Solved

How do I change tha admin console port from Tomcat?

Posted on 2011-09-09
7
975 Views
Last Modified: 2012-06-22
Good day experts

I currently have Apache Tomcat 5.5.27 installed on a Linux SLES10 SP2, and a configured administration console at http://xxxxx:8080 where I usually do the admin for my apps.

Is there any way to change the port for the administration console, for example http://xxxx:9999?

Thanks in advance
0
Comment
Question by:Arrismog
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 38

Expert Comment

by:wesly_chen
ID: 36513936
In $TOMCAT_HOME/conf/server.xml (or $CATALINA_HOME/conf/server.xml)
change
----------
    <Connector port="8080"
..
-----------
to
-----------
    <Connector port="9999"
...

Then restart tomcat.
0
 
LVL 38

Expert Comment

by:wesly_chen
ID: 36513943
If you don't know where is $CATALINA_HOME, then
as "root"
find /  -type f  -name  server.xml
0
 

Author Comment

by:Arrismog
ID: 36514126
@wesly_chen:
Doing so will force my other user apps installed under webapps to use 9999, is there any way to make only the admin console to listen to 9999 while the others keep listening under 8080? Just like in websphere, where the default port for the admin console is 9060 and the other installed apps listen at 8080 (this way I could filter port 9060 by specific ip via iptables). I would like to filter access to the tomcat console  by ip address without disrupting user app access, so I was thinking of separating admin console and user apps by different ports (and then filter them with iptables)
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 38

Expert Comment

by:wesly_chen
ID: 36514617
Instead of changing from 8080 to 9999, you can duplicate

 <Connector port="9999"
               maxHttpHeaderSize="8192"
               maxThreads="150"
               minSpareThreads="25"
               maxSpareThreads="75"
               enableLookups="false"
               acceptCount="300"
               connectionTimeout="10000"
               maxKeepAliveRequests="-1"
               disableUploadTimeout="true" />

in server.xml.
Then you can listen on both port.
or you can add https for port 9999
 <Connector port="9999"
               maxHttpHeaderSize="8192"
               maxThreads="150"
               minSpareThreads="25"
               maxSpareThreads="75"
               enableLookups="false"
               acceptCount="300"
               connectionTimeout="10000"
               maxKeepAliveRequests="-1"
               disableUploadTimeout="true
               scheme="https"
               secure="true"
               clientAuth="false"
               sslProtocol="TLS"
               keystoreFile="./conf/keystore.tomcat.pkcs12"
               keystorePass="passw0rd"
               keystoreType="PKCS12
"  />
0
 

Author Comment

by:Arrismog
ID: 36514764
@wesly_chen:
But the admin console would still be available through port 8080 right? What I need (if possible) is the following:

1. Admin console from tomcat be available "only" at port 9999 (http://iptest:9999/, not http://iptest:8080/)
2. Other webapps deployed be available "only" at port 8080 (default)

Or any other way to keep all user webapps that are deployed "visible" ,  and the admin console "ONLY visible" to ip 10.111.111.111 and ip 10.111.222.222  (which I was thinking by filtering it via iptables once they were listening at different ports):

>>iptables -A INPUT -p tcp --ddport 9999 -s 10.111.111.111 -j ACCEPT
>>iptables -A INPUT -p tcp --ddport 9999 -s 10.111.222.222 -j ACCEPT
>>iptables -A INPUT -p tcp --ddport 9999 -j DROP
0
 
LVL 38

Accepted Solution

by:
wesly_chen earned 500 total points
ID: 36514779
Here is the way to secure the management.
Tomcat Security:
http://www.unidata.ucar.edu/projects/THREDDS/tech/reference/TomcatSecurity.html
Restrict Access to Tomcat Manager Applications
0
 

Author Closing Comment

by:Arrismog
ID: 36523931
Exactly what I was looking for!! Thanks a lot!

You made my day sir
0

Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Nagios 4.0.8 ack_no_sticky=1 not working 7 18
Can't connect to FTP 18 159
Exchange Server Send connector and DNS Round Robin ? 6 77
check the file dates in unix 14 77
The purpose of this article is to demonstrate how we can use conditional statements using Python.
If you are a web developer, you would be aware of the <iframe> tag in HTML. The <iframe> stands for inline frame and is used to embed another document within the current HTML document. The embedded document could be even another website.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question