The purpose of this document is to outline the issues involved when installing a web server such as Apache Tomcat. This paper is very Tomcat specific but some issues will be similar to setting up other server software. This document is a guide to installing, configuring and securing Apache Tomcat Server on a Linux system.
Why Tomcat?
Tomcat is written in Java so it can run on pretty much any platform. It is Open Source so is freely available and re-distributable, it implements Java Servlets and and JavaServer Pages (JSP) and provides a pure Java HTTP web server environment for Java code to run. [Wikipedia, 2010] As the Apache Software Foundation puts it “Apache Tomcat is intended to be a collaboration of the best-of-breed developers from around the world.” and it is also used in many mission critical web applications used by many large scale organisations and companies around the world. [Apache Software Foundation, 2010] .
Installation.
I have chosen to install Apache Tomcat server on Ubuntu 9.10 although the following instructions can be applied to most Linux Distributions. There is an RPM available for Red Hat based distributions but as I'll be installing it on a Debian based system I'll be using the multi-platform binary release which comes in the form of a gzipped tar archive. Unfortunately a deb file is not available due to the Apache Licence being incompatible with the GPL. By installing Tomcat using this method you have the choice of what directory you'd like it installed to, the downside to this though is that it is not tracked by any package manager and can be more difficult to upgrade later. But before you start with installing Tomcat you need to ensure you have the latest Java runtime (JRE) installed.
Installing Java.
At the time of writing you can get the latest JDK and JRE from Sun / Oracle at this address http://java.sun.com/javase/downloads/index.jsp . From this page click on download next to the newest JDK available (the JRE will be included with this). You don't need to get the JDK if you don't want to as all you really need is the JRE, but the JDK is good to have if you're going to create your own Java applications. At the download page there is the option of what platform you'd like to download for e.g. Windows, the current OS you are using is normally selected by default (in my case Linux) but there is also the option for Linux x64 platforms. I stick with the default Linux option and click download. After being presented with a pop up to log in or register (this step can be skipped which I did) you are given download options RPM or bin. I choose the bin file and the download starts.
Now the file can be found at your downloaded location such as your “Downloads” directory. Open up a terminal and cd to that directory, you'll need to make the file executable then run it. I used the following commands.
$ cd Downloads
$ sudo chmod +x jdk-6u18-linux-i586.bin
$ ./jdk-6u18-linux-i586.bin
You'll be presented with the installer, go through the licence agreement and type y and enter to continue. You will then find a folder named something like jdk1.6.0_17, the current directory isn't the ideal place to keep this so use the command $ sudo mv jdk1.6.0_17 /usr/ to move it to the usr directory. You can double check that it is in the correct place by typing $ ls /usr
You can choose to move the JDK folder to any location you deem appropriate but remember the location of it as you'll need it to finalise the installation in this next step. For Tomcat to use the JDK JAVA_HOME and PATH variables need to be set, this can be done with the following comands,
$ JAVA_HOME=/usr/jdk1.6.0_ 18 (the full path to the JDK directory)
$ export JAVA_HOME
$ PATH=$JAVA_HOME/bin:$PATH
$ export PATH
Now you should be all set to install and start running Tomcat.
Installing Tomcat
Before beginning with the installation it's a good idea as a security precaution to create a tomcat user with low privileges and a strong password that can't be guessed. This is so that
$ sudo useradd -g 46 -s /sbin/nologin -d /opt/tomcat/temp tomcat
Now to download the binary, this can be found at http://tomcat.apache.org/download-60.cgi . Download the tar.gz file, also grab the MD5 checksum and save it as a text file then check the download with the following command.
$ Md5sum -c apache-tomcat-6.0.24.tar.gz.md5
apache-tomcat-6.0.24.tar.gz: OK
As long as the second line comes up with OK then the downloaded file came down in tacked and hasn't been tampered with. Now move the file to the location you wish the files to be kept and uncompress it. I have chosen to create a new directory called WebServer and moved the file to there.
$ mkdir WebServer
$ mv ~/Downloads/apache-tomcat-6.0.24.tar.gz ~/WebServer
$ cd ~/WebServer
$ tar -xvf apache-tomcat-6.0.24.tar.gz
Now as we created a user called tomcat we have to set the file permissions so that the tomcat user has read/write permissions on it.
$ sudo chown -R tomcat\: apache-tomcat-6.0.24
Tomcat is ready to run. At this point Tomcat won't restart on reboots, but this will be covered later in the performance configuration under Timeouts and connections. To start Tomcat cd into the Tomcat directory and into the bin directory within there.
$ cd ~/apache-tomcat-6.0.20/bin
$ ./startup.sh
Using CATALINA_BASE: /home/stephen/apache-tomcat-6.0.20
Using CATALINA_HOME: /home/stephen/apache-tomcat-6.0.20
Using CATALINA_TMPDIR: /home/stephen/apache-tomcat-6.0.20/temp
Using JRE_HOME: /usr/jdk1.6.0_18/
You should see output similar to that above and you are now running Tomcat. To test that it's working correctly open up any web-browser and type in the URL http://lochalhost:8080 and you should see the following screen.