Tomcat

The official Tomcat Docker image returns a 404 by default — no webapps are loaded. Two approaches to fix this:

Manual Setup

N/ABASH
docker run -d -p 8888:8080 --name tomcat1101 --hostname tomcat1101 tomcat:11.0.1
docker exec -it tomcat1101 bash
 
# Copy landing page and manager app
cp -r /usr/local/tomcat/webapps.dist/ROOT/ /usr/local/tomcat/webapps/ROOT
cp -r /usr/local/tomcat/webapps.dist/manager /usr/local/tomcat/webapps/manager
 
# Allow manager access from all IPs
sed -i 's/allow="[^"]*"/allow=".*"/' /usr/local/tomcat/webapps/manager/META-INF/context.xml
 
# Add admin user
sed -i '/<\/tomcat-users>/d' /usr/local/tomcat/conf/tomcat-users.xml
echo '  <role rolename="manager-gui"/>' >> /usr/local/tomcat/conf/tomcat-users.xml
echo '  <role rolename="admin-gui"/>' >> /usr/local/tomcat/conf/tomcat-users.xml
echo '  <user username="admin" password="admin" roles="manager-gui,admin-gui"/>' >> /usr/local/tomcat/conf/tomcat-users.xml
echo '</tomcat-users>' >> /usr/local/tomcat/conf/tomcat-users.xml

Dockerfile

DockerfileDOCKERFILE
FROM tomcat:11.0.1 as build
 
RUN mkdir -p /usr/local/tomcat/webapps/ROOT && \
    cp -r /usr/local/tomcat/webapps.dist/ROOT/* /usr/local/tomcat/webapps/ROOT && \
    cp -r /usr/local/tomcat/webapps.dist/manager /usr/local/tomcat/webapps/manager && \
    sed -i 's/allow="[^"]*"/allow=".*"/' /usr/local/tomcat/webapps/manager/META-INF/context.xml && \
    sed -i '/<\/tomcat-users>/d' /usr/local/tomcat/conf/tomcat-users.xml && \
    echo '  <role rolename="manager-gui"/>' >> /usr/local/tomcat/conf/tomcat-users.xml && \
    echo '  <role rolename="admin-gui"/>' >> /usr/local/tomcat/conf/tomcat-users.xml && \
    echo '  <user username="admin" password="admin" roles="manager-gui,admin-gui"/>' >> /usr/local/tomcat/conf/tomcat-users.xml && \
    echo '</tomcat-users>' >> /usr/local/tomcat/conf/tomcat-users.xml
 
FROM tomcat:11.0.1
 
COPY --from=build /usr/local/tomcat/webapps /usr/local/tomcat/webapps
COPY --from=build /usr/local/tomcat/conf /usr/local/tomcat/conf
 
EXPOSE 8080
 
CMD ["catalina.sh", "run"]
N/ABASH
docker build -t tomcat1101 .
docker run -d -p 8888:8080 --name tomcat1101 tomcat1101

Access at http://localhost:8888 — manager at /manager/html with admin:admin.

Disclaimer

All content published on exploit.se is intended strictly for educational and informational purposes. Research is conducted responsibly under coordinated disclosure principles.

Techniques, tools, and writeups shared on this site are meant to advance the security community's understanding of vulnerabilities and defences. They are not intended to encourage or enable unauthorised access to any system.

The author bears no responsibility for any misuse of information presented here.

Cookie Settings

This site does not use cookies, analytics, or any third-party tracking technologies.

No personal data is collected. No fingerprinting. No ads. You are not the product.


 ██╗ ██████╗ ███████╗██╗███████╗███╗   ██╗██████╗
 ██║██╔═══██╗██╔════╝██║██╔════╝████╗  ██║██╔══██╗
 ██║██║   ██║█████╗  ██║█████╗  ██╔██╗ ██║██║  ██║
 ██║██║   ██║██╔══╝  ██║██╔══╝  ██║╚██╗██║██║  ██║
 ██║╚██████╔╝██║     ██║███████╗██║ ╚████║██████╔╝
 ╚═╝ ╚═════╝ ╚═╝     ╚═╝╚══════╝╚═╝  ╚═══╝╚═════╝
You found me.
↑↑↓↓←→←→ B A  ·  click to close