Install Tomcat 7 on Debian (Lenny) with virtual hosts and Apache2 integration

Please see new version Tomcat 8 on Debian 7 here !

Dieser Artikel ist eine überarbeitete Version meines Tomcat 6 Artikels. Es soll Tomcat 7 unter Debian Lenny installiert werden und mit mehreren virtuellen Hosts betrieben werden. Tomcat 7 ist unter Debian leider nicht über die Quellen zu beziehen, deshalb muss er manuell installiert werden.This article is a new version of my Apache Tomcat 6 article. This article describes how to install Apache Tomcat 7 on Debian Lenny, Apache2 integration and virtual hosts. Tocat 7 is not available over the regular sources on Debain Lenny (and Etch) it need to be installed by hand.

Tomcat 7 ist aktuell noch BETA. Für produktive Server sollte man lieber noch auf Tomcat 6 zurückgreifen.Tomcat 7 is still BETA. Please use Tomcat 6 for productive servers.

1. Install Java 6 runtime:1. Installation von Java 6 runtime:

Choose one of the following Java JDK installations:Eine der folgenden Java JDK Installationen wählen:

1.1 OpenJDK

aptitude install openjdk-6-jre

1.2 Sun Java (non-free)

vim /etc/apt/sources
deb lenny main non-free
deb-src lenny main non-free
aptitude update
aptitude install sun-java6-jre

Note: Keep in mind that you need a different Apache connector configuration if you use the Sun JDK.Bemerkung: Nicht vergessen, dass eine andere Konfiguration beim Apache-Connector erforderlich sein wird, sollte Sun JDK verwendet werden.

2. Download Tomcat

Download Tomcat 7 fromvon der Tomcat 7 Download pageSeite.

For example:Zum Beispiel:


3. Install Tomcat3. Installation von Tomcat

tar -xzvf apache-tomcat-7.0.5.tar.gz
mv apache-tomcat-7.0.5 /opt/tomcat

4. Create tomcat user and group4. Tomcat Benutzer und Gruppe anlegen

groupadd tomcat
useradd -g tomcat -d /opt/tomcat tomcat
usermod -G www-data tomcat
chown tomcat:tomcat /opt/tomcat -R

This create a new user “tomcat” and a group “tomcat”. It set the home directory for this user to “/opt/tomcat” and join the “tomcat” user the “www-data” group. This is necessary to access the virtual hosts. Finally give the “/opt/tomcat” directory to the new “tomcat” user.Dies legt einen neuen Benutzer “tomcat” und eine neue Gruppe “tomcat” an. Außerdem wird das Home-Directory dieses Benutzers auf “/opt/tomcat” gesetzt. Der Benutzer wird außerdem in die Gruppe “www-data” verschoben. Dies ist notwendig um Zugriff auf die virtuellen Hosts des Apaches zu haben. Zum Schluss werden dem neuen Benutzer “tomcat” noch die Besitzrechte für den Ordner “/opt/tomcat” übertragen.

5. Create Init-Script5. Init-Skript erstellen

vim /etc/init.d/tomcat
# /etc/init.d/tomcat -- startup script for the Tomcat 7 servlet engine
# Modified init-Script from Ubuntu Tomcat init-script
# 2010 - Sebastian Mogilowski -
# Provides:          tomcat
# Required-Start:    $local_fs $remote_fs $network
# Required-Stop:     $local_fs $remote_fs $network
# Should-Start:      $named
# Should-Stop:       $named
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: Start Tomcat.
# Description:       Start the Tomcat servlet engine.

set -e

DESC="Tomcat servlet engine"

if [ `id -u` -ne 0 ]; then
	echo "You need root privileges to run this script"
	exit 1

# Make sure tomcat is started with system locale
if [ -r /etc/default/locale ]; then
	. /etc/default/locale
	export LANG

. /lib/lsb/init-functions

if [ -r /etc/default/rcS ]; then
	. /etc/default/rcS

# The following variables can be overwritten in $DEFAULT

# Run Tomcat 7 as this user ID and group ID

# The first existing directory is used for JAVA_HOME (if JAVA_HOME is not
# defined in $DEFAULT)
JDK_DIRS="/usr/lib/jvm/java-6-openjdk /usr/lib/jvm/java-6-sun /usr/lib/jvm/java-1.5.0-sun /usr/lib/j2sdk1.5-sun /usr/lib/j2sdk1.5-ibm"

