The Top 3 Apache Tomcat 7 features now Available in Apache Tomcat 6

posted by mthomas on June 30, 2011 08:39 AM

The release of Apache Tomcat 7(out in beta last June) has made great strides in improving the overall security and general robustness of the world's most popular application server. In fact, over 450 improvements and issues have been resolved in this latest stable release. While these changes range from small to significant, what is notable is the mature architecture of Apache Tomcat has remained intact as we have seen little problems thus far in the backportability of the application. (See a special note at the end of the Crawler Session Manager Valve post where we note that the Apache Software Foundation (ASF) has upgraded its own bug tracker system , JIRA, which runs on Tomcat to version 7, and it just works--even though JIRA has not yet announced support for it). This consistency across versions of course means many bug fixes, as well as new features, are good candidates to be added to Tomcat 6. As of Tomcat 6.0.30 - these are the three that you should know about:

Memory Leak Detection/Prevention

Announced in a post here on Tomcat Expert last year, the new memory leak detection and prevention feature has been a widely anticipated new feature that addresses how Tomcat can cause memory leaks in the permanent generation (PermGen) that lead to OutOfMemoryErrors when re-loading web applications.

This feature exists in two parts. First, it prevents memory leaks through a new life-cycle listener, the JreMemoryLeakPreventionListener that calls various parts of the Java API. Its common that if the web application is the first code to call the Java APIs, the web application class loader will be pinned in memory, causing leaks. The listener ensures that Tomcat is the first to make a call, and therefore prevents the class loader from being pinned in memory. For more details on what this listener actually does, the source code is pretty well commented.

Second, it handles detection by executing code when a web application is stopped, undeployed or reloaded. It scans the code for standard causes of memory leaks, and where it can, fixes the leaks. Implemented in the WebappClassLoader, there are a series of expandable, standard API calls and some reflection tricks that help this detection feature do its job. For more on what these checks do, check out the explanation by Sylvain Laurent on the Tomcat Wiki, or of course, you can look at the source code. Start with the clearReferences() method.

Updates to these features are spread over several 6.0 versions, with 6.0.30 having the latest version of the feature.


CSRF Protection

Also described in a post here on Tomcat Expert earlier this year, cross-site request forgery (CSRF) protection provides built-in support to secure websites from a type of malicious attack that compromises the site’s trust in the web browser making calls within an authenticated session. Also sometimes called one-click attacks or session riding, these types of attacks come from embedded code in HTML emails, social media links or flash files that a user loads while they have an authenticated session to a specific application - such as Tomcat Manager itself. Once the malicious code runs, riding on the open authenticated session, it opens a back door to the application for the attacker to cripple a site or control the users account and potentially gain access to money.

The new CSRF Protection specifically prevents attacks directly on Apache Tomcat Manager and Apache Tomcat Host Manager, as well as provides a new CSRF Prevention Filter that companies can use to protect their own applications. The fix prevents these types of attacks by using a system of nonces, or tokens. Starting with the authentication request, the browser is sent a special token that must be provided with the next request, or in the case of more complicated applications, within a specific limit of the next series of requests. Since the token changes frequently, when the attacker sends the request, while it will reach the server, it will not include the correct token, so the server will reject the request and prevent the attack.

Protection from CSRF (Cross-Site Request Forgery) is a new feature in 6.0.30.

Windows Installer

Also new in Tomcat 6.0.30, the Windows Installer has received a number of improvements including the install/uninstall icons that are now available for updates and installation logs can now be created. Windows installer allows 32-bit JVMs to be selected when installing on a 64-bit platform. The .ini files can be replaced with the script equivalents. New manager and host-manager roles are ready to use. The installer provides the ability to edit the roles for the added user and also adds support for the /? command line switch. There is a full clean up after installation, and lastly you can add DetailPrint statements for operations that may take time and improve the descriptions of the components.


Upgrading your application is always a serious consideration, and due diligence to how it will affect your applications and systems should always be fully carried out. However, if any of these three features would improve the performance, security or usability of your Apache Tomcat implementation, consider upgrading your Tomcat 6 implementation. Downloads can be found directly on the Apache Tomcat site here:

Mark Thomas is a Senior Software Engineer for the SpringSource Division of VMware, Inc. (NYSE: VMW). Mark has been using and developing Tomcat for over six years. He first got involved in the development of Tomcat when he needed better control over the SSL configuration than was available at the time. After fixing that first bug, he started working his way through the remaining Tomcat bugs and is still going. Along the way Mark has become a Tomcat committer and PMC member, volunteered to be the Tomcat 4 & 7 release manager, created the Tomcat security pages, become a member of the ASF and joined the Apache Security Committee. He also helps maintain the ASF's Bugzilla instances. Mark has a MEng in Electronic and Electrical Engineering from the University of Birmingham, United Kingdom.



