Details | Last modification | View Log | RSS feed
| Rev | Author | Line No. | Line |
|---|---|---|---|
| 771 | blopes | 1 | ================================================================================ |
| 2 | Licensed to the Apache Software Foundation (ASF) under one or more |
||
| 3 | contributor license agreements. See the NOTICE file distributed with |
||
| 4 | this work for additional information regarding copyright ownership. |
||
| 5 | The ASF licenses this file to You under the Apache License, Version 2.0 |
||
| 6 | (the "License"); you may not use this file except in compliance with |
||
| 7 | the License. You may obtain a copy of the License at |
||
| 8 | |||
| 9 | http://www.apache.org/licenses/LICENSE-2.0 |
||
| 10 | |||
| 11 | Unless required by applicable law or agreed to in writing, software |
||
| 12 | distributed under the License is distributed on an "AS IS" BASIS, |
||
| 13 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
||
| 14 | See the License for the specific language governing permissions and |
||
| 15 | limitations under the License. |
||
| 16 | ================================================================================ |
||
| 17 | |||
| 18 | |||
| 19 | Apache Tomcat Version 9.0.112 |
||
| 20 | Release Notes |
||
| 21 | |||
| 22 | |||
| 23 | ========= |
||
| 24 | CONTENTS: |
||
| 25 | ========= |
||
| 26 | |||
| 27 | * Dependency Changes |
||
| 28 | * API Stability |
||
| 29 | * Bundled APIs |
||
| 30 | * Web application reloading and static fields in shared libraries |
||
| 31 | * Security manager URLs |
||
| 32 | * Symlinking static resources |
||
| 33 | * Viewing the Tomcat Change Log |
||
| 34 | * Cryptographic software notice |
||
| 35 | * When all else fails |
||
| 36 | |||
| 37 | |||
| 38 | =================== |
||
| 39 | Dependency Changes: |
||
| 40 | =================== |
||
| 41 | Tomcat 9.0 is designed to run on Java 8 and later. |
||
| 42 | |||
| 43 | |||
| 44 | ============== |
||
| 45 | API Stability: |
||
| 46 | ============== |
||
| 47 | |||
| 48 | The public interfaces for the following classes are fixed and will not be |
||
| 49 | changed at all during the remaining lifetime of the 9.x series: |
||
| 50 | - All classes in the javax namespace |
||
| 51 | |||
| 52 | The public interfaces for the following classes may be added to in order to |
||
| 53 | resolve bugs and/or add new features. No existing interface method will be |
||
| 54 | removed or changed although it may be deprecated. |
||
| 55 | - org.apache.catalina.* (excluding sub-packages) |
||
| 56 | |||
| 57 | Note: As Tomcat 9 matures, the above list will be added to. The list is not |
||
| 58 | considered complete at this time. |
||
| 59 | |||
| 60 | The remaining classes are considered part of the Tomcat internals and may change |
||
| 61 | without notice between point releases. |
||
| 62 | |||
| 63 | |||
| 64 | ============= |
||
| 65 | Bundled APIs: |
||
| 66 | ============= |
||
| 67 | A standard installation of Tomcat 9.0 makes all of the following APIs available |
||
| 68 | for use by web applications (by placing them in "lib"): |
||
| 69 | * annotations-api.jar (Annotations package) |
||
| 70 | * catalina.jar (Tomcat Catalina implementation) |
||
| 71 | * catalina-ant.jar (Tomcat Catalina Ant tasks) |
||
| 72 | * catalina-ha.jar (High availability package) |
||
| 73 | * catalina-ssi.jar (Server-side Includes module) |
||
| 74 | * catalina-storeconfig.jar (Generation of XML configuration from current state) |
||
| 75 | * catalina-tribes.jar (Group communication) |
||
| 76 | * ecj-4.20.jar (Eclipse JDT Java compiler) |
||
| 77 | * el-api.jar (EL 3.0 API) |
||
| 78 | * jasper.jar (Jasper 2 Compiler and Runtime) |
||
| 79 | * jasper-el.jar (Jasper 2 EL implementation) |
||
| 80 | * jsp-api.jar (JSP 2.3 API) |
||
| 81 | * servlet-api.jar (Servlet 4.0 API) |
||
| 82 | * tomcat-api.jar (Interfaces shared by Catalina and Jasper) |
||
| 83 | * tomcat-coyote.jar (Tomcat connectors and utility classes) |
||
| 84 | * tomcat-dbcp.jar (package renamed database connection pool based on Commons DBCP 2) |
||
| 85 | * tomcat-jdbc.jar (Tomcat's database connection pooling solution) |
||
| 86 | * tomcat-jni.jar (Interface to the native component of the APR/native connector) |
||
| 87 | * tomcat-util.jar (Various utilities) |
||
| 88 | * tomcat-websocket.jar (WebSocket 1.1 implementation) |
||
| 89 | * websocket-api.jar (WebSocket 1.1 API) |
||
| 90 | |||
| 91 | You can make additional APIs available to all of your web applications by |
