Apache Tomcat v8.5.4 發布

Tomcat 是一個小型的輕量級應用服務器，在中小型系統和并發訪問用戶不是很多的場合下被普遍使用，是開發和調試JSP 程序的首選。對于一個初學者來說，可以這樣認為，當在一臺機器上配置好Apache 服務器，可利用它響應對HTML 頁面的訪問請求。實際上Tomcat 部分是Apache 服務器的擴展，但它是獨立運行的，所以當你運行tomcat 時，它實際上作為一個與Apache 獨立的進程單獨運行的。

更新日志

• Fix:  57705: Add debug logging for requests denied by the remote host and remote address valves and filters. Based on a patch by Graham Leggett. (markt)
• Fix:  Correct a regression in the fix for 58588 that removed the entire org.apache.juli package from the embedded JARs rendering them unusable. (markt)
• Add:  59399: Add a new option to the Realm implementations that ship with Tomcat that allows the HTTP status code used for HTTP -> HTTPS redirects to be controlled per Realm. (markt)
• Update:  Change the default of the sessionCookiePathUsesTrailingSlash attribute of the Context element to false since the problems caused when a Servlet is mapped to /* are more significant than the security risk of not enabling this option by default. (markt)
• Fix:  Follow-up to 59655. Improve the documentation for configuring permitted cookie names. Patch provided by Kyohei Nakamura. (markt)
• Fix:  Do not attempt to start web resources during a web application's initialisation phase since the web application is not fully configured at that point and the web resources may not be correctly configured. (markt)
• Fix:  59708: Modify the LockOutRealm logic. Valid authentication attempts during the lock out period will no longer reset the lock out timer to zero. (markt)
• Fix:  Improve error handling around user code prior to calling InstanceManager.destroy() to ensure that the method is executed. (markt)
• Code:  Refactor the certifcate keystore and trust store generation to make it easier for embedded users to inject their own key stores. (markt)
• Add:  59233: Add the ability to add TLS virtual hosts dynamically. (markt)
• Update:  Add a maxConcurrentStreamExecution on the HTTP/2 protocol handler to allow restricting the amount of concurrent stream that are being executed in a single connection. The default is to not limit it. (remm)
• Fix:  Correct a problem with ServletRequest.getServerPort() for secure HTTP/2 connections that meant an incorrect value was retured when using the default port. (markt)
• Fix:  Improve error handling around user code prior to calling InstanceManager.destroy() to ensure that the method is executed. (markt)
• Fix:  Improve error handling around user code prior to calling InstanceManager.destroy() to ensure that the method is executed. (markt)
• Code:  Now the WebSocket implementation is not built directly on top of the Servlet API and can use Tomcat internals, there is no need for the dedicated WebSocket Executor. It has been replaced by the use of the Connector/Endpoint provided Executor. (markt)
• Fix:  Improve error handling around user code prior to calling InstanceManager.destroy() to ensure that the method is executed. (markt)
• Fix:  Do not log an additional case of IOExceptions in the error handler for the Drawboard WebSocket example when the root cause is the client disconnecting since the logs add no value. (markt)
• Fix:  59642: Mention the localDataSource in the DataSourceRealm section of the Realm How-To. (markt)
• Fix:  59672: Update the security considerations page of the documentation web application to take account of the fact that the Manager and HostManager applications now have a RemoteAddrValve configured by default. (markt)
• Fix:  Follow-up to the fix for 59399. Ensure that the new attribute transportGuaranteeRedirectStatus is documented for all Realms. Also document the NullRealm and when it is automatically created for an Engine. (markt)
• Fix:  Fix the description of maxAge attribute in jdbc-pool doc. This attribute works both when a connection is returned and when a connection is borrowed. (kfujino)
• Fix:  59774: Correct the prefix values in the the documented examples for configuring the AccessLogValve. Patch provided by Mike Noordermeer. (markt)
• Code:  58588: Remove the JULI extras package from the distribution. It was only useful for switching Tomcat's internal logging to log4j 1.2.x and that version of log4j is no longer supported. No additional Tomcat code is required if switching Tomcat's internal logging to log via log4j 2.x. (markt)
• Add:  Add log message when the ping has timed-out. (kfujino)
• Fix:  If the ping message has been received at the AbstractReplicatedMap#leftOver method, ensure that notify the member is alive than ignore it. (kfujino)
• Fix:  Fix the duplicated connection release when connection verification failed. (kfujino)
• Fix:  Ensure that do not remove the abandoned connection that has been already released. (kfujino)
• Update:  59276: Update optional Checkstyle library to 6.17. (kkolinko)
• Add:  Use the mirror network rather than the ASF master site to download the current ASF dependencies. (markt)
• Update:  Update the packaged version of the Tomcat Native Library to 1.2.8 to pick up the latest fixes and make 1.2.8 the minimum recommended version. (markt)
• Code:  Use UTF-8 with a standard prolog for all XML files. (markt)

下載

二進制

• Core:
  • zip (pgp, md5, sha1)
  • tar.gz (pgp, md5, sha1)
  • 32-bit Windows zip (pgp, md5, sha1)
  • 64-bit Windows zip (pgp, md5, sha1)
  • 32-bit/64-bit Windows Service Installer (pgp, md5, sha1)
  </li>
• Full documentation:
  • tar.gz (pgp, md5, sha1)
  </ul> </li>
  • Deployer:
    • zip (pgp, md5, sha1)
    • tar.gz (pgp, md5, sha1)
    </ul> </li>
    • Extras:
      • JMX Remote jar (pgp, md5, sha1)
      • Web services jar (pgp, md5, sha1)
      • JULI adapters jar (pgp, md5, sha1)
      • JULI log4j jar (pgp, md5, sha1)
      </ul> </li>
      • Embedded:
        • tar.gz (pgp, md5, sha1)
        • zip (pgp, md5, sha1)
        </ul> </li> </ul>

        源代碼

        • tar.gz (pgp, md5, sha1)
        • zip (pgp, md5, sha1)

         

         本文由用戶 jopen 自行上傳分享，僅供網友學習交流。所有權歸原作者，若您的權利被侵害，請聯系管理員。
         轉載本站原創文章，請注明出處，并保留原始鏈接、圖片水印。
         本站是一個以用戶分享為主的開源技術平臺，歡迎各類分享！
          本文地址：http://www.baiduhome.net/news/view/71fd444f
        Apache Tomcat 應用服務器