apache tomcat 7people.apache.org/~markt/presentations/2011-05-23-75mins-apachetomcat7.pdf3...
Post on 19-Jan-2020
11 Views
Preview:
TRANSCRIPT
© 2009 VMware Inc. All rights reserved
Apache Tomcat 7
Mark Thomas, Staff Engineer
2
Agenda
Introduction
Specification changes
New features
Current status
Future plans
Useful resources
Questions
3
Introduction
Apache Tomcat committer & PMC member
Wrote a large proportion of the updates for Tomcat 7
Tomcat 7 release manager
Apache Commons (DBCP & Pool) committer
ASF member
ASF Infrastructure team
ASF Security team member
Lead the SpringSource security team
tc Server developer
4
Specification Changes
5
Specification changes
Servlet 3.0
• Java 1.6
• Asynchronous processing
• Pluggability
• Annotations
• Session management
• httpOnly
• Programmatic login
JSP 2.2
• JSP property group additions
• New omit attribute for <jsp:attribute .../>
Expression Language 2.2
• Method invocations
6
New features
7
Management
JMX remote lifecycle listener
Manager application can differentiate between primary, backup and
proxy sessions
Better alignment of MBeans
Can configure an entire Tomcat instance via JMX from just a
running Server component
8
Performance
Limit loaded JSPs with LRU cache
GZIP compressed output streams can now be flushed
Remove bottleneck in session ID generation
Crawler session manager valve
AJP NIO connector (will be in 7.0.15 onwards)
9
Resources
New singleton attribute
New closeMethod attribute
10
Deployment
Support parallel deployment
Copying of /META-INF/context.xml to
$CATALINA_BASE/<engine>/<host>/contextname.xml is now
optional and disabled by default
Added alias support
Improved memory leak detection and prevention
11
Security
Cross-site request forgery (CSRF) protection filter
CSRF protection added to manager application
• role names & some URLs changed
LockOutRealm used by default
Access log enabled by default
exec is disabled by default for SSI
DefaultServlet serves content from root of context by default
12
Security
Graceful handling of users book-marking the login page
Session IDs generated using SecureRandom by default
SSL renegotiation & RFC 5746
HTTP NIO connector now supports SSL renegotiation
Security listener
Better access logging of failed requests
Cookie paths end in /
13
Embedding and Extending
New o.a.catalina.startup.Tomcat class for embedding
New JarResource interface for accessing TLDs
Binary and source JARs provided for Apache Maven
Customisable JAR scanning
14
Code clean-up
Generics
Better definition of Lifecycle interface
Comet classes have moved to o.a.catalina.comet
Expanded the unit tests
Added Checkstyle and FindBugs to the build process
Removed unused / deprecated / duplicated code
Custom components using Tomcat internals are likely to require
changes
15
Windows
Windows installer detects 32-bit or 64-bit JVM and installs correct
native binaries
Windows native authentication (SPNEGO)
16
Current Status
17
Current status
Apache Tomcat 7 is stable as of 7.0.6
Current release is 7.0.14
Continuing to provide a release a month
All releases have passed the Servlet 3.0, JSP 2.2 and EL 2.2 TCKs
Servlet TCK is tested with the following combinations
• HTTP BIO, NIO & APR/native
• mod_jk + AJP BIO, NIO & APR/native
• mod_proxy_http + HTTP BIO, NIO & APR/native
• mod_proxy_ajp + AJP BIO, NIO & APR/native
18
Current status
As of 23 May 2011
Tomcat 7
• 1 open bug
• 29 open enhancement requests
Tomcat 6
• 3 hard to reproduce bugs under investigation
• 2 open bugs
• 4 bugs with patches waiting for review
• 73 open enhancement requests
Tomcat 5
• 4 bugs with patches waiting for review
• 33 open enhancement requests
19
Future Plans
20
Future Plans
Commons DBCP v2
Socket IO
Keep on top of open bugs
Continue reviewing enhancement requests
21
Useful Resources
22
Useful resources
http://tomcat.apache.org
• http://blogs.apache.org/tomcat
Mailing lists
• users
• dev
• announce
http://tomcat.markmail.org
http://svn.apache.org/repos/asf/tomcat/trunk/webapps/
docs/changelog.xml
http://ci.apache.org/projects/tomcat/tomcat7/docs/
http://s.apache.org/tomcat-7-open-issues
23
Questions
top related