Index of /dist/tomcat/tomcat-4/archive/v4.0.1

Icon  Name                           Last modified      Size  Description
[PARENTDIR] Parent Directory - [DIR] bin/ 2001-10-14 22:56 - [DIR] rpms/ 2001-10-26 15:41 - [DIR] src/ 2001-11-26 15:02 - [   ] KEYS 2001-11-29 00:17 2.5K
Apache Tomcat 4.0.1

Apache Tomcat 4.0.1

This is the final release of Apache Tomcat 4.0.1. It is available in both binary and source versions. The tar files in this distribution use GNU tar extensions, and must be untarred with a GNU compatible version of tar. The version of tar on Solaris and Mac OS X will not work with these files.

Please see the RELEASE-NOTES-4.0.1.txt file in the top level directory of this release for important information about recent bug fixes and known issues.

This version of Tomcat can use either WARP 1.0 or AJP 1.3 to connect to native webservers. A wide assortment of adapters are available in the binary folder. Note: Using the WARP connector is recommended on platforms on which it is available.

IMPORTANT NOTE: Virtual machine crashes have been reported when using Linux 2.4 with Sun JVM version 1.2.x and 1.3.x. See the release notes below for more details.

Thank you for using Tomcat!.

The Apache Jakarta Project

Release Notes

* Tomcat 4.0 and Apache
* Tomcat 4.0 and AJP 1.3
* Tomcat 4.0 and JNI Based Applications
* Tomcat 4.0 Standard APIs Available
* Tomcat 4.0 and XML Parsers
* Web application reloading and static fields in shared libraries
* JAVAC leaking memory
* Linux and Sun JDK 1.2.x - 1.3.x
* Jasper and Jikes
* Tomcat 4.0 and Apache Cocoon 2.0
* Enabling SSI and CGI Support

Tomcat 4.0 and Apache:

The binary distribution for Tomcat 4.0 includes the most recent stable version
of the WARP connector, which is the Tomcat component that talks to mod_webapp
inside Apache 1.3.  The current state of this support is summarized as follows:

* The mod_webapp connector is configured based on the contents of the
  web.xml file for your web application.  The only required per-webapp
  configuration information in your Apache 1.3 httpd.conf file is
  something like this:

    WebAppDeploy examples   warpConnection   /examples/

  which causes mod_webapp to automatically recognize all of your servlet
  mappings, security constraints, and other configuration elements.

* Currently, mod_webapp forwards *all* requests under the specified
  context path to Tomcat for processing.  When Tomcat 4.0 final is released,
  it will automatically configure itself to serve static resources
  from Apache *unless* the resource is subject to filtering, or subject
  to a security constraint, as defined in web.xml.  No extra configuration
  in httpd.conf will be required.

* With this release, FORM-based authentication will work correctly, but
  there is a bug that prevents BASIC authentication from operating.  This
  will be addressed before final release.

* If you restart Tomcat, you must also restart Apache to avoid receiving
  "Error 400 - Bad Request" errors.  This will be handled transparently
  in the final release.

* The combination of Apache+Tomcat currently passes all spec validation
  tests in the "jakarta-watchdog-4.0" suite.

Tomcat 4.0 and AJP 1.3:

Tomcat 4.0.1 now includes beta support for the AJP 1.3 protocol, which the 
mod_jk collection of native webserver modules implements.

The AJP connector is not enabled by default. To enable it, uncomment 
the following section in $CATALINA_HOME/conf/server.xml:

    <Connector className="org.apache.ajp.tomcat4.Ajp13Connector"
               port="8009" minProcessors="5" maxProcessors="75"
               acceptCount="10" debug="0"/>

The AJP connector for Tomcat 4.0 does not support load balancing at this time.

Tomcat 4.0 and JNI Based Applications:

Applications that require native libraries must ensure that the libraries have
been loaded prior to use.  Typically, this is done with a call like:

  static {

in some class.  However, the application must also ensure that the library is
not loaded more than once.  If the above code were placed in a class inside
the web application (i.e. under /WEB-INF/classes or /WEB-INF/lib), and the
application were reloaded, the loadLibrary() call would be attempted a second

To avoid this problem, place classes that load native libraries outside of the
web application, and ensure that the loadLibrary() call is executed only once
during the lifetime of a particular JVM.

Tomcat 4.0 Standard APIs Available:

A standard installation of Tomcat 4 makes all of the following APIs available
for use by web applications (by placing them in "common/lib" or "lib"):
* activation.jar (Java Activation Framework)
* jdbc2_0-stdext.jar (JDBC 2.0 Optional Package, javax.sql.*)
* jndi.jar (JNDI 1.2 base API classes)
* jta-spec1_0_1 (Java Transacation APIs)
* mail.jar (JavaMail 1.2)
* servlet.jar (Servlet 2.3 and JSP 1.2 APIs)
* tyrex- (Tyrex XA-compatible data source from
* xerces.jar (Xerces 1.4.3)

You can make additional APIs available to all of your web applications by
putting unpacked classes into a "classes" directory (not created by default),
or by placing them in JAR files in the "lib" directory.

