Overview Edit

What is Ant WebUI Edit

Ant WebUI is a web interface for launching and scheduling Apache Ant tasks. Makes efficient use of Ajax to make things easier. Originally created by Lingway in order to monitor, start or restart services remotely without any administrator knowledge.

Requirements Edit

Ant WebUI has been tested on an Apache Tomcat 5.5 application server but should work on any Java 5 based application server.

Installation Edit

Deploying the web application Edit

First of all download the web application from the SourceForge project downloads. A release consists of a zip file containing the WAR file and the configuration file. Copy the antwebui.war file to your webapps directory. If your server is not configured to automatically deploy applications, restart your server. Please note that the application will not work until you have setup its configuration.

Configuring the projet repository Edit

Ant WebUI is built so that configuration is separated from the application itself. This allows safer updates and makes the application logic cleaner. Therefore, if you do not setup the configuration of the application first, the application will not start. For a standard configuration, copy the configuration.jar file to the antwebui/WEB-INF/lib directory. However, it is safer to review the configuration file included in the configuration.jar file. For now, configuration is quite easy as it consists in two parameters :

  • the directory where Ant projects will be stored
  • the XML file describing tasks scheduling

Editing the configuration file Edit

The configuration file consists, for now, of a single bootstrap.xml file included in the configuration.jar file. The simplest way of editing the file, if you are not aware of the JAR format, is to rename the file from .jar to .zip, as the formats are compatible. The boostrap.xml file conforms to the Spring application context XML configuration syntax. Open the file and adjust the settings to your needs, editing the projectDirectory and scheduleFile properties :

<?xml version="1.0" encoding="UTF-8"?>
  ~ Copyright 2007 Lingway
  ~ Licensed under the Apache License, Version 2.0 (the "License"); you may not
  ~ use this file except in compliance with the License. You may obtain a copy
  ~ of the License at
  ~ Unless required by applicable law or agreed to in writing, software
  ~ distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
  ~ WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
  ~ License for the specific language governing permissions and limitations
  ~ under the License.

<beans xmlns=""

	<import resource="classpath:com/lingway/webapp/antui/conf/ui/echo2-setup.xml"/>

	<!-- services definition -->
	<bean id="schedulingService" class="com.lingway.webapp.antui.service.impl.SchedulerService">
		<property name="scheduler">
			<bean id="scheduler" class="org.springframework.scheduling.quartz.SchedulerFactoryBean"/>

	<bean id="antService" class="com.lingway.webapp.antui.service.impl.AntProjectService">
		<property name="dao">
			<bean class="com.lingway.webapp.antui.dao.impl.AntProjectFromFSDao">
				<property name="projectsDirectory" value="/tmp/antrepo"/>

	<bean id="antTaskSchedulingService" class="com.lingway.webapp.antui.service.impl.AntTaskSchedulingService" init-method="initScheduler">
		<property name="antProjectService" ref="antService"/>
		<property name="schedulerService" ref="schedulingService"/>
		<property name="dao">
			<bean class="com.lingway.webapp.antui.dao.impl.SchedulesFromFileDao">
				<property name="scheduleFile" value="/tmp/antrepo/schedules.xml"/>

Note that for the same reasons as we separate the configuration file from the application, it is not recommanded to set the projects directory and schedules file withing your web application directory (you would loose data).

Before you proceed Edit

Understanding the logic Edit

Ant WebUI was primarily made to have a nice replacement for ssh logins, simple monitoring and so on. We wanted to have some way to launch commands remotely without having to login. We found that using Apache Ant as a scripting language was nice as is it task based, and allows exactly what we want to do. Ant WebUI also includes the SSH Ant plugin. As Ant WebUI is still in early stages, you are currently limited on running tasks which are defined in a single XML project file, and do not depend on external resources (other resources than the project file itself).

Security Edit

As you may understand, allowing someone to run arbitrary Ant tasks should, and must, be considered as a potential security hole. Once a user has access to the Ant WebUI interface, he may upload any Ant project file, and therefore run arbitrary commands on the application server. Having this in mind, you should either :

  • consider that you know what you are doing and heavily trust your security settings and firewall rules
  • consider running the application server as its own user and group

We strongly suggest you to take the second solution. Running an application with its own user and group is always a good idea, as you strongly limit its rights over the system. By doing this, you must also be aware that you will seriously restrict the number of commands Ant WebUI will be able to launch.