# Look for the right JVM to use
for jdir in $JDK_DIRS; do
    if [ -r "$jdir/bin/java" -a -z "${JAVA_HOME}" ]; then
export JAVA_HOME

# Directory where the Tomcat binary distribution resides

# Directory for per-instance configuration files and webapps

# Use the Java security manager? (yes/no)

# Default Java options
# Set java.awt.headless=true if JAVA_OPTS is not set so the
# Xalan XSL transformer can work without X11 display on JDK 1.4+
# It also looks like the default heap size of 64M is not enough for most cases
# so the maximum heap size is set to 128M
if [ -z "$JAVA_OPTS" ]; then
	JAVA_OPTS="-Djava.awt.headless=true -Xmx128M"

# End of variables that can be overwritten in $DEFAULT

# overwrite settings from default file
if [ -f "$DEFAULT" ]; then

if [ ! -f "$CATALINA_HOME/bin/bootstrap.jar" ]; then
	log_failure_msg "$NAME is not installed"
	exit 1


if [ -z "$CATALINA_TMPDIR" ]; then

# Set the JSP compiler if set in the tomcat.default file
if [ -n "$JSP_COMPILER" ]; then
	JAVA_OPTS="$JAVA_OPTS -Dbuild.compiler=\"$JSP_COMPILER\""

if [ "$TOMCAT_SECURITY" = "yes" ]; then

# Define other required variables

# Look for Java Secure Sockets Extension (JSSE) JARs
if [ -z "${JSSE_HOME}" -a -r "${JAVA_HOME}/jre/lib/jsse.jar" ]; then

catalina_sh() {
	# Escape any double quotes in the value of JAVA_OPTS
	JAVA_OPTS="$(echo $JAVA_OPTS | sed 's/\"/\\\"/g')"

	if [ "$AUTHBIND" = "yes" -a "$1" = "start" ]; then
		AUTHBIND_COMMAND="/usr/bin/authbind --deep /bin/bash -c "

	# Define the command to run Tomcat's as a daemon
	# set -a tells sh to export assigned variables to spawned shells.
	TOMCAT_SH="set -a; JAVA_HOME=\"$JAVA_HOME\"; source \"$DEFAULT\"; \
		cd \"$CATALINA_BASE\"; \
		\"$CATALINA_SH\" $@"

	if [ "$AUTHBIND" = "yes" -a "$1" = "start" ]; then

	# Run the script as a daemon
	set +e
	touch "$CATALINA_PID" "$CATALINA_BASE"/logs/catalina.out
	chown $TOMCAT_USER "$CATALINA_PID" "$CATALINA_BASE"/logs/catalina.out
	start-stop-daemon --start -b -u "$TOMCAT_USER" -g "$TOMCAT_GROUP" \
		-x /bin/bash -- -c "$AUTHBIND_COMMAND $TOMCAT_SH"
	set +a -e
	return $status

case "$1" in
	if [ -z "$JAVA_HOME" ]; then
		log_failure_msg "no JDK found - please set JAVA_HOME"
		exit 1

	if [ ! -d "$CATALINA_BASE/conf" ]; then
		log_failure_msg "invalid CATALINA_BASE: $CATALINA_BASE"
		exit 1

	log_daemon_msg "Starting $DESC" "$NAME"
	if start-stop-daemon --test --start --pidfile "$CATALINA_PID" \
		--user $TOMCAT_USER --exec "$JAVA_HOME/bin/java" \
		>/dev/null; then

		# Regenerate POLICY_CACHE file
		umask 022
		echo "// AUTO-GENERATED FILE from /opt/tomcat/" \
		echo ""  >> "$POLICY_CACHE"
		cat $CATALINA_BASE/conf/*.policy \

