Tomcat 7
blog : Announcing New TomcatExpert Jobs Board
posted by Stacey Schneider on August 9, 2012 01:58 PM | 0 comments
The Tomcat Expert community is a project sponsored by VMware SpringSource aimed to help improve enterprise adoption of Apache Tomcat. Over the past two years, we’ve put out nearly a hundred unique articles from our pool of experts to help users understand more about how Tomcat works and how you can use it more effectively to power business critical applications. We’ve covered new functionality in Tomcat 7, including posts on the jdbc-pool, parallel deployment, and the WebSocket implementation. We have also covered a number of other common questions ranging from the basic "Is Apache Tomcat an App Server?" to the detailed "How do I decide between mod_jk, mod_proxy_http, and mod_proxy_ajp?".
A new question we are hoping to answer for our community is, “How can I find quality candidates to help on my Tomcat deployment?” – and we aim to do this by offering the ability for employers to post available tomcat jobs, as well as the ability for members to find jobs and to apply for them directly from our community site.
For Employers
Users will need to create a login account in order to access the job posting form. Users can post an unlimited number of jobs, however until a job poster earns enough karma, each job will need to be approved by a tomcatexpert administrators to ensure the job feed is filled with quality jobs. Jobs should be related directly to the configuration, management and operation of Apache Tomcat; however, the roles can go beyond the traditional system administration and web operations roles to include java or Spring developers, instructors, technical sales engineers, and software product or architect roles that depend on Apache Tomcat. Employers have the option to have TomcatExpert email candidate submissions which include links to the candidate’s TomcatExpert profile, or to be redirected to your company’s submission process.
blog : Apache Tomcat 7.0.28 released
posted by Stacey Schneider on June 19, 2012 08:07 AM | 0 comments
The Apache Tomcat team announces the immediate availability of Apache Tomcat 7.0.28.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Apache Tomcat is an open source software implementation of the Java Servlet and JavaServer Pages technologies.
This release is includes may improvements as well as a number of bug fixes compared to version 7.0.27. The notable changes include:
- The minimum required APR/native library version required if the APR/native connector is used is now 1.1.24.
- Various fixes and improvements to WebSocket support including the use of infinite time outs by default for WebSocket connections. * Various fixes and improvements to annotation scanning.
blog : Apache Tomcat 7.0.27 Released
posted by Stacey Schneider on April 5, 2012 01:59 PM | 0 comments
The Apache Tomcat team announces the immediate availability of Apache Tomcat 7.0.27
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This release is includes significant new features as well as a number of bug fixes compared to version 7.0.26. The notable changes include:
- Support for the WebSocket protocol (RFC6455). Both streaming and message based APIs are provided and the implementation currently fully passes the Autobahn test suite. Also included are several examples.
- A number of fixes to the HTTP NIO connector, particularly when using Comet.
- Improve the memory leak prevention and detection code so that it works well with JVMs from IBM.
Please refer to the change log for the complete list of changes:
http://tomcat.apache.org/tomcat-7.0-doc/changelog.html
Note that this version has 4 zip binaries: a generic one and three bundled with Tomcat native binaries for Windows operating systems running on different CPU architectures.
question : Tomcat 7 and Parallel Deployment
posted by csaoin on January 5, 2012 01:00 PM | 0 comments
We are trying to deploy 2 versions of the same application on Tomcat 7 to test its parallel deployment features for our application.
Not meeting with success, I was looking for a definitive guide for parallel deployment on Tomcat 7.
Our application is a JSP based application but we can have changes often.
blog : Apache Tomcat 7.0.21 released
posted by Stacey Schneider on September 2, 2011 08:43 AM | 1 comments
Announced this morning by the Apache Tomcat team:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The Apache Tomcat team announces the immediate availability of Apache Tomcat 7.0.21
Apache Tomcat 7.0.21 includes security fixes, bug fixes and new features compared to version 7.0.20 including:
- - A fix for CVE-2011-3190 that allowed an attacker to inject requests when Tomcat was configured behind a reverse proxy using the AJP protocol.
- - Multiple additions and improvements to the memory leak detection/prevention features.
- - Improved validation of received AJP messages.
blog : New closeMethod for JNDI Resources
posted by mthomas on August 17, 2011 07:46 AM | 3 comments
Apache Tomcat 7 contains a number of new features around database connection pooling, which help administrators keep their application available and serving content, collecting customer information, and supporting their applications. The main one that has garnered a lot of attention is the new JDBC Connection Pool feature introduced by Filip Hanik last year. Another connection pool attribute not yet discussed here on TomcatExpert.com is the new closeMethod for speeding up the closing of JNDI resources that would otherwise be closed during garbage collection.
