Web Application Administration

Tomcat provides a number of tools that allow you to administer the Web applications, the new manager application will allow you to view deployed and undeploy Web applications. There are three ways to interact with the manager application web based user interface, Ant scripts and HTTP commands, i will discuss all three.

Tomcat Manager

The Tomcat manager allows you to deploy, undeploy and manage web applications, as i mentioned there are three ways to access this manager. Access to the manager is restricted to authorized users. A summary of what Tomcat manager can perform:

It is possible to deploy a Web application manually

There is a setting which allows you to autodeploy applications (it is a server.xml attribute called autodeploy in the Host element , default is false), this is generally turned off as it can affect performance because it has to check timestamp's with the base directory to see if any changes have been made. If the autodeploy attribute is set to false then Tomcat has to be restarted or use the deploy command to deploy an application.

To access the application manager you must either use an existing or create a new user in the file conf/tomcat-users.xml file, Tomcat needs to be restarted as the file is only read once into memory when Tomcat is started, one point to make is that in the web.xml file the user that authenticates must have a role privilege of manager, this is because the manager/META-INF/context.xml file has the "privileged" attribute set to true. It has basic authentication but this can be upgraded to use a more security method., below is what you should see once you have authenticated.

I could display lots of pictures of the manager but I am not going to, I will leave it to you to have a play around with, most of it is self explaining.

Ant Scripts

I will update this page when I have a chance to play around with the Ant scripts, I am not to familiar with them.

Using HTTP Requests

Another way to to manage Tomcat is to issue commands via a Browser using HTTP. The URL will contain the command to send to Tomcat

List deployed Apps http://localhost:8080/manager/list
Deploy a new app remotely http://localhost:8080/manager/deploy?path={context_path}
Deploy a new app locally http://localhost:8080/manager/deploy?path=/hello&war=file:/path/to/hello.war!/
Deploy a new app using a context file http://localhost:8080/manager/deploy?config=file:/path/context.xml&war=jar:file:/path/to/hello.war!/
Reload an existing app http://localhost:8080/manager/reload?path={context_path}
List available JNDI Resources http://localhost:8080/manager/resources[?type={jndi_type}]
List OS and JVM Properties http://localhost:8080/manager/serverinfo
Stopping an existing app http://localhost:8080/manager/stop?path={context_path}
Starting an existing app http://localhost:8080/manager/start?path={context_path}
Undeploying an app http://localhost:8080/manager/undeploy?path={context_path}
Display session stats http://localhost:8080/manager/session?path={context_path}
Query Tomcat Internals using JMX Proxy Servlet http://localhost:8080/manager/jmxproxy/?qry=<QUERY_STRING>

http://localhost:8080/manager/jmxproxy/?qry=*%3Aj2eeType=Servlet%2c*
Setting Tomcat Internals using JMX Proxy Servlet
http://localhost:8080/manager/jmxproxy/?set=Catalina%3Atype%3DManager%2Cpath%3Dhello%2\
  Chost%3Dlocalhost&att=maxActiveSession&val=100

Possible Errors

Below is a typical list of common errors and failures

Security Considerations

You must secure the manager as it is not very secure by default, the following list can help secure the manager

Configure Tomcat to user encrypted password

## server.xml
<Realm className="org.apache.Catalina.realm.UserDatabaseRealm"
           debug="5"
           digest="sha"
           pathname="conf/tomcat_users.xml"
/>

# tomcat-users.xml
<user name="manager"
      password="c23e4c2003a93ahudnhdfnjd653894nd893nd73bj9d"
      role="manager"
/>

Note: the text in bold is what you need to change