Pages

Thursday, January 10, 2013

Why Tomcat 7?



Apache Released a New version of Tomcat 7.There is a need for the migration of Applications which are running in Tomcat 6 to Tomcat 7.In this article we will see the advantages of Tomcat 7 and its Features.

1.    Tomcat 7 Requires Java SE 6 Further Versions.
2.    Tomcat 7 Includes Servlet 3.0 API.
3.    Tomcat 7 Includes Expression language 2.2 (mechanism for enabling  the presentation layer (web pages) to communicate with the application logic (managed beans)).
4.    Tomcat 7 Includes JSP 2.2.
5.    Tomcat 7 Contains tomcat-api.jar which contain shared interfaces for Catalina and Jasper. A few other libraries include
  • annotations-api.jar (Annotations package)
  • jasper-el.jar (Jasper 2 EL implementation)
  • jsp-api.jar (JSP 2.2 API)
  • servlet-api.jar (Servlet 3.0 API)
  • tomcat-api.jar (Interfaces shared by Catalina and Jasper)
  • ecj-3.7.1.jar
  • el-api.jar (EL 2.2 API)
  • jasper.jar (Jasper 2 Compiler and Runtime)
  • jasper-el.jar (Jasper 2 EL implementation)
  • jsp-api.jar (JSP 2.2 API)
  • servlet-api.jar (Servlet 3.0 API)
  • tomcat-api.jar (Interfaces shared by Catalina and Jasper)
  • tomcat-coyote.jar (Tomcat connectors and utility classes)
  • tomcat-dbcp.jar (package renamed database connection pool based on Commons DBCP)
6.    Tomcat 7 Includes Generics In Necessary places. This helps programming errors to be detected at compile time rather than run time as well as enabling the writing of cleaner code
7.    Tomcat 7 includes Servlet 3.0's asynchronous support.
8.    Tomcat 7 Includes Annotation Support, which helps the developers in configuring filters, listeners and servlets in a declarative programming style. Also allows defining annotations on servlet
11.  Tomcat 7 provides increased control over session tracking, in particular the ability to use the SSL session ID to track user sessions which provides additional secch allows tomcat basic operations like start, stop. This helps in Integration Testing.
10.  Tomcat 7 provides a better logging feature like asynchronous handler allows Tomcat to write logs to disk in a dedicated thread, so that logging operations do not cause any latency in processing threads.
11.  Tomcat 7 provides increased control over session tracking, in particular the ability to use the SSL session ID to track user sessions which provides additional security.
  Tomcat 7 has File upload support will enable Tomcat users to use file upload functionality within their web applications with the need for additional libraries.

Tomcat 7 includes alias support which allows developers to include external content from a system file location or a war file. An example would be to add shared java script /Images for multiple web applications.
16.  Tomcat 7 provides programmatic login.
17.  Tomcat 7 provides better security for the Manager and Host Manager applications.
16.  Tomcat 7 provides programmatic login.
17.  Tomcat 7 provides better security for the Manager and Host Manager applications.
18.  Tomcat 7 provides a feature where all the connector implementations (http, Ajp) now use Executors to provide the thread pool.
19.  Tomcat 7 manager application has a ‘find Leak’ Button which enables a Full GC and also finds the leaks.
20.  Better Memory Leak protection


Tomcat 7 Roles

With Tomcat 7, there are now 4 roles that allows administrators to delegate access to specific account so that they can do only certain things. The roles are
manager-guimanager-script,manager-jmx, and manager-status.

manager-gui Provides access to all the status pages and tomcat manager web console. The Accounts with this level of access can perform any operation using the manager console.

manager-script provides all the functionality as the manager web console does but using a Text Interface instead of HTML GUI.

manager-jmx provides access to the jmxproxy, which is a monitoring tools and scripts which can be helpful to the developers and administrators. In addition, this role also has access to the status pages. 

manager-status provides the users assigned to that role with access to the statistics that tomcat provides like current threads, max threads, etc. Users belonging to this role will be able to access the Status link on the main tomcat index page but will receive a 403 - Access Denied when attempting to access the Tomcat Manager.

Here are the Links

The Manager roles for the GUI (manager-gui), status (manager-status), scripting (manager-script) and JMX proxy (manager-jmx), defined in "webapps/manager/WEB-INF/web.xml". This allows for fine-grained access control to management tasks.

  • manager-script - Access to the "plain-text" interface, and to the "Server Status" page, via command in the form of: http://{host}:{port}/manager/text/{command}?{parameters}

http://{host}:{port}/manager/text/deploy?path=/sampleApp           // Deploy sampleApp

  • manager-jmx - Access to JMX proxy interface and to the "Server Status" page, via:

The roles manager-gui, manager-script, and manager-jmx are not to be given to a User for Security reasons.

The “admin” role has been broken into “admin-gui” and “admin-script”. These allows for the access control of the Host Manager application. These admin roles provide access to the status pages. 

Happy Learning