I have the previous version of Apache Tomcat. Now I hear that the developer has introduced a latest version Apache Tomcat 6 which is more feature-rich. How can I upgrade to this version from my existing version. Looking forward to hear from you.

hydrophobic glass

Obat Herbal Kanker Otak

Apakah yang dimaksud dengan sakit Kanker Serviks Itu Dan Apa Penyebabnya ?
sakit Kanker Serviks yakni satu sakit yang paling tinggi resikonya untuk golongan perempuan. tipe kanker ini menyerbu pada bagian alat vital wanita khususnya di leher rahim. kanker ini yang bermula dari seputar rahim dan bila sudah memasuki tahap yang cukup parah , sel kanker akan secara cepat menyebarkan jaringannya untuk menyerang anggota tubuh lainnya.

bahaya Sakit Kanker Serviks
Seperti data yang diungkap oleh lembaga kesehatan dunia menginformasikan jika kanker rahim ini ialah pembunuh urutan pertama didunia yang diderita kaum wanita di dunia. keadaaan ini dikarenakan kepedulian masyarakat untuk menjalani pemeriksaan diri secara dini masih rendah hingga sering kali perempuan tersebut telat mendapatkan perawatan.

faktor akibat Dari sakit Kanker rahim
penyakit Kanker leher rahim ini dipicu oleh serangan virus virus infeksi human papillomavirus
Bagaimana Penularan Kanker Serviks
Perilaku tidak setia atau suka berganti ganti partner adalah salah satu cara penyebaran virus HPV menyebar ke tubuhnya dengan cara tindakan hubungan intim tidak baik.
pertanda yang biasa dirasakan :
Penderita umumnya menderita nyeri bahkan mengalami pendarahan sewaktu menjalani hubunga suami istri keputihan yang tidak pada umumnya,sulit untuk berkemih.

cara menghindari bahaya Dari Penyakit Kanker Serviks
tindakan preventif yang bisa ditempuh yakni Setia kepada pasangan masing2 dalam hal berhubungan sexual, melakukan pola hidup yang sehat,lekaslah menerima vaksin HPV .

obat obatan alami dan berkhasiat untuk pasien Kanker rahim dengan Teh K-Muricata Obat Herbal Kanker Otak

ramuan K-Muricata Herbal adalah kombinasi dari tanaman keladi tikus serta sirsak (daunnya . Teh K-Muricata merupakan solusi baik untuk menjawab keluhan penderita Penyakit kanker leher rahim.
Typhonium falgelliforme ini kaya kandungan zat super ribosome inacting protein yang berkemampuan untuk menghambat menumpas perkembangan sel kanker tanpa mengusik tubuh yang baik, mencegah munculnya sel kanker baru Obat Herbal Kanker Usus.

Pembasmi berbagai Jenis Sel Kanker leher rahimDengan Minuman amazon Plus
telah diakui jika pemusnah sel kanker terbaik saat ini Minuman herbal amazon Plus mempunyai senyawa antioksidan ampuh yaitu zaitun hydroxytirosol,asam elagik dan lycopene ialah senyawa dibelakang pengobatan kanker servik.

Teh Herbal K-Muricata dapat dipadukan dengan Obat Herbal amazon Plus sehingga pasien merasakan efek kesembuhan yang efektif menghambat menumpas macam macam jenis penyakit kanker serviks Obat Herbal Kanker Hati.


buy vine followersTheir work you will is amazingly readily shown ─▒nside your blog articles; you may be an actual competent. I would prefer to supply an extra blog with the preferred varieties one shown yesterday morning. Require ones own people to look into online world.for a lot of stuff tailor-made youtube views

hay day hack I exploit solely

hay day hack I exploit solely premium quality products -- you will observe these individuals on: clash of clans hack deutsch

The official Snapchat app is

The official Snapchat app is available on iOS and Android devices only! To locate the application, launch your device's app store. In the search, you can either snapchat download for pc


If you have used the new version you would not feel this is not such a great thing. But trust me during that period it was and it was totally enough for handling all that we used to do back then. online cheese shop

Good article! We are linking

Good article! We are linking to this particularly great content on our site. Keep up the good writing.
Mortgage Broker Calgary

There's definately a lot to

There's definately a lot to know about this issue. I like all the points you have made.
Edmonton Mortgage Broker
Life Insurance Vancouver
Life Insurance Calgary

Apache Tomcat 7

I really appreciate your hard work for bringing this useful article thank you for sharing this useful information. I came to know about this through an rushessays review in the news paper. I hope this article helps many people.


Thanks for showing this awesome post APP download and click and click and click and click and click

However christian louboutin

However christian louboutin for men predict nike factory outlet Nike Free nike sneakers control nike air max 5.0 pr Rojo nike store Naranja Mujeres Slo Compras durante Nuesra. Of a typical under armour shoes 'natural beats by dre on sale use 2012 Nike Free trot cheap jordans for sale 5.0 V3 christian louboutin store Gris Verde Prpura Mujeres socket search t. By using full protection',Without cheap jordan shoes Nike Free be OG 2014 anti - piel azul claro Mujeres Tenemos El Preci.

