Linux – Run apache tomcat on port 80


By default apache tomcat runs on port 8080.

Instead of running tomcat on port 8080, we can also run it on port 80.

Run following command as root user in machine you want make tomcat to work on port 80.

$ iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to-destination :8080

Above command is using Port Forwarding technique, where all requests coming to port 80 on eth0 are forwarded to port 8080.

Advantage of port forwarding technique is security. Since port numbers 0 to 1023 are privileged ports its not suggested to give direct access to no root users.

Now test tomcat on your machine with ip address or localhost



Either of the above command will get the response from  tomcat ROOT webapp.


Java difference between Xms and Xmx


There are 2 options specify memory/heap size in java:

  1. -Xms: It sets initial (minimum) heap size for JVM. This means that when you start your program the JVM will allocate this amount of memory instantly.
  2. -Xmx: It sets maximum memory size that the heap can reach for the JVM.

Export Heap size in Linux:

$ export JAVA_OPTS="-Xms256m -Xmx512m"

Above command will set minimum heap size as 256MB, and maximum  heap size as 512MB.

Set Heap size for tomcat in Linux:

Add following line in TOMCAT_HOME/bin/ file

JAVA_OPTS="-Xms512m -Xmx2048m"

After adding restart your tamcat. It will will set minimum heap size as 512MB, and maximum  heap size as 2048MB for your tomcat.


Tomcat basic authentication with username and password

To enable basic authentication with tomcat we need to tweak 2 xml file.

  • tomcat-users.xml in TOMCAT_HOME/conf/
  • web.xml in your webapp for which you want to enable basic authentication.

Add following lines of code in tomcat-users.xml

<?xml version='1.0' encoding='utf-8'?>
  <role rolename="tomcat"/>
  <user username="myname" password="mypassword" roles="tomcat"/>

where myname is username and password is the password for the user. You can change the rolename, username, and password as you wish.

In web.xml of you webapp add following lines of code:

                      Wildcard means whole app requires authentication

		<!-- transport-guarantee can be CONFIDENTIAL, INTEGRAL, or NONE -->


If you see above config we specified role-name. We can define multiple role names in tomcat-user.xml. Each role name will have a different user name and password.

After you done with changes restart tomcat and access your webapp for testing, it should ask for authentication.


By Sandeep Posted in tomcat

Tomcat enable directory listings


To enable directory listing in individual webapp you need add following configuration in web.xml of your webapp.



To make global change add above configuration in TOMCAT_HOME/conf/web.xml

After adding above lines just try to to browse your webapp directory to test directory listing functionality.


By Sandeep Posted in tomcat

Enable gzip compression in tomcat

Apache tomcat will support gzip compression. The advantage of compression is the output response will be compressed 6 to 10 times.

To enable gzip compression you need to add some additional properties in $APACHE_TOMCAT_HOME_HOME/conf/server.xml file.

Open conf/server.xml from your tomcat home directory with any text editor.

Search for “Connector port=”8080″”, line at this content will look like as shown below.

<Connector port="8080" protocol="HTTP/1.1"
redirectPort="8443" URIEncoding="UTF-8" />

To enable compression you need to add following 3 line as:


Where compressionMinSize is in bytes (compresses response above this size only), and compressableMimeType is to specifiy comma separated mime types.

After adding above 3 lines the connector block will appear as shown below:

<Connector port="8080" protocol="HTTP/1.1"
redirectPort="8443" URIEncoding="UTF-8"
compressableMimeType="text/html,text/xml" />

After adding this properties to test this function just restart tomcat.