If you need to run Java-based web applications, it’s time you check out Apache Tomcat. Apache Tomcat is an open-source lightweight implementation of the Jakarta EE platform that allows you to serve up Java-based web services. Learning how to install Tomcat on Ubuntu is a great way to get started.
Apache Tomcat provides many ways to implement Java-based technologies from Java Servlets, JavaServer Pages, and Java Expression Language. In this tutorial, you will learn how to install Tomcat on Ubuntu, by installing Apache Tomcat 10.0 on an Ubuntu Linux machine in particular.
Prerequisites
This post will be a step-by-step tutorial. To follow along, be sure you have the following:
- An Ubuntu 14.04.4 LTS or greater Linux machine. This tutorial uses Ubuntu 18.04.5 LTS with a public IP address 52.15.72.168.
Apache Tomcat is supported on all Windows, Linux, and macOS operating systems.
Installing the Java Runtime (JRE)
The basis of all Java applications is the runtime environment. Apache Tomcat’s job is to serve up Java-based applications. Before it can do that, however, the host must be able to run Java applets. The JRE is the way to make that happen.
To install the JRE on your Ubuntu machine:
1. First, connect to your Ubuntu machine via SSH.
2. Run the sudo apt update
command to ensure Ubuntu has all of the latest packages available for installation.
# Updating Package Repositories for the Latest Version
# Sudo is used to elevate permissions for a non-privileged account
sudo apt update
Although this tutorial uses the root user, it is typically best practice to use a less-privileged account that is a member of the sudoers group.
3. Next, install the OpenJDK package via the apt utility. OpenJDK is the only free and open-source JRE that works well with Tomcat.
Apache Tomcat requires a Java Standard Edition Runtime Environment (JRE) version 8 or later.
# Installing the JRE
sudo apt install default-jdk
4. Now, run the java --version
to verify the JRE version installed. You will see openjdk 11.0.11
in the command output if the installation is successful.
checking the java version
java --version
At time of writing, the latest version available of OpenJDK is 11.0.11, but your version may be different.
Creating an Apache Tomcat User and Group
Like all other services in Linux, Tomcat must run under a specific user account to access various system resources. You could run Tomcat using the God-like root account, which has full privileges to the entire system, but that gives Tomcat way too many privileges and could pose a security risk.
To minimize Tomcat’s unnecessary rights, let’s create an Apache Tomcat user and group under which the server will run.
While still connected to your Ubuntu machine:
1. First, create a new group tomcat with the groupadd
command. You need this group to secure the configuration files of tomcat located at /opt/tomcat/conf by only reading and executing privileges.
sudo groupadd tomcat
2. Next, create the Apache Tomcat user with the ">useradd
command.
-s
– Don’t allow an interactive login for this user by setting the shell to/bin/false
as you don’t want anybody to use this as a login user.-g
– Assign the newtomcat
user to thetomcat
group that was previously created.sudo useradd -s /bin/false -g tomcat tomcat
sudo useradd -s /bin/false -g tomcat tomcat
3. Finally, verify that the tomcat
user and group exist with the id
command, as shown below. The id
command displays the user ID, group ID, and the groups that a user account is a member of.
id tomcat
The UID, GID, and group numbers may differ in your case, but all should have (tomcat) name as shown below.
Install Tomcat on Ubuntu
Now that you have installed the JRE and have created a user account and group for Tomcat to use, it’s time to install Apache Tomcat on Ubuntu!
1. First, create a directory for Apache Tomcat to be installed using the ">mkdir
command. Navigate into that directory with the cd
command, as shown below. Although you can install tomcat in any directory, it is recommended that the software is installed under opt directory.
# Creating the directory tomcat under opt and changing to this directory.
mkdir /opt/tomcat
cd /opt/tomcat
2. Now, download the latest version of Tomcat using the below wget
command. The below command is downloading Apache Tomcat version 10.0.6.
Check the latest version of Apache Tomcat on the official site.
wget https://mirrors.estointernet.in/apache/tomcat/tomcat-10/v10.0.6/bin/apache-tomcat-10.0.6.tar.gz
After a successful download, extract the Apache Tomcat archive to the previously created /opt/tomcat directory with the tar
command.
-x
– Extract the entire archive or one or more files from an archive.-z
– Decompress the archive using the GZip.-v
– Show all files as extracted by the tar command.-f
– Specifies the file to extract.--strip-components=number
– Remove the specified number of leading components from each extracted file (i.e. specifying a1
value fromdirectory/file
would result infile
only).-C
– Extract the files into a specified folder.
sudo tar xzvf apache-tomcat-10*tar.gz -C /opt/tomcat --strip-components=1
Updating Apache Tomcat User and Group Permissions
With Apache Tomcat installed, and as mentioned previously, it is important to run Apache Tomcat with a non-root user account. In the following steps, you will update Apache Tomcat to run as the previously created tomcat
user and group.
1. Change into the /opt/tomcat directory by running the cd
command.
cd /opt/tomcat
2. Now, change the group membership for the /opt/tomcat directory and all child directories with the chgrp command. You are changing the group here because the Tomcat configuration files will be managed by this group when Tomcat service starts.
# Change the /opt/tomcat directory group membership to tomcat recursively (-R)
sudo chgrp –R tomcat /opt/tomcat
# Verify that the group has been changed to tomcat
ls -lh
3. Next, grant the tomcat
group read and execute access to the /opt/tomcat/conf directory and all contained files with the chmod command. Tomcat uses the /opt/tomcat/conf directory to perform various functions such as specify Java Servlet to use, information about the user, etc.
