Tuesday, January 7, 2025
Google search engine
HomeGuest BlogsInstall Apache Tomcat 9 on CentOS 7 / Fedora 38/37/36/35/34

Install Apache Tomcat 9 on CentOS 7 / Fedora 38/37/36/35/34

Today we’ll look at how you can install Apache Tomcat 9 on CentOS 7 / Fedora 38/37/36/35/34/33. Tomcat Server is an open-source Java Servlet Container developed by the Apache Software Foundation (ASF) and released under the Apache License version 2. This tool enables you to host web applications written in Java. Tomcat executes Java servlets and renders Web pages that include Java Server Page coding.

Tomcat 9 is built on top of the latest Java EE 8 specifications such as Servlet 4.0, EL 3.1, JSP 2.4 and WebSocket 1.2. Below are the steps to install Apache Tomcat 9 on CentOS 7 / Fedora.

Step 1: Disable SELinux and Install curl

Since we will be running tomcat service as tomcat user, disable or set SELinux in permissive mode:

sudo yum -y install curl vim wget
sudo setenforce 0
sudo sed -i 's/^SELINUX=.*/SELINUX=permissive/g' /etc/selinux/config

To completely disable it, run:

sudo sed -i 's/^SELINUX=.*/SELINUX=disabled/g' /etc/selinux/config
sudo reboot

Step 2: Install OpenJDK 11

The first step is to install OpenJDK 11 on CentOS 7 / Fedora as it is a Tomcat dependency. I had earlier written an article on how to install JDK on  CentOS 7 / Fedora. The link to the article is:

Step 3: Install Apache Tomcat 9

After installing OpenJDK 11, proceed to download and install Tomcat 9 on CentOS 7 / Fedora. Check for the latest release of Tomcat 9 from Apache website before downloading.

export VER="9.0.74"
wget https://archive.apache.org/dist/tomcat/tomcat-9/v${VER}/bin/apache-tomcat-${VER}.tar.gz

Extract downloaded file:

tar xvf apache-tomcat-$VER.tar.gz

Move the resulting folder to /usr/libexec/tomcat9

sudo mv apache-tomcat-${VER} /usr/libexec/tomcat9

Step 4: Add Tomcat user and group

We need to add a user to manage Tomcat. This user will be named tomcat

sudo groupadd --system tomcat
sudo useradd -M -d /usr/libexec/tomcat9 -g tomcat tomcat

Change the ownership of the /usr/libexec/tomcat9directory to the tomcat user and group.

sudo chown -R tomcat:tomcat /usr/libexec/tomcat9

Step 5: Create Tomcat Systemd service

The last step is to create a service unit file for tomcat. Create a new file under:

sudo tee /etc/systemd/system/tomcat9.service<<EOF
[Unit]
Description=Apache Tomcat 9
Documentation=http://tomcat.apache.org/tomcat-9.0-doc/
After=network.target syslog.target

[Service]
User=tomcat
Group=tomcat
Type=oneshot
ExecStart=/usr/libexec/tomcat9/bin/startup.sh
ExecStop=/usr/libexec/tomcat9/bin/shutdown.sh
RemainAfterExit=yes
[Install]
WantedBy=multi-user.target
EOF

Reload systemd and start tomcat9 service:

sudo systemctl daemon-reload
sudo systemctl restart tomcat9.service

You can check service status using:

$ sudo systemctl status tomcat9.service
● tomcat9.service - Apache Tomcat 9
   Loaded: loaded (/etc/systemd/system/tomcat9.service; disabled; vendor preset: disabled)
   Active: active (running) since Sat 2018-11-10 06:34:50 UTC; 4min 15s ago
     Docs: http://tomcat.apache.org/tomcat-9.0-doc/
  Process: 3226 ExecStart=/usr/libexec/tomcat9/bin/startup.sh (code=exited, status=0/SUCCESS)
 Main PID: 3226 (code=exited, status=0/SUCCESS)
    Tasks: 43 (limit: 1149)
   Memory: 81.5M
   CGroup: /system.slice/tomcat9.service
           └─3241 /usr/bin/java -Djava.util.logging.config.file=/usr/libexec/tomcat9/conf/logging.properties -Djava.util.logging.manager=org.apache.j>

Nov 10 06:34:50 fed29 systemd[1]: Starting Apache Tomcat 9...
Nov 10 06:34:50 fed29 startup.sh[3226]: Tomcat started.
Nov 10 06:34:50 fed29 systemd[1]: Started Apache Tomcat 9.

The service should be listening on port 8080

$ sudo ss -tunelp | grep 8080
tcp   LISTEN  0       100                         *:8080                *:*      users:(("java",pid=3241,fd=37)) uid:1001 ino:29845 sk:a v6only:0 <->

If you have an active firewall service, allow port 8080

sudo firewall-cmd --add-port=8080/tcp
sudo firewall-cmd --reload

Tomcat default website is available on [http://(server's hostname or IP address):8080/]

install tomcat on centos fedora

Administration guide is available on http://<IP>:8080/docs/index.html.

Step 6: Proxy Pass Access to Tomcat with Apache HTTP server ( Optional)

You can configure Apache http server to access Tomcat interface without specifying port 8080

Install and start Apache web server.

sudo yum -y install httpd
sudo systemctl start httpd && sudo systemctl enable httpd
sudo firewall-cmd --add-service=http --permanent
sudo firewall-cmd --reload

Create tomcat configuration file

sudo vim /etc/httpd/conf.d/proxy_tomcat.conf

Add:

ProxyPass /tomcat9/ ajp://localhost:8009/

Access to [http://(server's hostname or IP address)/tomcat9/] and confirm that the change is working as expected.

Step 7: Configure Authentication

Create a Tomcat user to access Tomcat manager

sudo vim /usr/libexec/tomcat9/conf/tomcat-users.xml

Add the following lines to the file:

<role rolename="admin-gui" />
<user username="admin" password="StrongPassword" roles="manager-gui,admin-gui"
</tomcat-users>

Replace StrongPassword with your strong actual admin password.

Other Articles:

Dominic Rubhabha-Wardslaus
Dominic Rubhabha-Wardslaushttp://wardslaus.com
infosec,malicious & dos attacks generator, boot rom exploit philanthropist , wild hacker , game developer,
RELATED ARTICLES

Most Popular

Recent Comments