In this post you will learn how to configure access to Tomcat trough an Apache virtual host on port 80 with mod_proxy_ajp.
The Tomcat webapp will be available on
The Apache static content (css, javascript, etc.) will be available on

First install Java JRE 7. You can download it on

rpm -ivh jre-7u10-linux-x64.rpm
java -version

The following errors are « normal » and have no consequences:

Error: Could not open input file: /usr/java/jre1.7.0_10/lib/rt.pack
Error: Could not open input file: /usr/java/jre1.7.0_10/lib/jsse.pack
Error: Could not open input file: /usr/java/jre1.7.0_10/lib/charsets.pack
Error: Could not open input file: /usr/java/jre1.7.0_10/lib/ext/localedata.pack


Install Tomcat 7 (You can download it on

cd /opt
chmod -R +x apache-tomcat-7.0.34/bin/


Configure Tomcat 7 as a service

cd /etc/init.d
vi tomcat

Put the following content in the tomcat init file. Change JAVA_HOME and CATALINA_HOME with your version number:

# description: Tomcat Start Stop Restart
# processname: tomcat
# chkconfig: 234 20 80
export JAVA_HOME
export PATH

case $1 in



exit 0

Add the init script and activate it on startup for runlevel 2, 3 and 4:

chmod 755 tomcat
chkconfig --add tomcat
chkconfig --level 234 tomcat on


Configure Tomcat access manager (if needed)

vi /opt/apache-tomcat-7.0.34/conf/tomcat-users.xml
<role rolename="manager-script"/>
<role rolename="manager-gui"/>
<role rolename="admin-gui"/>
<user username="admin" password="mybestpassword" roles="manager-gui,admin-gui,manager-script"/>


Start Tomcat

service tomcat start

Open port 8080 in iptables:

vi /etc/sysconfig/iptables
-A INPUT -m state --state NEW -m tcp -p tcp --dport 8080 -j ACCEPT

Now try in your browser : Tomcat is ready to work on port 8080.


Install and configure Apache

yum install httpd
chkconfig httpd on
service httpd start

Activate name-based virtual hosting:

vi /etc/httpd/conf/httpd.conf
# Use name-based virtual hosting.
NameVirtualHost *:80
# NOTE: NameVirtualHost cannot be used without a port specifier
# (e.g. :80) if mod_ssl is being used, due to the nature of the
# SSL protocol.


Configure mod_proxy_ajp (Should already be enabled by default)

vi /etc/httpd/conf/httpd.conf
LoadModule proxy_ajp_module modules/


Create a virtual host for tomcat throught mod_proxy_ajp

cd /etc/httpd/conf.d/
rm welcome.conf
vi tomcat.conf
<VirtualHost *:80>

       ProxyRequests Off
       ProxyPreserveHost On

       ErrorLog /var/log/httpd/tomcat.error.log
       CustomLog /var/log/httpd/tomcat.log combined

       <Proxy *>
               Order deny,allow
               Allow from all

       ProxyPass / ajp://localhost:8009/
       ProxyPassReverse / ajp://localhost:8009/

Restart Apache:

service httpd restart

Open port 80 in iptables:

vi /etc/sysconfig/iptables
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT

Try in your browser : You can access tomcat through Apache on port 80.



Create a virtual host for static content in Apache

cd /etc/httpd/conf.d
vi static.conf
<VirtualHost *:80>
    DocumentRoot /var/www/html/static

       <Directory />
               Options FollowSymLinks
               AllowOverride None
               deny from all

       <Directory /var/www/html/static>
               Options Indexes FollowSymLinks MultiViews
               AllowOverride None
               Order allow,deny
               allow from all

Now create a directory with your static content:

mkdir /var/www/html/static

And put your static content inside, like style.css:

vi style.css

Restart Apache:

service httpd restart

Try in your browser : That’s a good way to access your static content like pictures, css, javascript, etc. through an Apache virtual host.

You can disable TCP 8080 in your iptables firewall.

That’s all folk

Source 1 (fr) :
Source 2 (en) :
Source 3 (en) :
Source 4 (en) :