Apache Tomcat is a free, open-source, lightweight application server used for Java-based web applications. Developers use it to implement Java Servlet and JavaServer Pages technologies (including Java Expression Language and Java WebSocket).
Read this guide to learn how to install and configure Apache Tomcat on Ubuntu 18.04.
Note: These steps apply to other Ubuntu-based distributions, including Ubuntu 16.04, Linux Mint, and Elementary OS.
- An Ubuntu-based distribution (such as Ubuntu 18.04)
- A user account with sudo privileges
- A terminal window (Ctrl–Alt–T)
- The apt package manager, included by default
Steps for Installing Tomcat 9 on Ubuntu
Check if Java is Installed
Before you can download and install Tomcat, make sure you have the required Java installation for Ubuntu (OpenJDK).
Open the terminal (Ctrl+Alt+T) and use the following command check the Java version:
The output will show the Java version running on your system. Currently, the latest release is OpenJDK 11.0.3:
If you do not have OpenJDK or have a version older than Java 8, install the newest release by typing the following:
sudo apt install default-jdk
Create Tomcat User and Group
For security reasons, do not run Tomcat under the root user. Create a new group and system user to run the Apache Tomcat service from the
sudo groupadd tomcat
sudo useradd -s /bin/false -g tomcat -d /opt/tomcat tomcat
Download Tomcat 9
1. Download the latest binary Tomcat release navigate to the official Apache Tomcat Download page.
2. On it, find the Binary Distributions > Core list and the tar.gz link in it. Copy the link of the file.
3. Go back to the terminal and change to the
/tmp directory with the command:
4. Now, use the curl command with the tar.gz link you copied in step 2 to download the package:
curl -O https://downloads.apache.org/tomcat/tomcat-9/v9.0.37/bin/apache-tomcat-9.0.37.tar.gz
Extract tar.gz File
1. To extract the tar.gz Tomcat file, create a new
/opt/tomcat/ directory with the command:
sudo mkdir /opt/tomcat
2. Then, extract the file in the new directory with the following command:
sudo tar xzvf apache-tomcat-9*tar.gz -C /opt/tomcat -strip-components=1
Modify Tomcat User Permission
The new Tomcat user you created does not have executable privileges, but it needs to access the installation directory. You need to setup execute privileges over the directory.
1. Move to the directory where the Tomcat installation is located:
2. Grant group ownership over the installation directory to the
tomcat group with the command:
sudo chgrp -R tomcat /opt/tomcat
3. Also, give it read access to the
conf directory and its contents by typing:
sudo chmod -R g+r conf
4. Followed by changing directory permissions to grant execute access with:
sudo chmod g+x conf
5. Finally, give the tomcat user ownership of the
logs directories using the command:
sudo chown -R tomcat webapps/ work temp/ logs
Create System Unit File
Since you are going to to use Tomcat as a service, you need to create a systemd service file.
1. To configure the file, you first need to find the
JAVA_HOME path. This is the exact location of the Java installation package.
To do so, prompt the system to give you information about the Java packages installed on the system. In the terminal, type:
sudo update-java-alternatives -1
As the output shows, there are two available versions of Java. Accordingly, it also shows two paths displaying their location.
Choose the version you want to use and copy its location. With that, you can move on to create the service file.
2. Create and open a new file in the /etc/system/system under the name tomcat.service:
sudo nano /etc/systemd/system/tomcat.service
3. Once the file opens, copy and paste the content below, changing the
JAVA_HOME value to the information you found in the previous step.
[Unit] Description=Apache Tomcat Web Application Container After=network.target [Service] Type=forking Environment=JAVA_HOME=/usr/lib/jvm/java-1.11.0-openjdk-amd64 Environment=CATALINA_PID=/opt/tomcat/latest/temp/tomcat.pid Environment=CATALINA_HOME=/opt/tomcat Environment=CATALINA_BASE=/opt/tomcat Environment='CATALINA_OPTS=-Xms512M -Xmx1024M -server -XX:+UserParallelGC' Environment='JAVA_OPTS=-Djava.awt.headless=true Djava.security.egd=file:/dev/./urandom' ExecStart=/opt/tomcat/bin/startup.sh ExecStop=/opt/tomcat/bin/shutdown.sh User=tomcat Group=tomcat UMast=0007 RestartSec=10 Restart=always [Install] WantedBy=multi-user.target
4. Save and Exit the file (Ctrl+X, followed by y[es] and Enter).
5. For the changes to take place, reload the system daemon with the command:
sudo systemctl daemon-reload
6. Now, you can finally start the Tomcat service:
sudo systemctl start tomcat
7. Verify the Apache Tomcat service is running with the command:
sudo systemctl status tomcat
The message you want to receive is that the service is active (running).
If you are using a firewall to protect your server (as you should), you will not be able to access the Tomcat interface. Tomcat uses Port 8080, which is outside your local network.
1. Open Port 8080 to allow traffic through it with the command:
sudo ufw allow 8080/tcp
2. If the port is open, you should be able to see the Apache Tomcat splash page. Type the following in the browser window:
Your web browser should open the web page as in the image below:
Configure Web Management Interface
Once you verified the service is running properly, you need to create a user who can use the web management interface.
To do this, open and edit the users file.
1. Open the users file with the command:
sudo nano /opt/tomcat/latest/conf/tomcat=users.xml
The file should appear like the one in the image below:
2. Scroll down and find the section specifying Tomcat users. Modify it by adding the following:
<tomcat-users> <! -- Comments -- > <role rolename="admin-gui"/> <role rolename="manager-gui"/> <user username="admin" password="Your_Password" roles="admin-gui, manager-gui"/> </tomcat-users>
Make sure to replace the
Your_Password value with a strong password of your preference.
3. Save and Exit the file.
Configure Remote Access
Finally, you need to configure remote access. This is required. By default, Tomcat is only accessible from the local machine.
1. First, open the manager file:
sudo nano /opt/tomcat/latest/webapps/manager/META-INF/context.xml
2. Next, decide whether to grant access from a) anywhere or b) from a specific IP address.
1) To make it publicly accessible, add the following lines to the file:
<Context antiResourceLocking="false" privileged="true"> <! -- <Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="127\.\d+\.\d+.d+|::1|0000:1" /> -- > </Context>
2) To allow access from a specific IP address, add the IP to the previous command, as follows:
<Context antiResourceLocking="false" privileged="true"> <! -- <Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="127\.\d+\.\d+\.\d+|::1|0000:1|THE.IP.ADDRESS." /> -- > </Context>
3. Repeat the same process for the host-manager file.
Start by opening the file with the command:
sudo nano /opt/tomcat/latest/webapps/host-manager/META-INF/context.xml
4. Followed by granting access from a) anywhere or b) from a specific IP address (as in the previous step).
With the help of this guide, you have installed and setup Tomcat on Ubuntu 18.04! You now have a working Tomcat installation on your Apache server and can start deploying your Java web applications.