Tomcat or Apache Tomcat is built to run applications created with Java. It’s free and open-source, developed by the Apache Software Foundations. Tomcat translates JSP files (like PHP and ASP) into Java code. It is then compiled and executed. Tomcat is popular among web developers for deploying Java-based web applications.

This brief article discusses Tomcat installation on Ubuntu 24.04.

Table of Contents:

• How to Install Tomcat on Ubuntu 24.04
• Installing Prerequisite (Java)
• Creating a Tomcat User
• Installing Tomcat on Ubuntu 24.04
• Updating and Configuring Admin Users
• Creating a systemd User File
• Configuring the System Firewall for Tomcat
• Creating Tomcat User Applications Accounts
• Accessing the Web Management Interface
• How to Uninstall Tomcat on Ubuntu 24.04
• Conclusion

1. How to Install Tomcat on Ubuntu 24.04

To install Tomcat on Ubuntu 24.04 you can use the Tomcat tar file for its installation. To get the Tomcat package, you can use the wget command. But before you proceed with the Tomcat installation, first you have to make sure Java is installed on your system.

2. Installing Prerequisite (Java)

Java is needed to run the Tomcat. So before installing Tomcat, make sure the Java is available on your Ubuntu 24.04 system. We’ll be using OpenJDK, which is the basic and default kit for Java development.

First, update the software package lists using the apt command. This will make sure that you have access to the latest release of the Java version:

sudo apt update

Now install the Java default JDK by running:

sudo apt install openjdk-11-jdk

Once the Java (JDK) is installed, you can confirm it by running this command:

java -version

With Java (JDK) installed, let’s create a dedicated user for Tomcat in the next step.

3. Creating a Tomcat User

For security reasons, running Tomcat under the root account is not recommended. To address this, we’ll create a separate user specifically for running Tomcat on your system.

The first step is to start creating a group for running Tomcat services:

sudo groupadd tomcat

After creating a new Tomcat group, the next step is to add a new user to that group. We’ll create a Tomcat user with a home directory of /opt/tomcat. This user will also be added to a group called Tomcat for managing Tomcat service permissions.

sudo useradd -s /bin/false -g tomcat -d /opt/tomcat tomcat

4. Installing Tomcat Server on Ubuntu 24.04

After adding a new user for Tomcat, we have to download the latest stable binary version of Tomcat. Here I am going to download the Tomcat 10 version, but you can confirm the latest release and download it using the curl command.

First, change your current directory to a temporary directory. This will help you to automatically remove the unused item once the Tomcat installation is done.

cd /tmp

Navigate to the download page of the Tomcat version which you need to download. Copy its binary and replace it with the below command:

curl -O https://downloads.apache.org/tomcat/tomcat-10/v10.1.19/bin/apache-tomcat-10.1.19.tar.gz

The curl command will download the binary files of Tomcat and save them locally on your system.

5. Updating and Configuring Admin Users

Although Tomcat is installed, we still need to configure permissions. The user tomcat we created earlier needs full access to the Tomcat directory (/opt/tomcat) to run the server effectively:

First, create a tomcat directory:

sudo mkdir /opt/tomcat

Now navigate inside that directory:

cd /opt/tomcat

Next, unzip the Tomcat binary file using the tar command:

sudo tar xzvf /tmp/apache-tomcat-*tar.gz -C /opt/tomcat --strip-components=1

This will unzip the Tomcat binary to the /opt/tomcat directory.

sudo tar xzf apache-tomcat-*.tar.gz -C /opt/tomcat

Now give the Tomcat user that we created earlier complete permission of the /opt/tomcat directory, using the chgrp command:

sudo chgrp -R tomcat /opt/tomcat

The tomcat user also needs access to read the files inside the conf directory. For this, you have to run the below chmod command:

sudo chmod -R g+r conf

Additionally, the Tomcat user needs to be able to navigate to the directory itself. We’ll again use the chmod command to grant execute permission for the Tomcat group on the conf directory:

sudo chmod g+x conf

Similarly, give Tomcat user permission for work, temporary, and logs directories:

sudo chown -R tomcat webapps/ work/ temp/ logs/

6. Creating a systemd User File

After installation of Tomcat, you need to configure it and run it as a service. It allows Tomcat to autostart at boot. We’ll create a systemd unit file named tomcat.service to achieve this.

To create this file, you can use any text editor like this:

sudo nano /etc/systemd/system/tomcat.service

After creating a new file, paste the below content into it. One thing to ensure is that if your system Java location is different from the one mentioned in front of the JAVA_HOME variable, then you have to edit it accordingly:

[Unit]

Description=Apache Tomcat Web Application Container

After=network.target

[Service]

Type=forking

Environment=JAVA_HOME=/usr/lib/jvm/java-1.8.0-openjdk-amd64/jre

Environment=CATALINA_PID=/opt/tomcat/temp/tomcat.pid

Environment=CATALINA_Home=/opt/tomcat

Environment=CATALINA_BASE=/opt/tomcat

Environment=’CATALINA_OPTS=-Xms512M -Xmx1024M -server -XX:+UseParallelGC’

Environment=’JAVA_OPTS.awt.headless=true -Djava.security.egd=file:/dev/v/urandom’

ExecStart=/opt/tomcat/bin/startup.sh

ExecStop=/opt/tomcat/bin/shutdown.sh

User=tomcat

Group=tomcat

UMask=0007

RestartSec=10

Restart=always

[Install]

WantedBy=multi-user.target

To save the file, exit the editor window.

