TomcatExpert

Blogs

Blog : Apache Tomcat 7.0.12 Released

posted by Stacey Schneider on April 6, 2011 11:20 AM

Announced this afternoon by the Apache Tomcat team:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

The Apache Tomcat team announces the immediate availability of Apache Tomcat 7.0.12.

Apache Tomcat 7.0.12 includes bug fixes and the following new features compared to version 7.0.12:

  • initial support for SPNEGO/Kerberos authentication (also referred to as Windows authentication);
  • provide a new configuration option to define a close method to call on a JNDI resource when it is no longer required;
  • optional support for pre-emptive authentication.

Please refer to the change log for the list of changes:
http://tomcat.apache.org/tomcat-7.0-doc/changelog.html

Known issues:

  • HTTP pipelining is likely to fail with 505 errors with the HTTP BIO connector (bug 50957). The other connectors (HTTP NIO, HTTP APR/native, AJP BIO & AJP APR/native) are not affected.

Note that this version has 4 zip binaries: a generic one and three bundled with Tomcat native binaries for Windows operating systems running on different CPU architectures.

Downloads:
http://tomcat.apache.org/download-70.cgi

Migration guide from Apache Tomcat 5.5.x and 6.0.x:
http://tomcat.apache.org/migration.html

Thank you,

-- The Apache Tomcat Team

Read More

0 comments   |  

0
Rating
  |  

Developers, Operations | Tomcat 7, Tomcat Security

Blog : Apache Tomcat 7.0.11 Released

posted by Stacey Schneider on March 11, 2011 09:17 AM

Announced this afternoon by the Apache Tomcat team:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

The Apache Tomcat team announces the immediate availability of Apache Tomcat 7.0.11.

Apache Tomcat 7.0.11 is primarily a security fix release with a small number of additional bug fixes compared to 7.0.10.

Please refer to the change log for the list of changes:
http://tomcat.apache.org/tomcat-7.0-doc/changelog.html

Note that this version has 4 zip binaries: a generic one and three bundled with Tomcat native binaries for Windows operating systems running on different CPU architectures.

Downloads:
http://tomcat.apache.org/download-70.cgi

Migration guide from Apache Tomcat 5.5.x and 6.0.x:
http://tomcat.apache.org/migration.html

Thank you,

-- The Apache Tomcat Team

Read More

1 comments   |  

0
Rating
  |  

Developers, Security | Tomcat 7

Blog : Apache Tomcat 7.0.10 Released

posted by Stacey Schneider on March 8, 2011 02:10 PM

Announced this afternoon by the Apache Tomcat team:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

The Apache Tomcat team announces the immediate availability of Apache Tomcat 7.0.10.

Apache Tomcat 7.0.8 is primarily a security and bug fix release with numerous fixes compared to 7.0.8.

Please refer to the change log for the list of changes:
http://tomcat.apache.org/tomcat-7.0-doc/changelog.html

Note that this version has 4 zip binaries: a generic one and three bundled with Tomcat native binaries for Windows operating systems running on different CPU architectures.

Downloads:
http://tomcat.apache.org/download-70.cgi

Migration guide from Apache Tomcat 5.5.x and 6.0.x:
http://tomcat.apache.org/migration.html

Thank you,

-- The Apache Tomcat Team

Read More

0 comments   |  

0
Rating
  |  

Developers | Tomcat 7

Blog : Apache Tomcat 7.0.8 Released

posted by Stacey Schneider on February 7, 2011 08:24 AM

Announced this morning by the Apache Tomcat team:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

The Apache Tomcat team announces the immediate availability of Apache Tomcat 7.0.8.

Apache Tomcat 7.0.8 is primarily a security and bug fix release with numerous fixes compared to 7.0.6.

Please refer to the change log for the list of changes:
http://tomcat.apache.org/tomcat-7.0-doc/changelog.html

Note that this version has 4 zip binaries: a generic one and three bundled with Tomcat native binaries for Windows operating systems running on different CPU architectures.

Downloads:
http://tomcat.apache.org/download-70.cgi

Migration guide from Apache Tomcat 5.5.x and 6.0.x:
http://tomcat.apache.org/migration.html

Thank you,

-- The Apache Tomcat Team

Read More

0 comments   |  

0
Rating
  |  

Developers, Executives | Tomcat 7

Blog : Apache Tomcat 6.0.32 Released

posted by Stacey Schneider on February 3, 2011 09:28 AM

Announced this morning by the Apache Tomcat team:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

The Apache Tomcat team announces the immediate availability of Apache Tomcat 6.0.32 stable..

Apache Tomcat 6.0.32 is primarily a security and bug fix release. All users of older versions of the Tomcat 6.0 family should upgrade to 6.0.32.

Note that is version has 4 zip binaries: a generic one and three bundled with Tomcat native binaries for different CPU architectures.

Apache Tomcat 6.0 includes new features over Apache Tomcat 5.5, including support for the new Servlet 2.5 and JSP 2.1 specifications, a refactored clustering implementation, advanced IO features, and improvements in memory usage.

