How to install Tomcat 6 on RHEL 6 or CentOS 6

Here are some steps to install Tomcat 6 on Red Hat 6 (or CentOS 6).

 

First we are going to prepare the repository:


yum install yum-priorities
rpm -Uvh http://apt.sw.be/redhat/el6/en/x86_64/rpmforge/RPMS/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm
rpm -Uvh http://download.fedora.redhat.com/pub/epel/6/x86_64/epel-release-6-5.noarch.rpm
rpm -Uvh http://mirrors.dotsrc.org/jpackage/6.0/generic/free/RPMS/jpackage-utils-5.0.0-7.jpp6.noarch.rpm

Next we will install Java and Tomcat 6:


yum -y install java
yum -y install tomcat6 tomcat6-webapps tomcat6-admin-webapps

Finally we can launch Tomcat 6:


service tomcat6 start

To connect to Tomcat, just browse to port 8080 on the server, for example:


http://127.0.0.1:8080/

Here are a couple of diagnostic commands to test that Tomcat is running:

# service tomcat6 status
tomcat6 (pid 17318) is running... [ OK ]
# netstat -nlp|grep 800
tcp 0 0 0.0.0.0:8009 0.0.0.0:* LISTEN xxxxx/java
tcp 0 0 127.0.0.1:8005 0.0.0.0:* LISTEN xxxxx/java
# netstat -nlp|grep 8080
tcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN xxxxx/java

File Structure

The Red Hat file structure is different than the default file structure Tomcat 6 has when installing from source. Here is the file structure that is used when installing with this method:

/etc/tomcat6 (this is where the main tomcat config files reside)
/usr/share/doc/usr/share/tomcat6
/usr/share/tomcat6/bin
/usr/share/tomcat6/conf
/usr/share/tomcat6/lib
/usr/share/tomcat6/logs
/usr/share/tomcat6/temp
/usr/share/tomcat6/webapps
/usr/share/tomcat6/work
/var/cache/tomcat6
/var/cache/tomcat6/temp
/var/cache/tomcat6/work
/var/lib/tomcat6 (this is where you will add and/or change most of your files)
/var/lib/tomcat6/webapps
/var/log/tomcat6

Here is an article that explains how to add support for JConsole debugging and/or monitoring to Tomcat:
https://wiki.internet2.edu/confluence/display/CPD/Monitoring+Tomcat+with+JMX


How to protect Cognos 10 app server

Problem: Protecting Cognos 10 App Server

The Cognos 10 application runs within an application server. As a result it is vulnerable to attacks over the Internet through the open ports for WWW traffic.

Here are some notes on CAF.

Ant

http://publib.boulder.ibm.com/infocenter/caapps/v8r4m0/topic/com.ibm.swg.im.cognos.inst_apps.8.4.0.doc/inst_apps_i_cnfg_CAF.html

You can track firewall activity by checking the log file, which contains rejected requests only. If firewall validation fails, you can check the log file to find where the failure occurred. By default, log messages are stored in the c8_location/logs/cogserver.log file. In a gateway-only installation, the file is named caf.log. If you configure a destination for log messages, IBM Cognos Application Firewall log messages are sent to the specified destination.

IBM Cognos Application Firewall also has a Secure Error feature, which gives administrators control over which groups or users can view detailed error messages. For more information, see the IBM Cognos 8 Administration and Security Guide.