Tomcat 7
blog : ActiveMQ and Apache Tomcat: Perfect Partners
posted by bsnyder on December 13, 2010 07:04 AM | 0 comments
This article is excerpted from the forthcoming book ActiveMQ In Action (http://bit.ly/2je6cQ) by Bruce Snyder, Rob Davies and Dejan Bosanac (Manning Publications, ISBN: 1933988940)
At one time or another, every software developer has the need to communicate between applications or transfer data from one system to another. Not only are there many solutions to this sort of problem, but depending on your constraints and requirements, deciding how to go about such a task can be a big decision. Business requirements oftentimes place restrictions on items that directly impact such a decision including performance, scalability, reliability and more. There are many applications that we use every day that impose just such requirements including ATMs, airline reservation systems, credit card systems, point-of-sale systems and telecommunications just to name a few. Where would we be without most of these applications in our daily lives today?
When it comes to developing and deploying Java applications, it is extremely common to use Tomcat as a runtime container. As you expand your Java applications, new business needs arise including the ability to communicate with other applications, the need to scale an application architecture and quite possibly the need to decrease application coupling just to name a few. These requirements and many more can be addressed through the use of ActiveMQ with Tomcat.
In a series of articles, you will learn about the integration of ActiveMQ and Tomcat. In the first article, you will learn a bit about Java Servlet technology, Tomcat and you will be introduced to Apache ActiveMQ. Future articles will continue to dive deeper into the topic of integrating ActiveMQ with Tomcat.
blog : Apache Tomcat 7.0.5 Beta Released
posted by Stacey Schneider on December 1, 2010 10:07 AM | 0 comments
Announced this morning by the Apache Tomcat team:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The Apache Tomcat team announces the immediate availability of Apache Tomcat 7.0.5 beta.
Apache Tomcat 7.0.5 beta contains performance improvements in session management, a number of new features including support for parallel deployment of multiple versions of the same web application and a redesigned welcome page.
The 7.0.5 release also contains numerous bug fixes compared to 7.0.4.
Please refer to the change log for the list of changes: http://tomcat.apache.org/tomcat-7.0-doc/changelog.html
Note that this version has 4 zip binaries: a generic one and three bundled with Tomcat native binaries for Windows operating systems running on different CPU architectures.
Downloads:
http://tomcat.apache.org/download-70.cgi
Migration guide from Apache Tomcat 5.5.x and 6.0.x:
http://tomcat.apache.org/migration.html
Thank you,
-- The Apache Tomcat Team
blog : Apache Tomcat Manager Application XSS Vulnerability
posted by Stacey Schneider on November 22, 2010 04:57 AM | 0 comments
Announced this afternoon by the Apache Tomcat team.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
CVE-2010-4172: Apache Tomcat Manager application XSS vulnerability
Severity: Tomcat 7.0.x - Low, Tomcat 6.0.x - Moderate
Vendor: The Apache Software Foundation
Versions Affected:
-
Tomcat 7.0.0 to 7.0.4
- Not affected in default configuration.
- Affected if CSRF protection is disabled
- Additional XSS issues if web applications are untrusted
-
Tomcat 6.0.12 to 6.0.29
- Affected in default configuration
- Additional XSS issues if web applications are untrusted
-
Tomcat 5.5.x
- Not affected
Description:
The session list screen (provided by sessionList.jsp) in affected
versions uses the orderBy and sort request parameters without applying
filtering and therefore is vulnerable to a cross-site scripting attack.
Users should be aware that Tomcat 6 does not use httpOnly for session
cookies by default so this vulnerability could expose session cookies
from the manager application to an attacker.
A review of the Manager application by the Apache Tomcat security team
identified additional XSS vulnerabilities if the web applications
deployed were not trusted.
blog : Apache Tomcat 7.0.4 Beta Released
posted by Stacey Schneider on October 25, 2010 02:38 PM | 1 comments
Friday, the Apache Tomcat team announced the release of the Tomcat 7.0.4 beta via email announcement.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The Apache Tomcat team announces the immediate availability of Apache Tomcat 7.0.4 beta.
Apache Tomcat 7.0 includes new features over Apache Tomcat 6.0, including support for the new Servlet 3.0, JSP 2.2 and EL 2.2 specifications, web application memory leak detection and prevention, improved security for the Manager and Host Manager applications, Generic CSRF protection, support for including external content directly in a web application (aliases), re-factoring (connectors, life-cycle) and lots of internal code clean-up.
The 7.0.4 release contains numerous bug fixes compared to 7.0.2.
Please refer to the change log for the list of changes: http://tomcat.apache.org/
tomcat-7.0-doc/changelog.html Note that this version has 4 zip binaries: a generic one and three bundled with Tomcat native binaries for Windows operating systems running on different CPU architectures.
Downloads:
download-70.cgi
Migration guide from Apache Tomcat 5.5.x and 6.0.x:
migration.html
Thank you,
-- The Apache Tomcat Team
presentation : Introduction to Apache Tomcat 7.0
posted by SpringSource on August 25, 2010 10:31 AM | 4 comments
Apache Tomcat 7.0 is the latest release from the Apache Software Foundation. Currently considered a beta release, the new software is currently available for download and preview.
blog : Apache Tomcat 7.0.2 beta released
posted by Stacey Schneider on August 20, 2010 08:04 AM | 0 comments
In an email announcement today, the Apache Tomcat team announced the release of the Tomcat 7.0.2 beta.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The Apache Tomcat team announces the immediate availability of Apache Tomcat 7.0.2 beta.