		# Remove / recreate JVM_TMP directory
		rm -rf "$JVM_TMP"
		mkdir -p "$JVM_TMP" || {
			log_failure_msg "could not create JVM temporary directory"
			exit 1

		catalina_sh start $SECURITY
		sleep 5
        	if start-stop-daemon --test --start --pidfile "$CATALINA_PID" \
			--user $TOMCAT_USER --exec "$JAVA_HOME/bin/java" \
			>/dev/null; then
			if [ -f "$CATALINA_PID" ]; then
				rm -f "$CATALINA_PID"
			log_end_msg 1
			log_end_msg 0
	        log_progress_msg "(already running)"
		log_end_msg 0
	log_daemon_msg "Stopping $DESC" "$NAME"

	set +e
	if [ -f "$CATALINA_PID" ]; then
		start-stop-daemon --stop --pidfile "$CATALINA_PID" \
			--user "$TOMCAT_USER" \
			--retry=TERM/20/KILL/5 >/dev/null
		if [ $? -eq 1 ]; then
			log_progress_msg "$DESC is not running but pid file exists, cleaning up"
		elif [ $? -eq 3 ]; then
			PID="`cat $CATALINA_PID`"
			log_failure_msg "Failed to stop $NAME (pid $PID)"
			exit 1
		rm -f "$CATALINA_PID"
		rm -rf "$JVM_TMP"
		log_progress_msg "(not running)"
	log_end_msg 0
	set -e
	set +e
	start-stop-daemon --test --start --pidfile "$CATALINA_PID" \
		--user $TOMCAT_USER --exec "$JAVA_HOME/bin/java" \
		>/dev/null 2>&1
	if [ "$?" = "0" ]; then

		if [ -f "$CATALINA_PID" ]; then
		    log_success_msg "$DESC is not running, but pid file exists."
			exit 1
		    log_success_msg "$DESC is not running."
			exit 3
		log_success_msg "$DESC is running with pid `cat $CATALINA_PID`"
	set -e
	if [ -f "$CATALINA_PID" ]; then
		$0 stop
		sleep 1
	$0 start
        if start-stop-daemon --test --start --pidfile "$CATALINA_PID" \
		--user $TOMCAT_USER --exec "$JAVA_HOME/bin/java" \
		>/dev/null; then
		$0 start
	log_success_msg "Usage: $0 {start|stop|restart|try-restart|force-reload|status}"
	exit 1

exit 0

Download the init-script:Herrunterladen des Init-Skripts: Tomcat 7 Init-Script (2.6 kB)

chmod +x /etc/init.d/tomcat
update-rc.d tomcat defaults

6. Activate the Tomcat manager6. Aktivieren des Tomcat Managers

vim /opt/tomcat/conf/tomcat-users.xml
<?xml version='1.0' encoding='utf-8'?>
    <role rolename="manager"/>
    <role rolename="manager-gui"/>
    <role rolename="admin"/>
    <role rolename="admin-gui"/>
    <user username="YOUR_USERNAME" password="YOUR_PASSWORD" roles="admin,admin-gui,manager,manager-gui"/>

6. Start Tomcat

/etc/init.d/tomcat start

Now you can access the Tomcat manager with http://SERVER:8080/manager.Nun kann man den Tomcat Manager mit http://SERVER:8080/manager aufrufen.

7. Install Apache2 connector7. Installation des Apache2 Connectors

Tomcat besitzt zwar einen eingebauten Webserver, jedoch ist der Apache2 Webserver wesentlich leistungsfähiger außerdem sind so die Apache Module verwendbar. (mod_rewrite zum Beipiel)You can use the Tomcat as a standalone webserver, but the apache webserver has more features and you can use the apache modules. (mod_rewrite for example)

aptitude install apache2 libapache2-mod-jk

7.1 Apache worker7.1 Apache worker

vim /etc/apache2/

Note: Replace “/usr/lib/jvm/java-6-openjdk” with “/usr/lib/jvm/java-6-sun” if you using the non-free Sun Java runtime.Bemerkung: Falls die non-free Java Runtime von Sun verwendet wird, muss “/usr/lib/jvm/java-6-openjdk” durch “/usr/lib/jvm/java-6-sun” ersetzt werden.