Please refer to the change log for the list of changes:
http://tomcat.apache.org/tomcat-6.0-doc/changelog.html

Downloads:
http://tomcat.apache.org/download-60.cgi

Migration guide from Apache Tomcat 5.5.x:
http://tomcat.apache.org/migration.html

Thank you,

-- The Apache Tomcat Team

Read More

1 comments   |  

0
Rating
  |  

Developers, Executives | Tomcat 6

Blog : Cross-site Scripting (XSS) Prevention in Apache Tomcat 7

posted by mthomas on January 26, 2011 07:28 AM

Cross-site scripting (XSS) is the leading form of security vulnerabilities for web applications today. This vulnerability is found when attackers are able to inject client-side scripting into web pages by tricking the browser to trust scripts run from malicious hosts. These scripts usually access user and session information stored in cookies, and allow the hackers to forge trusted user behavior. The result can allow hijackers to control your user account, change your account settings, or redirect web traffic to malicious or false advertising sites. Recently, there has been an increase in high-profile cross-site scripting attacks on sites like Twitter and IBM's DeveloperWorks, which illustrate how common these vulnerabilities exist on web sites both large and small.

Because cross-site scripting is such a significant and universal threat (a few cross-site scripting issues have been fixed in Tomcat 7), an unofficial extension to the Cookie specifications - httpOnly cookies - has been introduced to combat it. Although it is unofficial, it is widely supported. This feature reduces the risk of these security vulnerabilities by preventing the browser from allowing scripts to access information stored in cookies.

Read More

1 comments   |  

0
Rating
  |  

Security | Cross-site Scripting, security, Tomcat 7

Blog : Apache Tomcat 7.0.6 Released - First Stable Build

posted by Stacey Schneider on January 14, 2011 08:02 AM

Announced this morning by the Apache Tomcat team:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

The Apache Tomcat team announces the immediate availability of Apache Tomcat 7.0.6.

This is the first stable release of the Tomcat 7 branch.

Apache Tomcat 7.0.6 contains further performance improvements in session management, a new binary distribution targeted at users embedding Tomcat in other applications and several enhancements to the memory leak detection and prevention features.

The 7.0.6 release also contains numerous bug fixes compared to 7.0.5.

Please refer to the change log for the list of changes:
http://tomcat.apache.org/tomcat-7.0-doc/changelog.html

Note that this version has 4 zip binaries: a generic one and three bundled with Tomcat native binaries for Windows operating systems running on different CPU architectures.

Downloads:
http://tomcat.apache.org/download-70.cgi

Migration guide from Apache Tomcat 5.5.x and 6.0.x:
http://tomcat.apache.org/migration.html

Thank you,

-- The Apache Tomcat Team

Read More

0 comments   |  

0
Rating
  |  

Developers | Tomcat 7

Blog : Apache Tomcat 6.0.30 Released

posted by joannad on January 13, 2011 11:15 AM

Announced this morning by the Apache Tomcat team:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

The Apache Tomcat team announces the immediate availability of Apache Tomcat 6.0.30 stable. This release includes bug-fixes over Apache Tomcat 6.0.29.

Note that is version has 4 zip binaries: a generic one and three bundled with Tomcat native binaries for different CPU architectures.

Apache Tomcat 6.0 includes new features over Apache Tomcat 5.5, including support for the new Servlet 2.5 and JSP 2.1 specifications, a refactored clustering implementation, advanced IO features, and improvements in memory usage.

Please refer to the change log for the list of changes:
http://tomcat.apache.org/tomcat-6.0-doc/changelog.html

Downloads:
http://tomcat.apache.org/download-60.cgi

Migration guide from Apache Tomcat 5.5.x:
http://tomcat.apache.org/migration.html

Thank you,

-- The Apache Tomcat Team

Read More

2 comments   |  

0
Rating
  |  

Developers, Operations | Tomcat 6

Blog : Field Report: Apache Tomcat 7 In Action

posted by avanabs on January 11, 2011 08:21 AM

With some help from friends at several of my (now-ex) consulting clients, I've been trying out the latest build of Tomcat 7 on some of the "problem applications" we ran into over the years...many of them while transitioning applications from JEE application servers to the "highly distributed services architectures" (now widely called the "Cloud") that I have been discussing and building for the last 6-7 years.

In a word, WOW!

Of the 11 "problem" applications we've tried on Tomcat 7:

  • 100% of them worked
  • 9 of the 11 exposed coding problems that had led to development and production problems previously.
  • All 9 were readily fixed, and they now run properly on 6.5, as well as on 7
  • The other two simply ran reliably on Tomcat 7, while they required frequent re-starts on 6.5
  • 7 of the 11 ran faster, with the best seeing approximately a 6% performance gain

Read More

0 comments   |  

0
Rating
  |  

Developers | Tomcat 7

Blog : Tomcat Expert's Top 10 of 2010

posted by joannad on December 30, 2010 08:53 PM

2010 has been an exciting year for the Tomcat Expert community site. Created by the Apache Tomcat Experts at SpringSource, Tomcat Expert was launched in March to improve the adoption, performance and value of Apache Tomcat for enterprise users. After almost ten months of operation, we’ve been able to provide you with content from Tomcat Expert Contributors weighing in on top Apache Tomcat news and topics, including several relating to June's release of Tomcat 7.0.0 Beta, the first Tomcat 7 release.  As the year winds down, we've put together a list of the most popular blog posts of the year. Additionally, we're asking you to tell us what topics you'd like to see covered more in 2011 with a content request form below. 

Read More

1 comments   |  

0
Rating
  |  

Developers, Executives | Tomcat 7, Tomcat Admin, Tomcat Cloud

Syndicate content