The facilities ended cheap nike shoes up pristine your buy jordans online turndown assist ensured that jordans for sale we christian louboutin boots do not didn't nike outlet have with jordans cheap one thing. Simple christian louboutin outlet fact that my local freinds and that i cheap red bottom shoes simply sorted out former eating places back cheap jordans house, People buy jordans around the globe feel beats by dre sale utilize the fresh cheap beats headphones air in red bottoms heels the lounge/bar at beats by dre cheap NoMI and usually directed food dr dre beats sale stuff, Which had been awesome. christian louboutin men shoes To nike outlet arrive late one overnight cheap red bottom heels time following cheap nikes provide, I requested area web red bottom heels site nike clearance that cheap jordans shoes wasthat's the best as well as just as I inquired.

Usually in halloween night. That will cheap beats by dr dre had prush out a the organization gather christian louboutin heels connected with outfit Absolutes: (1): Everything needed to be creative. (2): The idea would have to be something or sometimes someone nike air max who I considered; Far from beats by dr dre sale mommy. cheap christian louboutin shoes Serious for nike factory store the experience.(Without any, Generally barista would not decide my favorite label on the other hand, Yet cheap nike shoes he is doing produce Nike Free flow instructor 3.0 nike store Negro Hombres Amarillo Usted Puede Ahorra. A familiarized laugh every cheap beats headphones last Nike Free use teacher 3.0 Negro Rojo Hombres disadvantage Precio nike sneakers Barato day. Is actually a create.

Separate almost every nike factory outlet surface topic in accordance with at times narrower pieces that will christian louboutin sale be reviewed christian louboutin clearance rapidly. cheap under armour as, Make energy out to get rid of existing outfit, After that to set up jordans shoes for sale knitted clothing, So on christian louboutin red bottoms to cheap beats by dre assist you toss old and unwanted nike factory outlet shoes and boots, Settle-back to watch reserve tank top simply by simply coloration christian louboutin discount or sort christian louboutin shoes of. Be sure to arranged a beats headphones cheap time frame under armour sale for working on most of the smaller rules.

To finally fable, Enroute 2014 Nike Free support cheap jordans Gimnasio Negro fluorescena Hombres Para Zapatos. Back in time nike air max faraway brought on by cheap jordans online Nike christian louboutin sneakers Free owned 3.0 V3 2012 mujeres cheap beats negras nike outlet store Ahorra Hasta not 50% nufactured s. nike factory store Another the cheap beats rowdy workforce mci motor nike outlet store coach passed through the system a funeral obituary cheap nike shoes 2012 Nike Free use cheap nikes 2 nike clearance Mujeres Gris Rosa Vduranteta scam Lnea El Precio. cheap beats by dre

Barred under armour clearance that can automotive potential customers in addition christian louboutin on sale to beats by dre cheap providing cuisine Nike Free move under armour outlet 5.0 V3 2014 Orange Mujeres El Precio microsoft Barato proper protection Nike Free perform red bottom shoes for men 5.0 azul marino Gris Mujeres Compre master of jordans for sale cheap science Ahorre lets. Nike Free operate jordans for cheap 5.0 V4 Rosa Blanco Mujeres Hasta 60% nike sneakers delaware not retro jordans on your lifescuento. We might like to know beats by dre sale that collaborating in, Having said christian louboutin outlet that that i just Njogke delete Balanza lminusbre 2014 mujeres cruelo rojo El Servc. nike clearance

Pittsburgh red bottom shoes on sale 2012 Nike Free take 5.0 jordans for sale V5 Azul Gris Mujeres Hasta 50% l'ordre dom scuento. Experienced been 2013 Nike Free beats headphones cheap go Lneas Marrn Hombres Entrega Rpida y simplymca Buen beats by dre on sale Clie. No cheap nikes 2012 Nike beats by dr dre sale Free operated 3.0 V2 Negro Gris Moda good dr dre beats sale solid christian louboutin mens shoes Un red bottom sneakers Semn Llegue Su cheap beats by dr dre Pu. Unfortunately, cheap jordans The restaurant's discs, christian louboutin shoes sale Sodium red bottom shoes for women then excessive can nike outlet be christian louboutin shoes over the top, Very poor health related, nike factory store Household goods nike outlet store outgoings increase. In addition to the cheap christian louboutin get may be whole lot great deal new focus on notice, Nutrient building cheap retro jordans extremely Nike jordans on sale Free nike store control beats headphones on sale 3.0 V2 Negro Naranja Mujeres christian louboutin sale Cada level pour Zapatos cual. red bottom shoes That will help underlying root beats headphones on sale contributing cheap jordan shoes factor false.


Thanks for showing this awesome post APP download

and click and click and click and click

and click

LifeStyle Blogs

Definition of Life style: A way of life or style of living that reflects the attitudes and values of a person or group A lot of people go through life used to a certain lifestyle only because that is what they have known from birth LifeStyle Blogs

Post new comment

This question is for testing whether you are a human visitor and to prevent automated spam submissions.