7.2 JK Konfigurationsdatei7.2 JK configuration file

vim /etc/apache2/conf.d/jk.conf
<ifmodule mod_jk.c>
    JkWorkersFile /etc/apache2/
    JkLogFile /var/log/apache2/mod_jk.log
    JkLogLevel error
/etc/init.d/apache2 stop
/etc/init.d/tomcat restart
/etc/init.d/apache2 start

8. Create a new VirtualHost8. Neuen Virtuellen Host anlegen

Nun soll ein neuer VirtualHost angelegt werden. Dieser muss im Apache und im Tomcat angelegt werden.Creating a new VirtualHost: (In Apache AND Tomcat)

8.1 Create directories8.1 Verzeichnisse anlegen

mkdir /var/www/vhost1
mkdir /var/www/vhost1/htdocs
mkdir /var/www/vhost1/logs
vim /etc/apache2/sites-available/vhost1

8.2 Apache

<virtualhost www.testsrv.local>
    JkMount /*.jsp default
    ServerName www.testsrv.local
    ServerAdmin servermaster@testsrv.local
    DocumentRoot /var/www/vhost1/htdocs
    ErrorLog /var/www/vhost1/logs/error.log
    CustomLog /var/www/vhost1/logs/access.log common
    <directory /var/www/vhost1/htdocs>
        Options -Indexes

Bemerkung: Man könnte auch alle Dateien an den Tomcat weiterleiten “JkMount /*” oder alle Dateien innerhalb eines Verzeichnisses “JkMount /folder/*”.Note: You can forward all files “JkMount /*” or all files in a folder “JkMount /folder/*” to the Tomcat, too.

a2ensite vhost1
/etc/init.d/apache2 reload

8.3 Tomcat

vim /opt/tomcat/conf/server.xml
<!-- www.testsrv.local -->
<Host name="www.testsrv.local" appBase="/var/www/vhost1" unpackWARs="true" autoDeploy="true">
    <Context path="" docBase="htdocs" debug="0" reloadable="true"/>
    <Valve className="org.apache.catalina.valves.AccessLogValve" directory="/var/www/vhost1/logs"  prefix="tomcat_access_" suffix=".log" pattern="common" resolveHosts="false"/>

Note: Make sure you use a uppercase “H”, “C” and “V” for “Host”, “Content” and “Value”. This is importand since Tomcat 7.Bemerkung: Bitte sicherstellen, dass das “H”, “C” und “V” von “Host”, “Content” und “Value” groß geschrieben sind. Dies ist wichtig seit Version 7 von Tomcat.

/etc/init.d/tomcat restart

Note: You can add additional domains with:Bemerkung: Man kann weitere Domains mit:



9. Create a Testpage9. Testseite anlegen

vim /var/www/vhost1/htdocs/test.jsp
        <title>Hello World</title>
        <h1>Hello World</h1>
        Today is: <%= new java.util.Date().toString() %>

Now you can test your configuration with http://www.testsrv.local/test.jspNun kann man durch den Aufruf von http://www.testsrv.local/test.jsp die Konfiguration/Installation testen.

39 thoughts on “Install Tomcat 7 on Debian (Lenny) with virtual hosts and Apache2 integration”

  1. i did everything correctly, added “JkMount /* default” to my apache2 vhost, created the host in server.xml like

    but when i try to access http://domain.tld, i allways get a http 404 by tomcat. the file index.html in /home/user/public_html already exists.

    what’s wrong?

  2. i did everything correctly, added “JkMount /* default” to my apache2 vhost, created the host in server.xml like

    {Host name=”domain.tld” appBase=”/home/user” unpackWARs=”true” autoDeploy=”true”}
    {Context path=”” docBase=”public_html” debug=”0″ reloadable=”true” /}

    but when i try to access http://domain.tld, i allways get a http 404 by tomcat. the file index.html in /home/user/public_html already exists.

    what’s wrong?

    1. Thank you for the awesome tutorial. It works really really well!

      This has got everything I need to implement a mixed PHP+JSP environment for my website (as of posting it’s not complete yet, though).

      Thank you!

  3. Hi,

    please first check the tomcat logfiles. And check which file and folders on the disk tomcat wants to access.

    Check all files and folder names case sensitive !!

    Please add the apache and complete tomcat config to pastebin.



  4. Hallo,
    klasse Tutorial. Hat auf Anhieb funktioniert :).

    Zusätzlich hätte ich gerne das neben auch bei einem Aufruf von die Anfrage an den Tomcat weitergeleitet wird. Da bekomme ich momentan einen 404 des Apache.

    Reicht es nicht ServerAlias und in den entsprechenden Configs anzugeben?

    Noch eine Kleinigkeit: In anderen Tutorials sehen ich immer , wieso nimmst du hier einen anderen Ansatz? (mit * geht es nämlich gar nicht bei mir 🙂 )

    Bei Bedarf kann ich auch meine Configs posten.

    Danke schon mal für deine Hilfe.

