Menu

How to Install Tomcat 9 on Debian 9

Written by , Updated On June 6, 2019
, ,
How to Install Tomcat 9 on Debian 9

Apache Tomcat is an open source implementation of the Java Servlet, JavaServer Pages, Java Expression Language and Java WebSocket technologies. It provides a “pure Java” HTTP web server environment in which Java code can run. In this tutorial, you will learn how to Install Apache Tomcat 9 on Debian 9.

Prerequisites

Before you start to install Apache Tomcat, you should have logged in non-root user account with sudo privileges.

Install Apache Tomcat 9 on Debian 9

Follow the steps to install Tomcat 9 on your Debian server.

Install OpenJDK

Tomcat need Java to be installed on your system before start installation. So we will install OpenJDK which is the default Java development and runtime in Debian 9.

Update the package manager index list by typing:

sudo apt update

Issue below command to install the OpenJDK package:

sudo apt install default-jdk

That’s it! Java is installed on your system.

Create Tomcat User

Due to security reason, Tomcat should not be run as root user. So you should create a new system user for tomcat by issuing below command:

sudo useradd -r -m -U -d /opt/tomcat -s /bin/false tomcat

Install Tomcat

You should download the latest binary release of Tomcat 9 from Tomcat 9 downloads page to install Tomcat. At the time of writing, the latest version is 9.0.20.

We will download Tomcat archive in the /tmp directory using the following wget command:

cd /tmp
wget https://www-eu.apache.org/dist/tomcat/tomcat-9/v9.0.20/bin/apache-tomcat-9.0.20.tar.gz

Once the download completed then extract the archive and move to /opt/tomcat directory.

sudo tar xf /tmp/apache-tomcat-9*.tar.gz -C /opt/tomcat

To easily manage Tomcat versions and updates create a symbolic link for installation directory. So if you want to migrate to next Tomcat version you need to only change this symbolic link.

sudo ln -s /opt/tomcat/apache-tomcat-9.0.20 /opt/tomcat/latest

Set Permissions

As we mention previously Tomcat should run under tomcat user. So this user should have installation access to the tomcat installation directory.

Run the below chown command to give ownership to tomcat user and tomcat group:

sudo chown -RH tomcat: /opt/tomcat/latest

The scripts inside bin directory must have executable flag:

sudo sh -c 'chmod +x /opt/tomcat/latest/bin/*.sh'

Create a systemd unit file

You should create tomcat.service unit file under /etc/systemd/system/ directory to run Tomcat. Run the below command to create it:

sudo nano /etc/systemd/system/tomcat.service

Add the following content to file:

[Unit]
Description=Tomcat 9.0 servlet container
After=network.target
[Service]
Type=forking
User=tomcat
Group=tomcat
Environment="JAVA_HOME=/usr/lib/jvm/default-java"
Environment="JAVA_OPTS=-Djava.security.egd=file:///dev/urandom"
Environment="CATALINA_BASE=/opt/tomcat/latest"
Environment="CATALINA_HOME=/opt/tomcat/latest"
Environment="CATALINA_PID=/opt/tomcat/latest/temp/tomcat.pid"
Environment="CATALINA_OPTS=-Xms512M -Xmx1024M -server -XX:+UseParallelGC"
ExecStart=/opt/tomcat/latest/bin/startup.sh
ExecStop=/opt/tomcat/latest/bin/shutdown.sh
[Install]
WantedBy=multi-user.target

Now you have to reload systemd daemon to notify that new unit file created and start the Tomcat service by executing:

sudo systemctl daemon-reload
sudo systemctl start tomcat

You can check the tomcat service status by typing:

sudo systemctl status tomcat

It should show output as below:

● tomcat.service - Tomcat 9.0 servlet container
    Loaded: loaded (/etc/systemd/system/tomcat.service; disabled; vendor preset: enabled)
    Active: active (running) since Wed 2019-06-05 18:31:17 IST; 22s ago
   Process: 19408 ExecStart=/opt/tomcat/latest/bin/startup.sh (code=exited, status=0/SUCCESS)
  Main PID: 19416 (java)
     Tasks: 42 (limit: 4915)
    CGroup: /system.slice/tomcat.service

If everything gone without error then you can enable autostart Tomcat after boot using below command:

sudo systemctl enable tomcat

Adjust the Firewall

If your Debian server protected using Firewall then you need to open port 8080 to access tomcat interface from outside network.

sudo ufw allow 8080/tcp

Configure Tomcat Web Management Interface

Now to access web management interface you should create a user. In tomcat-users.xml file defined users and roles. Edit tomcat-users.xml file by running following command:

sudo nano /opt/tomcat/latest/conf/tomcat-users.xml

Once file is opened you notice that there are comments given for how to add users and roles. You can use this instructions to create user.

Next we will add new username and password for admin-gui and manager-gui. File will shown as below:

<tomcat-users>
<!--
    Comments
-->
   <role rolename="admin-gui"/>
   <role rolename="manager-gui"/>
   <user username="admin" password="admin_password" roles="admin-gui,manager-gui"/>
</tomcat-users>

Make sure that password should stronger.

Save and close the file.

By default the Tomcat web management interface allows access and connections only from the localhost. If you need to access the web interface from anywhere you should remove this restriction. To change IP address restriction open following files.

Open Manager app context and Host Manager file using below command:

sudo nano /opt/tomcat/latest/webapps/manager/META-INF/context.xml
sudo nano /opt/tomcat/latest/webapps/host-manager/META-INF/context.xml

Now remove Valve tag line or add comments as given in following file:

<Context antiResourceLocking="false" privileged="true" >

<!--
  <Valve className="org.apache.catalina.valves.RemoteAddrValve"
         allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" />
-->

</Context>

If you want to set IP restriction to allow web interface then you can add your public IP address to the list instead of commenting the block. For example your IP address is 42.106.43.8 and you want to access only from that IP then you should make change in file as below:

<Context antiResourceLocking="false" privileged="true" >
  <Valve className="org.apache.catalina.valves.RemoteAddrValve"
         allow="127\.\d+\.\d+\.\d+|::1|0000:1|42.106.43.8" />
</Context>

At last save and close the file and restart the Tomcat server to get effect.

sudo systemctl restart tomcat

Test Tomcat

Open your browser and type below address:

http://<YOUR_DOMAIN_OR_IP_ADDRESS>:8080
how to install tomcat 9 homepage

If your installation is successful then you should get the following output:

You can visit Tomcat web application manager dashboard at following address:

http://<YOUR_DOMAIN_OR_IP_ADDRESS>:8080/manager/html
how to install tomcat 9 application manager

Now to login enter username and password you have created in tomcat-users.xml file.

From here you can deploy, undeploy, start, stop and reload your applications.

Tomcat virtual host manager dashboard is available at below address:

http://<YOUR_DOMAIN_OR_IP_ADDRESS>:8080/host-manager/html
how to install tomcat 9 virtual host manager

From here you can create, delete and manage Tomcat virtual hosts.

Conclusion

You have installed Tomcat 9.0 on your Debian 9 machine. You can visit the official Apache Tomcat 9.0 Documentation and learn more about the Apache Tomcat features.

If you are facing any issue to install tomcat then leave a comment below.

If our content helps you, please consider buying us a coffee

Thank you for your support.

Related Posts

Leave a Reply

© 2020 TecNStuff All rights reserved. This website is using and storing cookies on your browser. By using this website you agree our Privacy Policy.  Follow us -  Twitter | Facebook