Easily set up and automatically start Apache Tomcat 7 Java web server in Ubuntu Linux

Apache Tomcat is actually easier than the standard Apache webserver to set up, which is great news if you are working with Java based web applications. All you need to do is download it and make sure it starts with whichever linux distribution you are using. Deploying applications in standard WAR format is really easy as well due to the simple web based management interface.

In my case I wanted Tomcat to start with Ubuntu and sit on the default port 8080 so I could have it running alongside my standard Apache webserver for PHP. We were developing a Spring application and used Maven to build and compile to a single deployable WAR file. You must have Java installed and set up for this to work. To check you have Java set up type:

java -version

This should tell you what version of java you have installed (hopefully Java 1.7). You also need to check that the “JAVA_HOME” variable is set by typing:

echo $JAVA_HOME

If you don’t get something like “/usr/lib/jvm/jdk1.7.0_09″ please install Java following my installation instructions in a previous post.

To install Apache Tomcat first of all I downloaded the latest copy of Tomcat 7 from mirrorservice.org using wget run from my home directory:

wget http://www.mirrorservice.org/sites/ftp.apache.org/tomcat/tomcat-7/v7.0.32/bin/apache-tomcat-7.0.32.tar.gz

Please note that the version I downloaded may not be available or there may be a newer version so check http://www.mirrorservice.org/sites/ftp.apache.org/tomcat/tomcat-7/ first before running the wget.

“wget” will download the file, which then needs to be extracted:

tar xvzf apache-tomcat-7.0.32.tar.gz

Now you will have a folder “apache-tomcat-7.0.32″ in your home directory. This needs placing somewhere sensible so copy it to “/usr/share/tomcat7″ using:

sudo mv apache-tomcat-7.0.32/ /usr/share/tomcat7

Now you can test your Tomcat install works with its default settings by starting it up. Note: before you do this you need to set the “JAVA_HOME” variable otherwise you will get errors (see my previous post).

To start up Tomcat navigate to “/usr/share/tomcat7″ and run “startup.sh”:

cd /usr/share/tomcat7

./startup.sh

With the default settings you should now be able to reach your Tomcat server home page by navigating to “http://your.ip.add.ress:8080″ where you should hopefully see the homepage and a nice message saying:

“If you’re seeing this, you’ve successfully installed Tomcat. Congratulations!”

Now we need to set up management users for the manager app so we can easily deploy our WAR files containing our Java web applications. You need to edit “/usr/share/tomcat7/conf/tomcat-users.xml”:

sudo nano /usr/share/tomcat7/conf/tomcat-users.xml

Now add the following lines within the “<tomcat-users>” block to give access to the manager GUI:

<role rolename=”manager-gui”/>
<user username=”MANAGERUSER” password=”YOURPASSWORD” roles=”manager-gui”/>

Now you will be able to log in to the manager GUI at “http://your.ip.add.ress:8080/manager/html” using the login details MANAGERUSER and password YOURPASSWORD. You can deploy applications and generally manage your Tomcat install from here.

The final thing to do is to set up Tomcat so that it starts every time your server starts. This is pretty easy as all you need to do in Ubuntu is edit the “/etc/init.d/tomcat7″ file:

sudo nano /etc/init.d/tomcat7

Now enter the following lines:


# Tomcat auto-start
#
# description: Auto-starts tomcat
# processname: tomcat
# pidfile: /var/run/tomcat.pid

case $1 in
start)
sh /usr/share/tomcat7/bin/startup.sh
;;
stop)
sh /usr/share/tomcat7/bin/shutdown.sh
;;
restart)
sh /usr/share/tomcat7/bin/shutdown.sh
sh /usr/share/tomcat7/bin/startup.sh
;;
esac
exit 0

Set the permissions for the file:

sudo chmod 755 /etc/init.d/tomcat7

Add Tomcat to system startup as a service using the command:

sudo update-rc.d tomcat7 defaults

Now you can test that Tomcat is set up as a service using:

sudo service tomcat7 restart

Now to check everything is working on system startup reboot your machine using:

sudo reboot now

Navigate to “http://your.ip.add.ress:8080″ where the Tomcat home page should appear with no problems. Note: If you are having problems reaching your Tomcat home page make sure you have opened port 8080 on your server’s firewall.

