Red Hat Summit Red Hat SummitSupportConsoleDéveloppeursCommencer un essaiContact

Ce contenu n'est pas disponible dans la langue sélectionnée.

Chapter 2. Installing JBoss Web Server on Red Hat Enterprise Linux

You can install JBoss Web Server on Red Hat Enterprise Linux using one of two methods:

Regardless of which method you choose, you must first install a supported Java Development Kit (JDK).

2.1. Prerequisites
Copier lien

2.1.1. Installing a Java Development Kit (JDK)
Copier lien

Before installing JBoss Web Server, you must first install a supported Java Development Kit (JDK).

  1. Subscribe your Red Hat Enterprise Linux system to the appropriate channel:

    • OpenJDK:

      • rhel-7-server-rpms

    • Oracle:

      • rhel-7-server-thirdparty-oracle-java-rpms

    • IBM:

      • rhel-7-server-supplementary-rpms
Important

Red Hat Enterprise Linux 6 is no longer supported and subsequently was removed from the documentation.

+ . As the root user, execute the command to install a 1.7 or 1.8 JDK: .. For JDK 1.7:

+ 

# yum install java-1.7.0-<VENDOR>-devel
Copy to Clipboard Toggle word wrap

+ Replace <VENDOR> with oracle, ibm, or openjdk. .. For JDK 1.8:

+ 

# yum install java-1.8.0-<VENDOR>-devel
Copy to Clipboard Toggle word wrap

+ Replace <VENDOR> with oracle, ibm, or openjdk.

  1. Run the following commands as the root user to ensure the correct JDK is in use: 

    # alternatives --config java
    Copy to Clipboard Toggle word wrap 
    # alternatives --config javac
    Copy to Clipboard Toggle word wrap

    These commands return lists of available JDK versions with the selected version marked with a plus (+) sign. If the selected JDK is not the desired one, change to the desired JDK as instructed in the shell prompt.

    Important

    All software that use the java and javac commands uses the JDK set by alternatives. Changing Java alternatives may impact on the running of other software.

2.1.2. Red Hat Enterprise Linux Package Prerequisites
Copier lien

Before installing JBoss Web Server on Red Hat Enterprise Linux, ensure the following prerequisites are met.

  • A supported JDK is installed.
  • You must remove the tomcatjss package before installing the tomcat-native package. The tomcatjss package uses an underlying NSS security model rather than the OpenSSL security model.

Removing the tomcatjss Package

  1. As the root user, run the following command to remove tomcatjss: 

    # yum remove tomcatjss
    Copy to Clipboard Toggle word wrap

2.2. ZIP Installation
Copier lien

Ensure that all of the prerequisites are met before installing JBoss Web Server.

2.2.1. Downloading and Extracting JBoss Web Server
Copier lien

To install JBoss Web Server, download and extract the installation ZIP files.

Downloading JBoss Web Server

  1. Open a browser and log in to the Red Hat Customer Portal.
  2. Click Downloads.
  3. Click Red Hat JBoss Web Server in the Product Downloads list.
  4. Select the correct JBoss Web Server version from the Version drop-down menu.

  5. Click Download for each of the following files, ensuring that you select the correct platform and architecture for your system:

    • Red Hat JBoss Web Server 3.1 Application Server (jws-application-servers-3.1.0-<platform>-<architecture>.zip)

Extracting JBoss Web Server

  1. Unzip the downloaded ZIP files to your installation directory.

    The directory created by extracting the ZIP archives is the top-level directory for JBoss Web Server. This is referred to as JWS_HOME.

2.2.2. Configuring the JBoss Web Server Installation
Copier lien

Some configuration is required before running JBoss Web Server. This section includes the following configuration procedures:

Setting the JAVA_HOME Environment Variable

You must set the JAVA_HOME environment variable for Tomcat before running JBoss Web Server.

In the bin directory of Tomcat (either JWS_HOME/tomcat7/bin or JWS_HOME/tomcat8/bin), create a file named setenv.sh, and insert the JAVA_HOME path definition.