||
| 92 | putting unpacked classes into a "classes" directory (not created by default), |
||
| 93 | or by placing them in JAR files in the "lib" directory. |
||
| 94 | |||
| 95 | To override the XML parser implementation or interfaces, use the appropriate |
||
| 96 | feature for your JVM. For Java <= 8 use the endorsed standards override |
||
| 97 | feature. The default configuration defines JARs located in "endorsed" as endorsed. |
||
| 98 | For Java 9+ use the upgradeable modules feature. |
||
| 99 | |||
| 100 | |||
| 101 | ================================================================ |
||
| 102 | Web application reloading and static fields in shared libraries: |
||
| 103 | ================================================================ |
||
| 104 | Some shared libraries (many are part of the JDK) keep references to objects |
||
| 105 | instantiated by the web application. To avoid class loading related problems |
||
| 106 | (ClassCastExceptions, messages indicating that the classloader |
||
| 107 | is stopped, etc.), the shared libraries state should be reinitialized. |
||
| 108 | |||
| 109 | Something which might help is to avoid putting classes which would be |
||
| 110 | referenced by a shared static field in the web application classloader, |
||
| 111 | and putting them in the shared classloader instead (JARs should be put in the |
||
| 112 | "lib" folder, and classes should be put in the "classes" folder). |
||
| 113 | |||
| 114 | |||
| 115 | ====================== |
||
| 116 | Security manager URLs: |
||
| 117 | ====================== |
||
| 118 | In order to grant security permissions to JARs located inside the |
||
| 119 | web application repository, use URLs of the following format |
||
| 120 | in your policy file: |
||
| 121 | |||
| 122 | file:${catalina.base}/webapps/examples/WEB-INF/lib/driver.jar |
||
| 123 | |||
| 124 | |||
| 125 | ============================ |
||
| 126 | Symlinking static resources: |
||
| 127 | ============================ |
||
| 128 | By default, Unix symlinks will not work when used in a web application to link |
||
| 129 | resources located outside the web application root directory. |
||
| 130 | |||
| 131 | This behavior is optional, and the "allowLinking" flag may be used to deactivate |
||
| 132 | the check. |
||
| 133 | |||
| 134 | |||
| 135 | ============================== |
||
| 136 | Viewing the Tomcat Change Log: |
||
| 137 | ============================== |
||
| 138 | The full change log is available from https://tomcat.apache.org and is also |
||
| 139 | included in the documentation web application. |
||
| 140 | |||
| 141 | |||
| 142 | ============================= |
||
| 143 | Cryptographic software notice |
||
| 144 | ============================= |
||
| 145 | This distribution includes cryptographic software. The country in |
||
| 146 | which you currently reside may have restrictions on the import, |
||
| 147 | possession, use, and/or re-export to another country, of |
||
| 148 | encryption software. BEFORE using any encryption software, please |
||
| 149 | check your country's laws, regulations and policies concerning the |
||
| 150 | import, possession, or use, and re-export of encryption software, to |
||
| 151 | see if this is permitted. See <http://www.wassenaar.org/> for more |
||
| 152 | information. |
||
| 153 | |||
| 154 | The U.S. Government Department of Commerce, Bureau of Industry and |
||
| 155 | Security (BIS), has classified this software as Export Commodity |
||
| 156 | Control Number (ECCN) 5D002.C.1, which includes information security |
||
| 157 | software using or performing cryptographic functions with asymmetric |
||
| 158 | algorithms. The form and manner of this Apache Software Foundation |
||
| 159 | distribution makes it eligible for export under the License Exception |
||
| 160 | ENC Technology Software Unrestricted (TSU) exception (see the BIS |
||
| 161 | Export Administration Regulations, Section 740.13) for both object |
||
| 162 | code and source code. |
||
| 163 | |||
| 164 | The following provides more details on the included cryptographic |
||
| 165 | software: |
||
| 166 | - Tomcat includes code designed to work with JSSE |
||
| 167 | - Tomcat includes code designed to work with OpenSSL |
||
| 168 | |||
| 169 | |||
| 170 | ==================== |
||
| 171 | When all else fails: |
||
| 172 | ==================== |
||
| 173 | See the FAQ |
||
| 174 | https://tomcat.apache.org/faq/ |