It’s definitely worth reading some of the documentation on Tomcat, plenty of which is linked off your newly installed Tomcat home page. You should now have all you need to deploy your Java web applications as WAR files which is really easy using the manager GUI provided by Tomcat.

Easily connect and use PHP with SharePoint lists using cURL, RSS and NTLM authentication

Connecting to SharePoint from PHP is actually not that difficult if you have the cURL extension installed on your web server. In the case of my XAMMP windows development server I just made sure the following line in php.ini (c:xammpphpphp.ini in my case) was uncommented before restarting Apache:

extension=php_curl.dll

In Ubuntu/Linux you can usually just install the packages for cURL and after restarting Apache it will become available. Just type the following on the command line:

sudo apt-get install curl libcurl3 libcurl3-dev php5-curl

Then restart Apache

sudo /etc/init.d/apache2 restart

Now the following code comes from both Norbert Krupa’s comment on David’s IT Blog and a question about parsing HTML on StackOverflow. The important thing to note is that I needed to use cURL to authenticate my domain user when connecting to my secure SharePoint Services 3.0 test site. Apparently you can get away without using cURL on sites that don’t need authentication but the same cURL code listed below can be used with a blank username and password for the same effect.

The goal of this listing is to connect to SharePoint using a domain user (can also be a local user if SharePoint is set up that way) and retrieve the contents of a SharePoint list. The trick is to supply the RSS feed url, which allows PHP to parse the RSS feed and neatly list the contents of a SharePoint list. An advantage of using RSS feeds of SharePoint lists is that they are secured using the same method as the list itself and require no extra configuration on the SharePoint side of things. You can also set the RSS feed to only show a set number of items or days, which is useful for regularly updated lists.

// generic function to get the contents of an HTML block
function get_inner_html( $node ) {
    $innerHTML= '';
    $children = $node->childNodes;
    foreach ($children as $child) {
        $innerHTML .= $child->ownerDocument->saveXML( $child );
    }
    return $innerHTML;
}

// username and password to use
$usr = 'DOMAINUSERNAME';
$pwd = 'PASSWORD';
// URL to fetch, this is the address of the RSS feed (go into a list and click "Actions" -> "View RSS Feed" to get the url)
$url = "http://www.sharepointsite.com/_layouts/listfeed.aspx?List=%7BCED7CDDC-49C0-4C46-BDE6-CFC2BA993C84%7D";
//Initialize a cURL session
$curl = curl_init();
//Return the transfer as a string of the return value of curl_exec() instead of outputting it out directly
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
//Set URL to fetch
curl_setopt($curl, CURLOPT_URL, $url);
//Force HTTP version 1.1
curl_setopt($curl, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_1_1);
//Use NTLM for HTTP authentication
curl_setopt($curl, CURLOPT_HTTPAUTH, CURLAUTH_NTLM);
//Username:password to use for the connection
curl_setopt($curl, CURLOPT_USERPWD, $usr . ':' . $pwd);
//Stop cURL from verifying the peer’s certification
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
//Execute cURL session
$result = curl_exec($curl);
//Close cURL session
curl_close($curl);

$xml = simplexml_load_string($result);

// display results on screen
foreach($xml->channel->item as $Item){
    echo "<br/>($Item->title)";
    $doc = new DOMDocument();
    $doc->loadHTML($Item->description);
    $ellies = $doc->getElementsByTagName('div');
    foreach ($ellies as $one_el) {
        if ($ih = get_inner_html($one_el))
        {
            echo ", $ih";
        }
    }
}

The SharePoint RSS feed is a little interesting as the “$Item->title” object is the main column in the list but the rest of the list is encapsulated in <div> within “$Item->description”, hence the requirement to parse the html.