For example: export JAVA_HOME=/usr/lib/jvm/jre-1.7.0-openjdk.x86_64

Creating a Tomcat User

Follow this procedure to create the tomcat user and its parent group:

  1. In a shell prompt as the root user, change directory to JWS_HOME.

  2. Run the following command to create the tomcat user group: 

    # groupadd -g 53 -r tomcat
    Copy to Clipboard Toggle word wrap

  3. Run the following command to create the tomcat user in the tomcat user group: 

    # useradd -c "Tomcat" -u 53 -g tomcat -s /bin/sh -r tomcat
    Copy to Clipboard Toggle word wrap

  4. Check that the tomcat user group and the tomcat user were created correctly: 

    $ grep tomcat /etc/group

tomcat:x:53

$ grep tomcat /etc/passwd

tomcat:x:53:53:Tomcat:/home/tomcat:/bin/sh
    Copy to Clipboard Toggle word wrap

  5. From JWS_HOME, run the following command to assign the ownership of the Tomcat directories to the tomcat user to allow the user to run the Tomcat service: 

    # chown -R tomcat:tomcat tomcat<VERSION>
    Copy to Clipboard Toggle word wrap

    Replace <VERSION> with the respective Tomcat version number (7 or 8).

    You can use ls -l to verify that the tomcat user is the owner of the directory.

  6. Ensure that the tomcat user has execute permissions to all parent directories. For example: 

    # chmod -R u+X tomcat<VERSION>
    Copy to Clipboard Toggle word wrap

Enabling Apache Log4j Logging for Tomcat

To enable logging with Apache Log4j:

  1. Change directory to JWS_HOME/extras/: 

    # cd JWS_HOME/extras/
    Copy to Clipboard Toggle word wrap

  2. Copy log4j-eap6.jar and log4j.properties from JWS_HOME/extras/ to JWS_HOME/lib. 

    # cp log4j.properties log4j-eap6.jar ../tomcat<VERSION>/lib/
    Copy to Clipboard Toggle word wrap

    Replace <VERSION> with the Tomcat version number (7 or 8).

  3. Change directory to JWS_HOME/tomcat<VERSION>/extras/: 

    # cd ../tomcat<VERSION>/extras/
    Copy to Clipboard Toggle word wrap

  4. Copy tomcat-juli-adapters.jar from JWS_HOME/tomcat<VERSION>/extras to JWS_HOME/tomcat<VERSION>/lib. 

    # cp tomcat-juli-adapters.jar ../lib/
    Copy to Clipboard Toggle word wrap

  5. Replace JWS_HOME/tomcat<VERSION>/bin/tomcat-juli.jar with JWS_HOME/tomcat<VERSION>/extras/tomcat-juli.jar: 

    # cp tomcat-juli.jar ../bin/
    Copy to Clipboard Toggle word wrap

2.2.3. Starting JBoss Web Server
Copier lien

To start JBoss Web Server, you must start the following:

  • Tomcat (7 or 8).

Before starting Tomcat, ensure that the following prerequisites are met:

Starting Tomcat

  1. Run the following command as the tomcat user with your respective Tomcat version (7 or 8): 

    $ sh JWS_HOME/tomcat<VERSION>/bin/startup.sh
    Copy to Clipboard Toggle word wrap
    Important

    Although there are multiple methods of starting Tomcat, it is recommended that you use the startup.sh script. To start Tomcat as a service using Jsvc, see the Jsvc chapter.

2.2.4. Stopping JBoss Web Server
Copier lien

To stop JBoss Web Server, you must stop the following:

  • Tomcat (7 or 8).

Stopping Tomcat

  1. To stop Tomcat, run the following command as the root user with your respective Tomcat version (7 or 8): 

    # sh JWS_HOME/tomcat<VERSION>/bin/shutdown.sh
    Copy to Clipboard Toggle word wrap

2.3. RPM Installation
Copier lien

Installing JBoss Web Server from RPM packages installs Tomcat as service, and installs its resources into absolute paths. The RPM installation option is only available for Red Hat Enterprise Linux 7.

RPM installation packages for JBoss Web Server are available from Red Hat Subscription Management.

Note

For users wanting to manage JBoss Web Server installations using Red Hat Satellite: although Red Hat Satellite 6 is recommended for managing JBoss Web Server 3.1 installations, the following Red Hat Network (RHN) channels are also provided specifically for Satellite 5 users:

  • For Red Hat Enterprise Linux 7:

    • jws-3-x86_64-server-7-rpm

Red Hat Satellite 6 users can use the Red Hat Content Delivery Network (CDN) repositories.

Important

Red Hat Enterprise Linux 6 is no longer supported and subsequently was removed from the documentation.

Warning

Installing JBoss Web Server from RPM packages shares Java library files with other applications. Library version conflicts occur when using RPM packages to install both JBoss Web Server 3 and JBoss EAP 6 on the same machine. To workaround the issue, you can install either JBoss Web Server 3 or JBoss EAP 6 using the RPM installation method, and the other using the ZIP installation method.

