Author:
mkyong
Aug
1
Loading ...
Install Tomcat in Ubuntu is very easy. We can either install manually or with help of apt-get install.
Apt-get Install
1) Find a correct tomcat package to install
sudo apt-cache search tomcat
2) Install all Tomcat package with following command
sudo apt-get install tomcat5.5-webapps
sudo apt-get install tomcat5.5-admin
sudo apt-get install tomcat5.5
3) Done
apt-get help Ubuntu to configure almost everything and create a script put inside init.d folder for Tomcat auto startup script. we can start/stop/restart Tomcat with following command
/etc/init.d/tomcat5.5 start
/etc/init.d/tomcat5.5 stop
/etc/init.d/tomcat5.5 restart
apt-get help to create a share folder in /usr/share also, please access
and issue a ls -lh in /usr/share/tomcat5.5 to find out the rest of the Tomcat location.
drwxr-xr-x bin
drwxr-xr-x common
lrwxrwxrwx conf -> /etc/tomcat5.5
lrwxrwxrwx doc -> ../doc/tomcat5.5
lrwxrwxrwx logs -> /var/lib/tomcat5.5/logs
drwxr-xr-x server
lrwxrwxrwx shared -> /var/lib/tomcat5.5/shared
lrwxrwxrwx temp -> /var/lib/tomcat5.5/temp
lrwxrwxrwx webapps -> /var/lib/tomcat5.5/webapps
lrwxrwxrwx work -> /var/lib/tomcat5.5/work
Manually Install
This is even more easy that apt-get
1) Visit http://tomcat.apache.org/ to download Tomcat
2) Unzip it with tar -zxvf Tomcatxxx.tar
tar -zxvf apache-tomcat-6.0.16.tar.gz
3) No make or configuration required, just change to tomcat bin folder to start or stop Tomcat
:~/Desktop/apache-tomcat-6.0.16/bin$ sh startup.sh
:~/Desktop/apache-tomcat-6.0.16/bin$ sh shutdown.sh
4) Done
Personally i more prefer to install application manually, because it give full control of where application folder should be store.
Author:
mkyong
Jul
31
Loading ...
Ah………After upgraded to Tomcat 5.5.25, i just feel suck, it cause so many errors in my web applications, which didnt happened in my previous Tomcat 5.5.23 deployment.
For Example
1) java.security.AccessControlException: access denied (logging.properties read)
2) java.security.AccessControlException: access denied (java.lang.RuntimePermission accessDeclaredMembers)
3) Caused by: org.springframework.transaction.CannotCreateTransactionException: Could not open JDBC Connection for transaction; nested exception is org.apache.commons.dbcp.SQLNestedException: Cannot create PoolableConnectionFactory (Something unusual has occured to cause the driver to fail. Please report this exception.)
Caused by: org.apache.commons.dbcp.SQLNestedException: Cannot create PoolableConnectionFactory (Something unusual has occured to cause the driver to fail. Please report this exception.)
I decided to give up Tomcat 5.5, and install Tomcat 6.x. Great my web application deployed without any error at Tomcat6.x. So Just said sorry to Tomcat 5.5.25…cause you are to difficult to configure for me ~
Author:
mkyong
Jul
31
Loading ...
As i said in previously post, Tomcat 5.5.25 made a lot modified at policy file, which may enchance security on web application but it cause a lot work from deployment work. I hit another error
SEVERE: Context initialization failed java.security.AccessControlException: access denied (java.lang.RuntimePermission accessDeclaredMembers) at java.security.AccessControlContext.checkPermission(AccessControlContext.java:323)
vi 04webapps.policy which usually located at policy.d folder
mkyong@mkyong-desktop:/etc/tomcat5.5/policy.d$ 04webapps.policy
add following statement in policy file
permission java.lang.RuntimePermission "accessDeclaredMembers";
For example,
// JVM properties to allow read access
permission java.util.PropertyPermission "java.version", "read";
permission java.util.PropertyPermission "java.vendor", "read";
permission java.util.PropertyPermission "java.vendor.url", "read";
permission java.util.PropertyPermission "java.class.version", "read";
permission java.util.PropertyPermission "java.specification.version", "read";
permission java.util.PropertyPermission "java.specification.vendor", "read";
permission java.util.PropertyPermission "java.specification.name", "read";
permission java.util.PropertyPermission "java.vm.specification.version", "read";
permission java.util.PropertyPermission "java.vm.specification.vendor", "read";
permission java.util.PropertyPermission "java.vm.specification.name", "read";
permission java.util.PropertyPermission "java.vm.version", "read";
permission java.util.PropertyPermission "java.vm.vendor", "read";
permission java.util.PropertyPermission "java.vm.name", "read";
// Required for OpenJMX
permission java.lang.RuntimePermission "getAttribute";
// Allow read of JAXP compliant XML parser debug
permission java.util.PropertyPermission "jaxp.debug", "read";
// Precompiled JSPs need access to this package.
permission java.lang.RuntimePermission "accessClassInPackage.org.apache.jasper.runtime";
permission java.lang.RuntimePermission "accessClassInPackage.org.apache.jasper.runtime.*";
permission java.lang.RuntimePermission "accessDeclaredMembers";
};Saved it, restart Tomcat and Done.
Author:
mkyong
Jul
31
Loading ...