For a SharePoint list with 3 columns the output will look something like:

(Item 1 Title) , Other Column A: xxxx, Other Column B: yyyy
(Item 2 Title) , Other Column A: zzzz, Other Column B: kkkk

Now the potential for this is great as it allows us to securely synchronise SharePoint lists with external databases, use SharePoint for authenticating PHP applications etc . We are going to be using this for automatically pulling users from a SharePoint list to populate a separate PHP application, whilst keeping user-identifiable data locked away on SharePoint.

Check for large directories in linux (and check Apache logging!)

We had a problem where a server wasn’t allowing us to upload any more files using our web application’s interface. This was due to an enormous “error.log.1.txt” in “/var/log/apache2/” caused by setting our log level to warnings rather than errors. Thanks to Josh at blindhog.net I could run a command and quickly find directories over 1GB in size:

du -h / | grep ^[0-9.]*G

This quickly showed up our 12GB log file..

Make a SSL Certificate Request and Install the Certificate Using Apache on Linux

I used the guides at Verisign and a forum post at Tech Arena.

It’s actually quite easy, you just need to know what commands to type. First you need to set up a virtual host in Apache and put in your content etc. The commands listed below do require some input so just fill in the details correctly.

Generate the private key:

openssl genrsa -des3 -out www.sitename.com.key 1024

Generate the certificate signing request from the private key:

openssl req -new -key www.sitename.com.key -out www.sitename.com.csr

Now send this certificate signing request to your certificate authority with your details (to Verisign/GoDaddy etc). They will send you back a .crt file, which is the certificate you need to install.

If you want to start Apache automatically, without having to enter the passphrase for the private key each time, you will need to do a couple more commands to create an unencrypted key. You can do this earlier but it’s good to have both versions of the key:

mv www.sitename.com.key www.sitename.com.key.has-passphrase
openssl rsa -in www.sitename.com.key.has-passphrase -out www.sitename.com.key

Now put the .crt and .key in a folder and point to them in the apache .conf file of the virtual host e.g.

<VirtualHost ip.add.re.ss:443>
… some config like DocumentRoot , etc..
SSLEngine on
SSLCertificateFile /etc/httpd/conf/ssl.crt/www.sitename.com.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/www.sitename.com.key
</VirtualHost>

Transfer SSL Certificates from Microsoft IIS to Linux Apache

Thanks to a few different guides online (mainly Pete Frietag’s) I got an SSL certificate transferred from IIS on Server 2003 to Apache on Ubuntu Server 10.04. There was an extra step I needed to do that seems obvious now.

First Export your IIS certificate into a pfx file (this is something you should do anyways for backup)

  • Run mmc.exe
  • Click the ‘Console’ menu and then click ‘Add/Remove Snap-in’.
  • Click the ‘Add’ button and then choose the ‘certificates’ snap-in and click on ‘Add’.
  • Select ‘Computer Account’ then click ‘Next’.
  • Select ‘Local Computer’ and then click ‘OK’.
  • Click ‘Close’ and then click ‘OK’.
  • Expand the menu for ‘Certificates’ and click on the ‘Personal’ folder.
  • Right click on the certificate that you want to export and select ‘All tasks’ -> ‘Export’.
  • A wizard will appear. Make sure you check the box to include the private key and continue through with this wizard until you have a .PFX file.

Next run openssl to extract the private key, and the cert file.

# Export the private key file from the pfx file

openssl pkcs12 -in filename.pfx -nocerts -out key.pem

# Export the certificate file from the pfx file

openssl pkcs12 -in filename.pfx -clcerts -nokeys -out cert.pem

# This removes the passphrase from the private key so Apache won't
# prompt you for your passphase when it starts

openssl rsa -in key.pem -out server.key

Now to make this work (the extra step) you need to go to your apache virtual host configuration file (or default if you dont have any virtual hosts) located at “/etc/apache2/sites-available/virtualhostname.conf” and make sure the following lines are present and correct:

SSLEngine on
SSLOptions +StrictRequire
SSLCertificateFile /path/to/certificate/cert.pem
SSLCertificateKeyFile /patch/to/key/server.key

Then restart apache with the standard command

sudo /etc/init.d/apache2 restart

Install Webmin on Ubuntu Server 10.10

Content from Andrai Daneasa, thanks!