Once you have created the service file, reload the system daemon so it gets recognized in the system configuration:

sudo systemctl daemon-reload

To run the Tomcat service first, navigate to the Tomcat bin directory:

cd /opt/tomcat/bin

Finally, run this command to start the Tomcat service:

sudo ./startup.sh run

You can also use this command directly to start the Tomcat service:

sudo systemctl start tomcat

To check the status of the Tomcat service, run this command:

sudo systemctl status tomcat

If the Tomcat service is not active and running, enable it by running this command:

sudo systemctl enable tomcat

7. Configuring the System Firewall for Tomcat

Now, after running the Tomcat service, the next step is to allow it through the UFW firewall 8080 port. This will help it to communicate with outside or local networks:

sudo ufw allow 8080

You can verify if UFW is already enabled by running:

sudo ufw status

If UFW is disabled, enable it by running:

sudo ufw enable

By default, UFW blocks all incoming traffic. To allow SSH access (usually on port 22), run:

sudo ufw allow 22

Now allow remote access to port 9200:

sudo ufw allow from external_IP to any port 9200

Note: Replace your local remote machine IP in the above command. To check IP, use the ip addr command.

Finally, check if the UFW rule is added or not:

sudo ufw status

8. Creating Tomcat User Applications Accounts

Now we will create a user account for the Tomcat application to make it more secure. For this, you have to edit the tomcat-users.xml file.

Open this file with any preferred text editor:

sudo nano /opt/tomcat/conf/tomcat-users.xml

Copy the given code and enter it in the above file. Make sure to edit the name and passwords accordingly:

<!-- user manager can access only the manager section -->

<role rolename="manager-gui" />

<user username="manager" password="_SECRET_PASSWORD_" roles="manager-gui" />

<!-- user admin can access manager and admin section both -->

<role rolename="admin-gui" />

<user username="admin" password="_SECRET_PASSWORD_" roles="manager-gui,admin-gui" />

Exit the editor after saving to apply changes.

tomcat-users.xml — Admin User

<tomcat-users . . .>

<tomcat-users . . .>

<user username="admin" password="password" roles="manager-gui,admin-gui"/>

</tomcat-users>

To allow the remote host Access to the Tomcat server, you have to edit the context.xml file. You can configure this file to allow it either for any specific remote host or allow it for all.

For manager type, you have to edit this file:

sudo nano /opt/tomcat/webapps/manager/META-INF/context.xml

Locate the following part in the file that restricts connections based on IP address. To allow connections from any machine, you can uncomment this section:

<Context antiResourceLocking="false" privileged="true" >

 <CookieProcessor className="org.apache.tomcat.util.http.Rfc6265CookieProcessor"

 sameSiteCookies="strict" />

 <!-- <Valve className="org.apache.catalina.valves.RemoteAddrValve"

 allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" /> -->

 ...

</Context>

Similarly, for host type, edit this file:

sudo nano /opt/tomcat/webapps/host-manager/META-INF/context.xml

Comment out the below section to allow the connection from anywhere.

<Context antiResourceLocking="false" privileged="true" >

 <CookieProcessor className="org.apache.tomcat.util.http.Rfc6265CookieProcessor"

 sameSiteCookies="strict" />

 <!--<Valve className="org.apache.catalina.valves.RemoteAddrValve"

 allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1" /> -->

 ...

</Context>

After saving both these files, you can exit the editor.

9. Accessing the Web Management Interface

Once the Tomcat server is configured, you can access the Tomcat Web interface from your Web browser. By default, Tomcat runs on port 8080.

To access the Tomcat server, you will type this command in your web browser:

http://server_domain_or_IP:8080/

Here in the above command replace the server_domain_or_IP with your server IP address or the domain name which points to that server.

For example, if you want to access the Tomcat server on a local host, then run this command:

http://localhost:8080

After entering this address, you will see the following Tomcat web interface:

Now, to access the Manager App, click the Manager App option on the top right. An alternate way to access it is by adding the /manager tag at the end of the server URL.

Similarly, for accessing the Host Manager, you can click the Host Manager button. You can also add the /host-manager tag at the end of the Tomcat server URL.

10. How to Uninstall Tomcat on Ubuntu 24.04

Before uninstalling the Tomcat server, make sure to stop its services. Use this command to stop Tomcat service:

sudo systemctl stop tomcat

If you have downloaded the Tomcat file manually, use the below command to remove the Tomcat directory:

sudo rm -rf /opt/tomcat

Similarly, if you have used the apt package manager for installing Tomcat, then use this command to remove the Tomcat server from your system:

sudo apt remove tomcat

To remove the dedicated user that you have created for the Tomcat server, run this command:

sudo userdel tomcat

By default, systemd unit files for services are stored in /etc/systemd/system. If you created a unit file for Tomcat (tomcat.service), you can remove it with:

sudo rm /etc/systemd/system/tomcat.service

Conclusion

Tomcat or Apache Tomcat is an open-source Java-based web server application. It is specifically designed to provide the environment needed for Java code to run and respond to web requests. To install Tomcat on Ubuntu t24.04 use the apt install command. But before that, you have to download its binary package file using the curl or wget command. Once that’s done, you can continue with its installation. After installation, you have to create a systemd user file and define Tomcat users for accessing the Tomcat web server. Read more on Tomcat server setup in Ubuntu 24.04 in this guide.