Sometime we need to find out what is our Tomcat version installed in our server. We can check Tomcat version with following command sh version.sh, this version.sh is located at tomcat bin folder
mkyong@mkyong-desktop:/usr/share/tomcat5.5/bin$ sh version.sh
Using CATALINA_BASE: /usr/share/tomcat5.5
Using CATALINA_HOME: /usr/share/tomcat5.5
Using CATALINA_TMPDIR: /usr/share/tomcat5.5/temp
Using JRE_HOME: /usr/lib/jvm/java-6-sun
Server version: Apache Tomcat/5.5
Server built: Jan 3 2008 11:42:45
Server number: 5.5.25.0
OS Name: Linux
OS Version: 2.6.24-19-generic
Architecture: i386
JVM Version: 1.6.0_06-b02
JVM Vendor: Sun Microsystems Inc.
mkyong@mkyong-desktop:/usr/share/tomcat5.5/bin$
Got it, Tomcat version is 5.5.25.0.
P.S Tomcat version.sh required we set up JAVA_HOME properly, please issue following command if hanvt set up JAVA_HOME environment.
export JAVA_HOME=<java jdk path>
Author:
mkyong
Jul
30
Loading ...
After upgraded to Tomcat version 5.5.25, it hit a lot errors in security policy path.
Caused by: java.security.AccessControlException: access denied (java.io.FilePermission /usr/share/tomcat5.5-webapps/jsp-examples/WEB-INF/classes/logging.properties read)
Above error is cause by policy file, Tomcat 5.5.25 made a lot modified at policy file, we need to modify policy file(03catalina.policy) file to fix it.
vi 03catalina.policy which usually located at policy.d folder
mkyong@mkyong-desktop:/etc/tomcat5.5/policy.d$ vi 03catalina.policy
find below
grant codeBase "file:${catalina.home}/bin/tomcat-juli.jar" {
permission java.util.PropertyPermission "java.util.logging.config.class", "read";
permission java.util.PropertyPermission "java.util.logging.config.file", "read";
permission java.lang.RuntimePermission "shutdownHooks";
permission java.io.FilePermission "${catalina.base}${file.separator}conf${file.separator}logging.properties", "read";
permission java.util.PropertyPermission "catalina.base", "read";
permission java.util.logging.LoggingPermission "control";
permission java.io.FilePermission "${catalina.base}${file.separator}logs", "read, write";
permission java.io.FilePermission "${catalina.base}${file.separator}logs${file.separator}*", "read, write";
permission java.lang.RuntimePermission "getClassLoader";
// To enable per context logging configuration, permit read access to the appropriate file.
// Be sure that the logging configuration is secure before enabling such access
// eg for the examples web application:
//permission java.io.FilePermission "${catalina.base}${file.separator}webapps${file.separator}examples${file.separator}WEB-INF${file.separator}classes${file.separator}logging.properties", "read";
};CHANGED TO below to allow all permission like before
grant codeBase "file:${catalina.home}/bin/tomcat-juli.jar" {
permission java.security.AllPermission;
};OR enable permission explicitly to your web app path
permission java.io.FilePermission “${catalina.base}${file.separator}webapps${file.separator}YOUR_PATH_HERE
${file.separator}WEB-INF${file.separator}classes${file.separator}logging.properties”, “read”;
full command is
grant codeBase "file:${catalina.home}/bin/tomcat-juli.jar" {
permission java.util.PropertyPermission "java.util.logging.config.class", "read";
permission java.util.PropertyPermission "java.util.logging.config.file", "read";
permission java.lang.RuntimePermission "shutdownHooks";
permission java.io.FilePermission "${catalina.base}${file.separator}conf${file.separator}logging.properties", "read";
permission java.util.PropertyPermission "catalina.base", "read";
permission java.util.logging.LoggingPermission "control";
permission java.io.FilePermission "${catalina.base}${file.separator}logs", "read, write";
permission java.io.FilePermission "${catalina.base}${file.separator}logs${file.separator}*", "read, write";
permission java.lang.RuntimePermission "getClassLoader";
// To enable per context logging configuration, permit read access to the appropriate file.
// Be sure that the logging configuration is secure before enabling such access
// eg for the examples web application:
permission java.io.FilePermission "${catalina.base}${file.separator}webapps${file.separator}YOUR_PATH_HERE${file.separator}WEB-INF${file.separator}classes${file.separator}logging.properties", "read";
};Done, restart Tomcat.
Author:
mkyong
Jul
30
Loading ...
Tomcat5.5 do not enable admin or manager access by default. We have to manully edit tomcat-users.xml to allow admin access. VI your tomcat-users.xml in tomcat conf folder, content is something like following
<?xml version='1.0' encoding='utf-8'?>
<tomcat-users>
<role rolename="tomcat"/>
<role rolename="role1"/>
<user username="tomcat" password="tomcat" roles="tomcat"/>
<user username="both" password="tomcat" roles="tomcat,role1"/>
<user username="role1" password="tomcat" roles="role1"/>
</tomcat-users>
Tomcat only create a tomcat user for normal access, we have to modify a bit like following
<?xml version='1.0' encoding='utf-8'?>
<tomcat-users>
<role rolename="manager"/>
<role rolename="tomcat"/>
<role rolename="admin"/>
<role rolename="role1"/>
<user username="both" password="tomcat" roles="tomcat,role1"/>
<user username="tomcat" password="tomcat" roles="tomcat"/>
<user username="admin" password="admin" roles="admin,manager"/>
<user username="role1" password="tomcat" roles="role1"/>
</tomcat-users>
Saved it and restart tomcat, now we can access tomcat admin or maneger page with user:admin password:admin.