A Specific Requirement
This feature stemmed from a common challenge for applications that make use of database connection pools attached to databases with limited connections allowed. For instance, if a database allows 50 connections, and an application uses a connection pool of 50 connections, in theory everything should work. However, if the application is reloaded, the existing open connections in the old pool would not close until they have been garbage collected. So the new application connection pool while configured for 50 connections, could run out at 37 if the old connection pool had 13 connections open.
blog : Apache Tomcat 7.0.20 Released
posted by Stacey Schneider on August 12, 2011 04:19 AM | 0 comments
Announced this morning by the Apache Tomcat team:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The Apache Tomcat team announces the immediate availability of Apache Tomcat 7.0.20
Apache Tomcat 7.0.20 includes bug fixes and the following new features compared to version 7.0.19:
- JSP files with dependencies in JARs are no longer recompiled on every access thereby improving performance.
- Update to version 1.1.22 of the native component of the AJP and HTTP APR/native connectors.
- Update to Commons Daemon 1.0.7.
- Converted unit tests to JUnit 4.
Please refer to the change log for the complete list of changes: http://tomcat.apache.org/tomcat-7.0-doc/changelog.html
Note that this version has 4 zip binaries: a generic one and three bundled with Tomcat native binaries for Windows operating systems running on different CPU architectures.
Downloads: http://tomcat.apache.org/download-70.cgi
Migration guide from Apache Tomcat 5.5.x and 6.0.x: http://tomcat.apache.org/migration.html
Thank you,
-- The Apache Tomcat Team
blog : Mark Thomas Status Update on Apache Tomcat 7 Project
posted by Stacey Schneider on July 29, 2011 12:09 PM | 0 comments
13 months ago today marked the initial release of the Apache Tomcat 7 beta. Proving itself to be very backwards compatible with Apache Tomcat 6, Tomcat 7 is wealth of add-on features and bug fixes that purely builds on the success of Tomcat 6. Many of these features were not around 13 months ago, many of which we have covered here including:
- Session Fixation Protection
- Cross-site Request Forgery
- Crawler Session Manager Valve
- Parallel Deployment
- NIO Implementation of the AJP Connector
- Windows Authentication
- Windows Installer Improvements
Originally presented in the SpringSource S2F Forum in Amsterdam, Mark Thomas recorded a new update on the overall status of the Tomcat 7 project for the Tomcat Expert community. This update is slightly more current and gives good insight as to what is now in Tomcat 7 and what will be coming (and how to influence what gets worked on!). Some interesting points Mark brings up:
presentation : What's New in Apache Tomcat 7
posted by SpringSource on July 28, 2011 07:05 AM | 0 comments
This Apache Tomcat 7 update was originally delivered at the SpringSource S2G Forum Series in Amsterdam on May 26, 2011, by SpringSource engineer and the Apache Software Foundation's Apache Tomcat 7's release manager, Mark Thomas.
blog : Security Lifecycle Listener
posted by mthomas on July 20, 2011 07:18 AM | 0 comments
Apache Tomcat 7 includes several security updates that further harden the application server that came directly from the Bugzilla queue. One new feature, the Security Lifecycle Listener, helps ensure that Tomcat is started in a reasonably secure way.
Preventing Tomcat Running as Root
One user cited that while all administrators worth their salt should know that it is irresponsible and incredibly insecure to run Tomcat as the root user to the system, Tomcat still allows the server to start under root. Although this problem is largely contained to Linux systems, the fix had to be applicable to all operating systems. Therefore, the fix that was implemented was to create a list of users that are not allowed to start Tomcat. Tomcat checks to see if it is running as one of those users, and if it is, it shuts itself down.
Securing Tomcat Files
A secondary check after the user is validated as a secure user, is to check that any files written by Tomcat (such the contents of an expanded WAR) are created securely. As a minimum, these files must not be world writeable. In some environments it may be desirable to restrict this even further such as read/write for owner, no access for anyone else. The permissions for created files are controlled by the current user's umask. If the umask is not restrictive enough on the running user, this too will prevent Tomcat from starting.
Happening Now on TomcatExpert
- graceh commented Apache Tomcat 6.0.37 Released
Tags in Tags
apache
Apache Tomcat
Apache Tomcat 6
Apache Tomcat 7
clustering
deployment
ERS
java
jsp
mod_jk
security
server
spring
ssl
tc Server
Tomcat
Tomcat 5.5
Tomcat 6
Tomcat 7
Tomcat Admin
Tomcat Configuration
Tomcat JMX
Tomcat JVM
Tomcat Logging
Tomcat Manager
Tomcat Memory
Tomcat Performance
Tomcat Security
Tomcat SSL
Tomcat Support
Popular Links