Apache Tomcat 7.0 includes new features over Apache Tomcat 6.0, including support for the new Servlet 3.0, JSP 2.2 and EL 2.2 specifications, web application memory leak detection and prevention, improved security for the Manager and Host Manager applications, Generic CSRF protection, support for including external content directly in a web application (aliases), re-factoring (connectors, life-cycle) and lots of internal code clean-up.
The 7.0.2 release contains numerous bug fixes and an important security fix compared to 7.0.0.
Please refer to the change log for the list of changes: http://tomcat.apache.org/tomcat-7.0-doc/changelog.html
Note that this version has 4 zip binaries: a generic one and three bundled with Tomcat native binaries for Windows operating systems running on different CPU architectures.
Downloads: http://tomcat.apache.org/download-70.cgi
Migration guide from Apache Tomcat 5.5.x and 6.0.x: http://tomcat.apache.org/migration.html
Thank you,
-- The Apache Tomcat Team
blog : Getting Started with Apache Tomcat Development
posted by MSacks on August 9, 2010 07:22 AM | 0 comments
With special thanks to Mark Thomas, ASF/VMware for reviewing.
Overview
This document will describe all of the necessary pre-requisites to get started in developing, customizing and contributing to the Apache Tomcat Project. The reader will have a broad overview of what is involved, and learn the process by which they will get a better understand of how the internals of how the Apache Tomcat application server works. Those new to the Apache Tomcat project, or contributing to an open source project may find this article helpful.
What is Apache Tomcat?
Apache Tomcat is the de-facto, open-source application server. It is distributed under the Apache License, Version 2.0 and is true open source. Many organizations use Tomcat as their production's application server, and it is enterprise grade even in its open source form. Over half of Fortune 500 companies use Apache Tomcat as their platform for their production business websites, including notables such as E-Trade.com, Walmart.com, and The Weather Channel. There are commercially supported versions of Apache Tomcat as well. In this how-to article, we will use the open source version as an example.
blog : Interview with Mark Thomas, Apache Tomcat 7 Committer & Release Manager
posted by avanabs on August 2, 2010 07:57 AM | 0 comments
In my previous blog, I discussed the adoption of Tomcat 7 from the consultant/users view. I also promised an interview with one of the Apache Tomcat 7 committers, to provide the insiders views.
We’re here today with Mark Thomas, Apache Tomcat Committer and Release Manager for Tomcat 7.
Andy: Thanks for spending the time with me this evening. Congratulations to you and the Tomcat Community for achieving the Beta milestone for Release 7. We’re hearing interest from our clients, and it looks like there is lots of good stuff in this release.
I understand that you are "Release Manager", as well as committer, for Tomcat 7...what does that role entail?
Mark: The Tomcat community has traditionally had a 'fixed' release manager for each major branch. It is fixed in that the same person does it for several releases in a row but in theory any committer could start a release at any point. As release manager, I build the release (do a clean checkout from svn and then 'ant release'), upload the release to a staging area and then call a vote on the dev list.
If the vote passes, I copy the files from the staging area to the distribution area, update the download links, update the latest version information on the Tomcat homepage, upload the maven artifacts and send out the release announcement to the lists. It sounds like a lot of work, but it is 99% automated.
Much more effort goes into the voting phase, where we check the release quality.
blog : Is Apache Tomcat 7 in your future?
posted by avanabs on July 29, 2010 07:26 AM | 2 comments
I’ve been following Tomcat 7 development for some time now and I've been asked recently why (and when) clients should upgrade to Tomcat 7, now that it’s nearing release (currently targeted for “late summer”). So, I’ve started to give some thought to that question. I have to admit, the answer wasn’t immediately obvious either way. I’m going to split this blog into two parts; the first with my views and very preliminary results of my testing and evaluation. The second will be based on an interview scheduled for this Wednesday with one of the senior Apache Tomcat “committers”.
Note: In Apache Speak, a Committer is selected by his peers to be trusted to make changes to the code base. In a mature and extremely widely used project like Tomcat, this is very hard to achieve and carries great responsibility.
When I think about “upgrading”, I immediately think about two quite different scenarios.
- Upgrading existing infrastructure for production environments. “If it works, why mess with it?” surely applies.
- Selecting the infrastructure for new projects. “Should I really base my critical new project on a dot-zero infrastructure release?” is usually my first thought.
We’ll explore both situations, focusing on both Tomcat 7’s stability as a “dot-zero” release and what new capabilities Tomcat 7 brings to the table.
blog : Apache Tomcat 7 has been released
posted by mthomas on June 29, 2010 04:55 AM | 5 comments
A little under 18 months since work started on Tomcat 7 I am delighted to be able to say that the first Tomcat 7 release, Tomcat 7.0.0 beta, is now available from the Tomcat 7 download page at the Apache Software Foundation.
In addition to the implementation of the Servlet 3.0, JSP 2.2 and EL 2.2 specifications, Tomcat 7 boasts a number of new features. These include:
- memory leak prevention and detection
- protection against session fixation attacks
- a simple filter to add cross-site request forgery protection to an application
- simplified embedding
- alias support
- better security for the Manager and Host Manager applications
- and lots of internal code clean-up
Happening Now on TomcatExpert
- graceh commented Apache Tomcat 6.0.37 Released
Tags in Tags
apache
Apache Tomcat
Apache Tomcat 6
Apache Tomcat 7
clustering
deployment
ERS
java
jsp
mod_jk
security
server
spring
ssl
tc Server
Tomcat
Tomcat 5.5
Tomcat 6
Tomcat 7
Tomcat Admin
Tomcat Configuration
Tomcat JMX
Tomcat JVM
Tomcat Logging
Tomcat Manager
Tomcat Memory
Tomcat Performance
Tomcat Security
Tomcat SSL
Tomcat Support
Popular Links