file, update the
JAVA_HOME variable to use the path /usr/lib/jvm/java-1.11.0-openjdk-amd64.
A typical service file contains three sections
Unit that contains a description of the service and the target type, such as a network. Target, which means running Services after the Network is up. Next, the
Service section contains various environment variables that need to be set as the path of the installation directory or child directories. Finally, Install is set as a multi-user. Target means multiuser mode without networking.
[Unit] Description=Apache Tomcat After=network.target [Service] # Type=forking tells systemd that the process is still running even though the parent exited. Type=forking Environment=JAVA_HOME=/usr/lib/jvm/java-1.11.0-openjdk-amd64 # Update the JAVA_HOME Environment=CATALINA_PID=/opt/tomcat/temp/tomcat.pid Environment=CATALINA_HOME=/opt/tomcat Environment=CATALINA_BASE=/opt/tomcat ExecStart=/opt/tomcat/bin/startup.sh ExecStop=/opt/tomcat/bin/shutdown.sh User=tomcat Group=tomcat Restart=always [Install] WantedBy=multi-user.target
4. Next, run the
daemon-reload command that informs the systemd daemon that a new service exists.
sudo systemctl daemon-reload
5. Finally, start and enable the Apache Tomcat service, as shown below. Enabling the
tomcat service allows the process to launch on startup, such as after a reboot.
sudo systemctl start tomcat # Start the tomcat service sudo systemctl enable tomcat # Enable the tomcat service
6. Verify that the Apache Tomcat service is running with the systemctl status command.
sudo systemctl status tomcat # Check the status of tomcat service
In below snapshot, service(running) confirms that tomcat is successfully started.
Verifying Apache Tomcat Web Content
How do you know that Apache Tomcat is actually running? With the service started, a default web page is available to verify that the server is correctly running.
To access the Apache Tomcat default web interface, open a web browser and navigate to 184.108.40.206:8080, and you will see a similar page to the one shown below.
Running Your First Application on Apache Tomcat
Apache Tomcat is installed and running, but a default web page is not very useful! Read on to learn how to create and run a basic Java web page!
1. First, create the file ata.jsp inside the /opt/tomcat/webapps/ROOT/ directory.By default, the /opt/tomcat/webapps/ROOT/ is the directory that Tomcat looks in this directory to serve files
cd /opt/tomcat/webapps/ROOT/ sudo touch ata.jsp
2. Paste the below content to the ata.jsp file created above and save it. This JSP file is an HTML file that contains embedded Java code that displays some sample text in the body of the HTML page.
<html> <head> <title>ATA post:TomcatServer</title> </head> <body> <Start of Java code> <% out.println("Hello World! I am running my first JSP Application"); out.println("ATA is an Awesome site."); %> <End of Java code> </body> </html>
3. Next, change the owner of the ata.jsp file to
tomcat user and restart the tomcat service. Setting
tomcat as owner with all the permissions allows the Tomcat service to start and access the files.
sudo chown tomcat: /opt/tomcat/webapps/ROOT/ata.jsp sudo systemctl restart tomcat
4. Now, open your favorite browser and navigate to the JSP page you just created. This tutorial’s web server is using the IP address 220.127.116.11, as you can see below.
In this tutorial, you have learned how to install Apache Tomcat on an Ubuntu server. Deploying Java applications on Apache Tomcat is a quick and easy process!
Apache Tomcat is the most widely used open-source tool for Java developers to run their web applications. Now, that you have installed Apache Tomcat which Java application are you going to deploy and manage next?
More from Adam The Automator & Friends
Find out how many of your Active Directory users are using leaked passwords by running a free read-only scan with Specops Password Auditor.
Do more with PowerShell and transform your Code to Self Service with au2mator Self Service Portal
Why not write on a platform with an existing audience and share your knowledge with the world?