To secure the configuration files, it is important to have the group as tomcat with only read and execute permissions because if an attacker compromises the Tomcat process, they can’t change the Tomcat configuration, deploy new web applications or modify existing web applications.
sudo chmod -R g+r conf # Assign Read permission to the tomcat group on conf
sudo chmod -R g+x conf # Assign Execute permission to the tomcat group on conf
4. Finally, Set the tomcat
user as the owner of the webapps, work, temp, and logs folders inside the /opt/tomcat directory using the chown command. Setting the tomcat
as the owner of these directories allows the Tomcat service to read, write and execute all files in these directories.
# Assign tomcat as an owner to the entire directory
# The. signifies that you are operating on the current directory
sudo chown -R webapps/ work/ temp/ logs/
Create a Tomcat Systemd Service File
Although you can start Apache Tomcat, it would not stay running once you leave the current command-line session or restart the server. This is where the systemd comes in! For Apache Tomcat to run in the background, and launch on startup, you must configure Apache Tomcat as a systemd service.
1. Run the update-java-alternatives
command which provides the installation path of java, also know as the JAVA_HOME environmental variable. It is important to locate the installation directory of the JRE before you create a systemd service.
sudo update-java-alternatives -l
In the following screenshot, you can see that the tutorial’s Ubuntu machine has the OpenJDK JRE installing in the /usr/lib/jvm/* folder.
2. Next, create the file tomcat.service under the /etc/systemd/system directory with your favorite editor. Creating the service within /etc/systemd/system runs the service in the background after each reboot.
sudo touch /etc/systemd/system/tomcat.service
3. Paste the below content into the tomcat.service file. Before saving the file, update the JAVA_HOME
variable to use the path /usr/lib/jvm/java-1.11.0-openjdk-amd64.
A typical service file contains three sections Unit
that contains a description of the service and the target type, such as a network. Target, which means running Services after the Network is up. Next, the Service
section contains various environment variables that need to be set as the path of the installation directory or child directories. Finally, Install is set as a multi-user. Target means multiuser mode without networking.
[Unit]
Description=Apache Tomcat
After=network.target
[Service]
# Type=forking tells systemd that the process is still running even though the parent exited.
Type=forking
Environment=JAVA_HOME=/usr/lib/jvm/java-1.11.0-openjdk-amd64 # Update the JAVA_HOME
Environment=CATALINA_PID=/opt/tomcat/temp/tomcat.pid
Environment=CATALINA_HOME=/opt/tomcat
Environment=CATALINA_BASE=/opt/tomcat
ExecStart=/opt/tomcat/bin/startup.sh
ExecStop=/opt/tomcat/bin/shutdown.sh
User=tomcat
Group=tomcat
Restart=always
[Install]
WantedBy=multi-user.target
4. Next, run the daemon-reload
command that informs the systemd daemon that a new service exists.
sudo systemctl daemon-reload
5. Finally, start and enable the Apache Tomcat service, as shown below. Enabling the tomcat
service allows the process to launch on startup, such as after a reboot.
sudo systemctl start tomcat # Start the tomcat service
sudo systemctl enable tomcat # Enable the tomcat service
6. Verify that the Apache Tomcat service is running with the systemctl status command.
sudo systemctl status tomcat # Check the status of tomcat service
In below snapshot, service(running) confirms that tomcat is successfully started.
Verifying Apache Tomcat Web Content
How do you know that Apache Tomcat is actually running? With the service started, a default web page is available to verify that the server is correctly running.
To access the Apache Tomcat default web interface, open a web browser and navigate to 52.15.72.168:8080, and you will see a similar page to the one shown below.
Running Your First Application on Apache Tomcat
Apache Tomcat is installed and running, but a default web page is not very useful! Read on to learn how to create and run a basic Java web page!
1. First, create the file ata.jsp inside the /opt/tomcat/webapps/ROOT/ directory.By default, the /opt/tomcat/webapps/ROOT/ is the directory that Tomcat looks in this directory to serve files
cd /opt/tomcat/webapps/ROOT/
sudo touch ata.jsp
2. Paste the below content to the ata.jsp file created above and save it. This JSP file is an HTML file that contains embedded Java code that displays some sample text in the body of the HTML page.
<html>
<head>
<title>ATA post:TomcatServer</title>
</head>
<body>
<Start of Java code>
<% out.println("Hello World! I am running my first JSP Application");
out.println("ATA is an Awesome site.");
%>
<End of Java code>
</body>
</html>
3. Next, change the owner of the ata.jsp file to tomcat
user and restart the tomcat service. Setting tomcat
as owner with all the permissions allows the Tomcat service to start and access the files.
sudo chown tomcat: /opt/tomcat/webapps/ROOT/ata.jsp
sudo systemctl restart tomcat
4. Now, open your favorite browser and navigate to the JSP page you just created. This tutorial’s web server is using the IP address 52.15.72.168, as you can see below.
Conclusion
In this tutorial, you have learned how to install Apache Tomcat on Ubuntu server. Deploying Java applications on Apache Tomcat is a quick and easy process!
Apache Tomcat is the most widely used open-source tool for Java developers to run their web applications. Now, that you have installed Apache Tomcat which Java application are you going to deploy and manage next?