Tomcat 4.0 and XML Parsers:

As described above, Tomcat 4.0 makes an XML parser (and many other standard
APIs) available to web applications.  This parser is also used internally
to parse web.xml files and the server.xml configuration file.  If you wish,
you may replace the "xerces.jar" file in "common/lib" with another XML parser,
as long as it is compatible with the JAXP/1.1 APIs.

If you wish to *not* make any XML parser visible to all web applications,
this can be accomplished by copying the "xerces.jar" file from "common/lib"
to both "server/lib" and "jasper", and removing it from "common/lib".

Web application reloading and static fields in shared libraries:

Some shared libraries (many are part of the JDK) keep references to objects
instantiated by the web application. To avoid class loading related problems
(ClassCastExceptions, messages indicating that the classloader 
is stopped, ...), the shared libraries state should be reinitialized.

Something which could help is to avoid putting classes which would be 
referenced by a shared static field in the web application classloader, 
and put them in the shared classloader instead (the JARs should be put in the 
"lib" folder, and classes should be put in the "classes" folder).

JAVAC leaking memory:

The Java compiler leaks memory each time a class is compiled. Web applications
containing hundreds of JSP files may as a result trigger out of memory errors 
once a significant number of pages have been accessed. The memory can only be 
freed by stopping Tomcat and then restarting it.

The JSP command line compiler (JSPC) can also be used to precompile the JSPs.

Linux and Sun JDK 1.2.x - 1.3.x:

Virtual machine crashes can be experienced when using certain combinations of
kernel / glibc under Linux with Sun Hotspot 1.2 to 1.3. The crashes were 
reported to occur mostly on startup. Sun JDK 1.4 does not exhibit the problems,
and neither does IBM JDK for Linux.

The problems can be fixed by reducing the default stack size. At bash shell, 
do "ulimit -s 2048"; use "limit stacksize 2048" for tcsh.

GLIBC 2.2 / Linux 2.4 users should also define an environment variable:
export LD_ASSUME_KERNEL=2.2.5

Jasper and Jikes:

Jikes can be used with the Jasper JSP page compiler, but the runtime classes 
JAR of the JDK or JRE (depending on what is installed on the computer) must
be added to the system classpath.

This can be achieved by editing the main catalina script, and adding the rt.jar

On Windows:
  line 71 of %CATALINA_HOME%\bin\catalina.bat, change
set CP=%CATALINA_HOME%\bin\bootstrap.jar;%JAVA_HOME%\lib\tools.jar
set CP=%JAVA_HOME%\jre\lib\rt.jar;%CATALINA_HOME%\bin\bootstrap.jar;%JAVA_HOME%\lib\tools.jar
  then, edit %CATALINA_HOME%\conf\web.xml as described below

On Unix or Unix-like OSes:
  line 89 of $CATALINA_HOME/bin/, change
  then, edit $CATALINA_HOME/conf/web.xml as described below

In web.xml, search for the block:

and replace it with:

Tomcat 4.0 and Apache Cocoon 2.0:

For optimal performance with Apache Cocoon 2.0, it is recommended to use the
HTTP/1.0 connector.

Enabling SSI and CGI Support:

Having CGI and SSI available to web applications created security problems when
using a security manager (as a malicious web application could use them to 
sidestep the security manager access control). In Tomcat 4.0.1, they have been
disabled by default, as our goal is to provide a fully secure default 
configuration. However, CGI and SSI remain available in Tomcat 4.0.1.

On Windows:
* rename the file %CATALINA_HOME%\server\lib\servlets-cgi.renametojar to
* rename the file %CATALINA_HOME%\server\lib\servlets-ssi.renametojar to
* in %CATALINA_HOME%\conf\web.xml, uncomment the servlet declarations starting
  line 165 and 213, as well as the associated servlet mappings 
  line 265 and 274. Alternately, these servlet declarations and mappings can
  be added to your web application deployment descriptor.

On Unix:
* rename the file $CATALINA_HOME/server/lib/servlets-cgi.renametojar to
* rename the file $CATALINA_HOME/server/lib/servlets-ssi.renametojar to
* in $CATALINA_HOME/conf/web.xml, uncomment the servlet declarations starting
  line 165 and 213, as well as the associated servlet mappings 
  line 265 and 274. Alternately, these servlet declarations and mappings can
  be added to your web application deployment descriptor.