Change Tomcat for External Access

30 minutes
  • 4 Learning Objectives

About this Hands-on Lab

Welcome to this hands-on lab for Changing Apache Tomcat, a Java-based application platform built around deploying and managing Java Web Applications, so that it’s accessible via the internet.

The provided server runs Red Hat Enterprise 8 and has Tomcat 9 pre-installed for you, available on port **8080** at the server’s public IP address.

Once you have completed the task you will need to test, to ensure you get prompted for a username and password in the Tomcat interface.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Test to Ensure You Can Access the Preconfigured Tomcat Instance by Using the Server’s Public IP Address and Port 8080

It may take from 3 to 10 minutes after the hands-on lab has started before you can access the Tomcat server on Port 8080.

To access the server, use its external IP address (found on the hands-on lab overview page) in the URL bar of a web browser, then append :8080 to it.

For example, if the server’s external IP address was, then you would put the following into your web browser:

Test to ensure you are unable to access the Host Manager App on the Tomcat GUI.

Log into the Server and Change the Configuration File to Allow Internet Access to the Host Manager App via the GUI

Note: Tomcat is installed under /usr/local/tomcat9.

You will log into the server’s console (not the web GUI) and make the changes required for opening up the access.

The file you need to edit is /usr/local/tomcat9/webapps/host-manager/META-INF/context.xml.

Find the line with this item:

allow="127.d+.d+.d+|::1|0:0:0:0:0:0:0:1" />

Replace it with the following:

allow="127.d+.d+.d+|::1|0:0:0:0:0:0:0:1|.*" />

Save the file and exit.

Connect to the Tomcat GUI

With a web browser, connect to your server on port 8080. If your server IP address was, then you would use the following (note that your IP Address will likely be different):

You should now see the Tomcat GUI.

Check That You Are Prompted for a Password

Go to the Host Manager App. You should be prompted for a password. If you get a password prompt, then the hands-on lab is a success.

If you get a 403 Access Denied error, then you were not successful. Please troubleshoot to find the problem.

Additional Resources

Your department has engaged a third party to do some testing of applications on a development Tomcat server, and will need to be able to manage this server's Tomcat instance remotely.

Since the third party doesn't have access to your internal network, your company has decided to allow them remote access to this Tomcat server from anywhere on the internet.

The server is already configured, but you have been tasked with making the final changes to allow the remote access.

Perform the tasks as mentioned in the tasks list.

A successful hands-on lab will have you able to see the login prompt for the Host Manager App.

Logging In

Use the credentials provided on the hands-on lab overview page, and log in to the provided server as cloud_user. Note that this is for connecting to the server, not the Tomcat GUI.

Note: It may take 3 to 10 minutes after the hands-on lab has started before you are able to log into the server. This is fine and will not affect the performance of the tasks for the hands-on lab.

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?