2.3.1. Installing JBoss Web Server from RPM packages
Copier lien

Prerequisites

Before downloading and installing the RPM packages, you must register your system with Red Hat Subscription Management and subscribe to the respective Content Delivery Network (CDN) repositories.

For information on registering Red Hat Enterprise Linux, see The Subscription Manager for Red Hat Enterprise Linux 7.

Attaching subscriptions to Red Hat Enterprise Linux (if required)

If the system does not have a subscription attached that provides JBoss Web Server:

  1. Log in to the Red Hat Subscription Manager.
  2. Click on the Systems tab.
  3. Click on the Name of the system to add the subscription to.
  4. Change from the Details tab to the Subscriptions tab, then click Attach Subscriptions.
  5. Select the check box beside the subscription to attach, then click Attach Subscriptions.
Note

To verify that a subscription provides the required CDN repositories:

  1. Log in to: https://access.redhat.com/management/subscriptions.
  2. Click the Subscription Name.

  3. Under Products Provided, you require:

    • JBoss Enterprise Web Server.
    • Red Hat JBoss Core Services.

Installing JBoss Web Server from RPM packages using YUM

  1. On a command line, subscribe to the JBoss Web Server CDN repositories for your operating system version using subscription-manager: 

    # subscription-manager repos --enable <repository>
    Copy to Clipboard Toggle word wrap

    • For Red Hat Enterprise Linux 7:

      • jws-3-for-rhel-7-server-rpms
      • jb-coreservices-1-for-rhel-7-server-rpms
Important

Red Hat Enterprise Linux 6 is no longer supported and subsequently was removed from the documentation.

  1. Issue the following command as the root user to install JBoss Web Server: 

    # yum groupinstall jws3
    Copy to Clipboard Toggle word wrap
    Note
    • Although not recommended, instead of using the group install, you can install each of the packages and their dependencies individually.
    • The Red Hat JBoss Core Services repositories above are required for the installation of JBoss Web Server.

2.3.2. Installing the JBoss Web Server Plus Group
Copier lien

The JBoss Web Server Plus group contains additional packages, mainly for the addition of Hibernate and its dependencies.

To install the JBoss Web Server Plus group of packages, run the following command as the root user: 

# yum groupinstall jws3plus
Copy to Clipboard Toggle word wrap

2.3.3. Starting JBoss Web Server
Copier lien

To start JBoss Web Server, you must start the following:

  • Tomcat (7 or 8)

Starting Tomcat

  1. In a shell prompt as the root user, start the Tomcat service. Replace <VERSION> with the desired Tomcat version (7 or 8):

    1. For Red Hat Enterprise Linux 7: 

      # systemctl start tomcat<VERSION>.service
      Copy to Clipboard Toggle word wrap

This is the only supported method of starting Tomcat for an RPM installation.

  1. To verify that Tomcat is running, the output of the service status command should be reviewed. This can be executed as any user.

    1. For Red Hat Enterprise Linux 7: 

      # systemctl status tomcat<VERSION>.service
      Copy to Clipboard Toggle word wrap
Important

Red Hat Enterprise Linux 6 is no longer supported and subsequently was removed from the documentation.

2.3.4. Stopping JBoss Web Server
Copier lien

To stop JBoss Web Server, stop the Tomcat services.

Stopping Tomcat

  1. In a shell prompt as the root user, stop the Tomcat service. Replace <VERSION> with the desired Tomcat version (7 or 8):

    1. For Red Hat Enterprise Linux 7: 

      # systemctl stop tomcat<VERSION>.service
      Copy to Clipboard Toggle word wrap

  2. To verify that Tomcat is no longer running, the output of the service status command should be reviewed. This can be executed as any user.

    1. For Red Hat Enterprise Linux 7: 

      # systemctl status tomcat<VERSION>.service
      Copy to Clipboard Toggle word wrap
Important

Red Hat Enterprise Linux 6 is no longer supported and subsequently was removed from the documentation.

2.3.5. Configuring JBoss Web Server Services to Start at Boot
Copier lien

You can configure JBoss Web Server to start at boot.

Use the following commands to enable the JBoss Web Server services to start at boot. Replace <VERSION> with the desired Tomcat version (7 or 8).

  • For Red Hat Enterprise Linux 7: 

    # systemctl enable tomcat<VERSION>.service
    Copy to Clipboard Toggle word wrap
Important

Red Hat Enterprise Linux 6 is no longer supported and subsequently was removed from the documentation.