Advanced security Edit

Ant WebUI does not, as today, offer any security in terms of login, tasks execution, ... You must entirely rely on your application server configuration (realms for Tomcat) and system security (Tomcat runs as its own user). Therefore, if Tomcat runs as tomcat user, it will not be allowed to perform things like rm -Rf /. That's a point. But what if you really want to run a task as root, with Ant WebUI, without lowering security ? We see two solutions. Either :

  • add the tomcat user to the sudoers list : but doing this is just like granting full access to the system to Tomcat. If you want to do so, you could definitely run Tomcat as root...
  • use the sshexec Ant task instead of the standard exec command. Doing this, you will limit the commands you run as root explicitely. As you'll read later on, however, there are some drawbacks on using this method.

So as you may understand, Ant WebUI is just as powerful as it could be dangerous. Having this in mind, you should read on, and find out how easy it is to use.

Using the web interface Edit

Open your browser at the following address : http://localhost:8080/antwebui/ (replace localhost with your server address). If you configured Ant WebUI properly, should should see a welcome windows appear. Click on the ok button, and a menu bar will appear. In the menu, select the very first item (Tasks manager -> Ant manager), and you should see the following :


This is the main view of the application. It allows you to :

  • upload a new project file
  • launch an uploaded project
  • launch an specific task of an uploaded project
  • schedule a task
  • schedule a project

The following features are not yet implemented but scheduled for addition :

  • edit an existing project file
  • delete a project file

Uploading a new project Edit

This is where you should start from. Uploading a project file consists of sending to the server a valid Ant project file. Please be aware that the current view will never show you any misspelled / problematic ant file, so be careful (you may consult the server log in order to have more information if upload fails). To upload a new project, just click on the "Add" button, then select your Ant file. The project will automatically be loaded.\\\\ Note that you must have properly configured the projects directory in order to have it work correctly (please check that the application server has read/write rights on this directory). If you want to edit an existing project, you'll have, after it beeing uploaded, to edit the project file directly into this directory.\\\\ Here's a sample Ant project file :

<?xml version="1.0"?>
<project name="Commands which run locally" default="hello" basedir=".">

	<target name="hello">
		<echo message="Hello, Word!"/>

	<target name="ps" description="Calls the Unix command ps">
		<exec executable="ps"/>

    <target name="tail-tomcat-log" description="Tails the last 100 lines from Tomcat log">
        <exec executable="tail">
            <arg value="-100"/>
            <arg value="/var/log/tomcat/catalina.out"/>

    <target name="spawned-command" description="A target which should be ran with the spawn attribute">
        <exec executable="/etc/init.d/server" spawn="true">
            <arg value="restart"/>

The previous file defines 4 tasks :

  • The classical "Hello, World !"
  • ps, which outputs the result of the "ps" command (Linux)
  • the result of the tail command over the tomcat log
  • a command which should be run with the spawn attribute set to true (explanation follows)

Executing commands on the host Edit

Executing a command on the host is made thanks to the exec Ant task. Due to the web environment limitations, you must be aware of what you do when calling such commands :

  • processes will be spawned by the user of the application server (root or tomcat, depending on your setup)
  • most important, if you do not set the spawn attribute to true, the web application will hang until the child process ends. This means that if you launch an application remotely using this command, you must use the spawn attribute, unless you wish your client to hang forever. Note that the process will not end up if you close your client, which, in some circumstances, may be hazardous.

Executing a command as superuser in an unpriviledged environment Edit

Most likely, you'll come to a situation where you'll want to launch commands as a superuser while your web application server runs as its own user. We've previously said that it is not recommanded to add the application server to the sudoers list. Therefore, we recommand, where possible, using the sshexec command. The sshexec task does quite the same as the exec one, but makes uses of an SSH server. Therefore, if your host does not run a SSH server, this solution will not suit your needs. If so, you may proceed. Here's a sample sshexec task :

<sshexec host="localhost" username="root" password="pazzroot" command="/etc/init.d/myserver restart" trust="true"/>

This will help you, but there are some serious drawbacks:

  • you must provide a valid login / password couple in your Ant file (so be careful that the projects directory is not readable by everyone)
  • the sshexec command does not support the spawn attribute, so it must end up correctly. You may use the timeout attribute

Scheduling a task Edit

Last but not least, you'll now learn how to schedule tasks. You may schedule tasks/projects :

  • at application startup : when scheduling a task at startup, the tasks will be started when Ant WebUI will be started. This allows replacing calls to /etc/init.d scripts (in Linux) or services (Linux/Windows).
  • at fixed rates/dates/... : Ant WebUI makes use of the Quartz scheduling framework, which allows you to enter crontab-like expressions in order to schedule tasks.

If you choose to schedule a task, you'll need to look at the Cron Triggers Quartz cron expression syntax Tutorial in order to be able to schedule tasks properly.

Feature requests Edit

  • deleting an existing project
  • editing an existing project directly
  • package project so that it can be bundled with its own additional classes, jars, configuration files, ...
Community content is available under CC-BY-SA unless otherwise noted.