  5. Hi Basti,

    ich glaub da ging was verloren bei deinen Kommentar.
    Ein Alias sollte reichen. Besser ist aber vielleicht du machst einen Redirect im Apache.



  6. hallo,
    da scheint alles rausgeflogen zu sein was in spitzen klammern stand…
    naja, mein problem hat sich erledigt mittlerweile. lag daran das plex immer dazwischen gefunkt hat.


  7. This is VERY helpful. However, it took me 2 days to understand that in the standard debian squeeze distribution, the /tomcat/conf/server.xml comes with the
    relevant line

    <!– Define an AJP 1.3 Connector on port 8009 –>
    <!–Connector port=”8009″ protocol=”AJP/1.3″ redirectPort=”8443″ /–>

    is commented …

  8. after step 6 when i’m trying to execute the command “/etc/init.d/tomcat start” sometime it says [fail] or sometimes [OK] but when I open the browser and type the address as: http://localhost:8080/manager
    there is no content in there. Why?

    1. 1. Make sure, that tomcat is running “px aux | grep tomcat”.
      2. Check Tomcat Error logs and “catalina.out”

      Is there any output in the syslog if “/etc/init.d/tomcat start” fails ?

  9. Hey 😀

    I’m runnning a vServer on with Debian Squeeze, Apache 2.2.16 and Tomcat 7.0.26.
    I did every step you described, but I have the following issues:
    – When I try to access my Server direct via IP it should show me the Apache standard message homepage “It works!…”, but I get an error 403 Forbidden.
    – When I try to access the test.jsp via http://x.x.x.x/test.jsp I get a Tomcat Error Page “HTTP Status 404” (The requested resource (/test.jsp) is not available.)
    – BUT, I can access Tomcat via http://x.x.x.x:8080/manager/

    Any guess what I did wrong? Which log files do you need?

    Best regards

    ps: also when I leave
    /etc/init.d/apache2 stop
    /etc/init.d/tomcat restart
    /etc/init.d/apache2 start

    in the jk.conf file, I get the following Error Message by trying to execute
    /etc/init.d/apache2 reload
    Invalid command '/etc/init.d/apache2', perhaps misspelled or defined by a module not included in the server configuration
    Action 'configtest' failed.
    The Apache error log may have more information.

    1. You don’t have to leave

      /etc/init.d/apache2 stop
      /etc/init.d/tomcat restart
      /etc/init.d/apache2 start

      in the jk.conf file !!!

      This are commands you have to execute.

        1. If Apache finds the file and sends you to tomcat check your vhost definition in /opt/tomcat/conf/tomcat-users.xml and check your catalina.out log-file, too.

          1. Finally, it works. I don’t know why. I just reinstalled the whole server and setup apache and tomcat again. Awesome, it works know.
            Thank you very much for the tutorial 😀

  10. How to configure the server so that Tomcat deploy WAR-Files (for example Hudson/Jenkins) in /var/www/vhost1?

  11. Tks for tutorial. I works!
    Just few questions:
    http://{SERVER}:8080/manager no longer works.
    http://{SERVER} opens index.html page
    http://{SERVER}/index.html does not work

    Still need to run non tomcat content. How to?

  12. hey,
    unfortunately it does not work in my newly-configured debian 6 server. i do not see the tomcat manager site on :8080. it just gets a timeout. i did exactly what you wrote. are there possibly more dependencies, that are not covered in your tutorial? do you guys have other ideas.

    lsof tells:
    java 3905 tomcat 40u IPv6 42083435 0t0 TCP *:http-alt (LISTEN)
    java 3905 tomcat 53u IPv6 42140855 0t0 TCP> (ESTABLISHED)

    1. catalina.out says :
      09.11.2012 18:20:49 org.apache.coyote.AbstractProtocol start
      INFO: Starting ProtocolHandler [“http-bio-8080”]
      09.11.2012 18:20:49 org.apache.coyote.AbstractProtocol start
      INFO: Starting ProtocolHandler [“ajp-bio-8009”]
      09.11.2012 18:20:49 org.apache.catalina.startup.Catalina start
      INFO: Server startup in 2712 ms

Leave a Reply

Your email address will not be published. Required fields are marked *

eMail-Benachrichtigung bei weiteren Kommentaren.
Auch möglich: Abo ohne Kommentar.