2.4. SELinux Policies
Copier lien

2.4.1. SELinux Policy Information
Copier lien

The following table contains information about the SELinux policies provided in the tomcat<version>-selinux packages.

Expand
Table 2.1. RPMs and Default SELinux Policies
NamePort InformationPolicy Information

tomcat<version>

Four ports in http_port_t (TCP ports 8080, 8005, 8009, and 8443) to allow the tomcat process to use them.

The Tomcat<VERSION> policy is installed, which sets the appropriate SELinux domain for the process when Tomcat executes. It also sets the appropriate contexts to allow tomcat to write to /var/lib/tomcat<VERSION>, /var/log/tomcat<VERSION>, /var/cache/tomcat<VERSION>, and /var/run/tomcat<VERSION>.pid.

For more information about using SELinux and other Red Hat Enterprise Linux security information, see the Red Hat Enterprise Linux Security Guide.

2.4.2. SELinux Policies for an RPM Installation
Copier lien

SELinux policies for each Tomcat are provided via their own Tomcat sub-packages: tomcat7-selinux and tomcat8-selinux. These packages are available in the JWS channel.

  • To enable SELinux policies on Tomcat 7, install the tomcat7-selinux package.
  • To enable SELinux policies on Tomcat 8, install the tomcat8-selinux package.

2.4.3. SELinux Policies for a ZIP Installation
Copier lien

In this release, SELinux policies are provided in the ZIP packages. The SELinux security model is enforced by the kernel and ensures applications have limited access to resources such as file system locations and ports. This helps ensure that the errant processes (either compromised or poorly configured) are restricted and in some cases prevented from running. The .postinstall.selinux file is included in each tomcat folder. If required, you can run the .postinstall.selinux script.

To install the SELinux policies using ZIP:

  1. Install the selinux-policy-devel package: 

    yum install -y selinux-policy-devel
    Copy to Clipboard Toggle word wrap

  2. Execute the .postinstall.selinux script: 

    cd <JWS_home>/tomcat<version>
sh .postinstall.selinux
    Copy to Clipboard Toggle word wrap

    Where tomcat<version> refers to tomcat7 or tomcat8.

  3. Make and install the SELinux module: 

    cd selinux
make -f /usr/share/selinux/devel/Makefile
semodule -i tomcat<version>.pp
    Copy to Clipboard Toggle word wrap

  4. Apply the SELinux contexts for JBoss Web Server: 

    restorecon -r <JWS_home>/tomcat<version>/
    Copy to Clipboard Toggle word wrap

  5. Add access permissions to the required ports for JBoss Web Server: 

    semanage port -a -t http_port_t -p tcp 8005
semanage port -a -t http_port_t -p tcp 8080
semanage port -a -t http_port_t -p tcp 8009
semanage port -a -t http_port_t -p tcp 8443
    Copy to Clipboard Toggle word wrap

  6. Start the Tomcat service: 

    <JWS_home>/bin/startup.sh
    Copy to Clipboard Toggle word wrap

  7. Check the context of the running process expecting tomcat_<version>__t: 

    ps -eZ | grep tomcat | head -n1
    Copy to Clipboard Toggle word wrap

  8. To verify the contexts of the Tomcat directories, for example: 

    ls -lZ <JWS_home>/tomcat<version>/logs/
    Copy to Clipboard Toggle word wrap
Note

By default, the selinux policy provided is not active and the Tomcat processes run in the unconfined_java_t domain. This domain does not confine the processes, and it is recommended that you undertake the following security precautions if you chose not to enable the selinux policy provided:

  • Restrict file access for the tomcat user to only the files and directories that are necessary to the JBoss Web Server runtime.
  • Do not run Tomcat as the root user.
Retour au début
Red Hat logoGithubredditYoutubeTwitter

Apprendre

Essayez, achetez et vendez

Communautés

À propos de la documentation Red Hat

Nous aidons les utilisateurs de Red Hat à innover et à atteindre leurs objectifs grâce à nos produits et services avec un contenu auquel ils peuvent faire confiance. Découvrez nos récentes mises à jour.

Rendre l’open source plus inclusif

Red Hat s'engage à remplacer le langage problématique dans notre code, notre documentation et nos propriétés Web. Pour plus de détails, consultez le Blog Red Hat.

À propos de Red Hat

Nous proposons des solutions renforcées qui facilitent le travail des entreprises sur plusieurs plates-formes et environnements, du centre de données central à la périphérie du réseau.

Theme

© 2025 Red Hat