1. Download webmin from http:www.webmin.com . Currently 1.520
wget http://www.webmin.com/download/deb/webmin-current.deb

2. Execute webmin package. It will fail but it’s easier for us, since we’ll just force installing dependencies, rather than installing them one by one.
sudo dpkg -i webmin-current.deb

3. Install missing dependencies and it will automatically recompile webmin
sudo apt-get -f install

Enjoy webmin on https://[serverIP]:10000 .

So easy when you don’t have to worry about dependancies.

UPDATE:

There were issues with Apache configuration under webmin in Ubuntu Server 10.10. Webmin couldn’t see that apache was already started so you have to do the following (thanks hrpr on the Ubuntu forums):

I just installed Webmin on Ubuntu 10.10 desktop and had same problem. Fixed in my case by settng path to Apache PID to “/var/run/apache2.pid” rather than using the default setting of “Work out automatically.” I did not make any changes to the envvars file.

This also worked for me.

On another note, my fresh install of Ubuntu Server 10.10 with a LAMP server and webmin installed, on a vmware virtual server, came to 1.64GB, a tiny amount!

Setting Up & Starting Apache and Tomcat on Solaris 10 x86

Apache, Java and Tomcat are all installed by default in my copy of Solaris 10 x86, I assume this is the same for all versions of Solaris. I was dreading compiling Apache and Tomcat from source and was even considering installing the package from Blastwave.org. Luckily I googled a bit more and soon realised everything was installed by default, which is actually a bit obvious when you think about it.

Thanks to a random bug report page on opensolaris.org requesting an addition in documentation I got straight to the answer. I had to add an extra step in to add the required environment variables (which are now sitting in my “profile” file to be loaded each time). I’ve compressed the information a bit here but these are the steps I took to start Apache and Tomcat:

First add the two environment variables JAVA_HOME and CATALINA_BASE (for Tomcat) to your “/etc/profile” file or current session using usual “export” command:

export JAVA_HOME=/usr/java

and

export CATALINA_BASE=/var/apache/tomcat

Now you need to make sure the config files for both Apache and Tomcat exist with the right filenames. Luckily there are example config files included with both so you can just rename/copy these config files:

cp /etc/apache2/httpd.conf-example /etc/apache2/httpd.conf

cp /var/apache/tomcat/conf/server.xml-example /var/apache/tomcat/conf/server.xml

Now you can start up Apache:

svcadm enable apache

Now make a symbolic link to point the Tomcat “conf” directory to the Apache Tomcat “conf” directory (just to make sure config files come from the right place):

cd /usr/apache/tomcat

ln -s /var/apache/tomcat/conf conf

Now last of all, start up the Tomcat server using the startup.sh script in the Tomcat “bin” directory:

/usr/apache/tomcat/bin/startup.sh

Now you have both Apache and Tomcat running (on ports 80 and 8080 respectively). The home directory for Apache, where the html documents etc are stored, is located at “/var/apache2/htdocs/”. The home directory for Tomcat is at “/var/apache/tomcat/webapps/ROOT”.

Interestingly the test page for Tomcat at “http://localhost:8080″ states the environment variable as “$CATALINA_HOME” and not “$CATALINA_BASE” as I used. My Tomcat seems to be perfectly happy and I can run the sample applications so I guess you don’t need to worry about this.

UPDATE:

If you have installed Oracle you can use Oracle’s own web application server (OC4J) at “http://localhost:1158″. There is a default page here with links to documentation etc. I’ll write more on using this once I figure out how to do dev work in Windows and push it to our Solaris installs.