Enable Remote Debugging on Tomcat Instances

If a developer or other user requests "remote debugging" be enabled on a Tomcat instance, follow the below procedure to allow them to connect using Eclipse or Netbeans to debug an application.

 

  1. SSH to the requested Tomcat instance.
  2. Under /usr/share/tomcat6/conf modify the tomcat6.conf file
  3. Add the below lines to the file using a text editor like VIM or Nano.

    #Extra arguments for remote debugging. Uncomment these to ENABLE remote debug access.
    CATALINA_OPTS="${CATALINA_OPTS} -Xdebug -Xrunjdwp:transport=dt_socket,address=8000,server=y,suspend=n"
  4. Make sure to save the file, then restart the Tomcat instance.
  5. While the instance is starting, you should see references to "DEBUG" in the catalina.out log "Listening for transport dt_socket at address: 8000"
  6. Can be verified from outside the system. Command nmap -PN should return "8000/tcp open http-alt"
  7. Once the developer has completed debugging, you can either comment out the "catalina_opts" line (so it can be uncommented for future debugging), or remove it altogether. Commenting out is preferred.
  8. Restart Tomcat instance again to take it out of debug mode.

 

IMPORTANT: If you have enabled debug mode and the developer claims they are receiving an "access denied" message. Ensure that the firewall is not blocking port 8000 (or whatever debug port you chose). Check with the network team to see that the firewall rules and iptable settings on the node are configured to allow access.



 

Â