Overview
- Apache Tomcat Web Server
- Tomcat Web Server In Web Technology Pdf
- Tomcat Web Server In Web Technology Solutions
The Tomcat server is the most widely used open source implementation of the Java Servlet, JavaServer Pages, Java Expression Language, and Java WebSocket technologies. Apache Tomcat software powers numerous large-scale, mission-critical web applications across a diverse range of industries and organizations. Tomcat is a web server and not application server. This is because of the fact that Tomcat doesn’t provide services to install/manage EJB and JMS based applications. Explain What Is Tomcat Coyote?
In Web NMS, two packages Apache and Tomcat were used to run the server functionality. Apache as web server and Tomcat as servlet engine. As Apache was increasingly prone to security attacks, it was decided to remove Apache which served as web server. Tomcat version 5.5.20, which is bundled with Web NMS, was selected to play the dual role as web server and servlet engine. And therefore, Apache package is removed from Web NMS.
Apache Tomcat is open source web server software for Java programming that is developed and maintains by the Apache software foundation. The initial idea of Apache tomcat software was to host and deploy the Java servlet that is the server-side Java code that manages HTTP results from client application build using Java. Tomcat server automates the web application and its web component execution i.e. It listens to client requests continuously 24.7. It takes the request, passes them to appropriate web components, executes them dynamically, gathers the result from them, and sends the results as responses to the browser.
Reasons for Removing the Apache Package
Apache is becoming a serious security concern.
Feature-wise, Tomcat has all the features in Apache (Refer the detailed table below for the comparison chart).
More applications, like one for web server (Apache) and one for servlet engine (Tomcat) increases the vulnerability of Web NMS. Less applications, lesser vulnerabilities, makes Web NMS more secure.
There is reduction in size of Web NMS product (~ 13 MB). Download of Web NMS becomes faster and installation becomes easier.
In future, the overhead of Apache migration is avoided.
List of Security Issues in Apache Server
In Web NMS, two packages Apache and Tomcat were used to run the server functionality. Apache as web server and Tomcat as servlet engine. As Apache was increasingly prone to security attacks, it was decided to remove Apache which served as web server. Tomcat version 5.5.20, which is bundled with Web NMS, was selected to play the dual role as web.
When web root of Apache is configured as the working directory of the product, then database and conf directories are vulnerable to hacks.
Apache allows directory browsing in the web applications.
We have to keep the web server features, which we are not using, turned off.
Advantages of Tomcat Server
Tomcat can be used as web server in addition to servlet engine.
Tomcat also supports SSL, much similar to the way in which SSL is implemented in Web NMS. So there is no extra concern to customers using SSL.
Tomcat is also a Java application, hence running as Web NMS web server in SSL mode is much simpler.
Tomcat also has the re-direction to SSL when enabled.
Comparing the Features of Apache and Tomcat Servers with Respect to Web NMS
Feature | Apache | Tomcat |
Act as a web server rendering static pages | Yes | Yes |
Securing by SSL | Yes | Yes |
Running server in a virtual IP or in a particular IP in dual NIC environment | Yes | Yes |
Access control over directories and files in server root (whether to be accessible through HTTP) | Yes | Yes |
Executing servlets | No | Yes |
Executing other dynamic pages (.jsp, .js, etc.,) | No | Yes |
Library dependency at runtime | Yes | No |
Compare the performance of Web NMS with and without Apache server
Apache Tomcat Web Server
Web NMS has fewer simultaneous users which can be handled by Tomcat. Apache is required only if Web NMS has too many simultaneous users (in 1000s).
As of now, Tomcat does not have any library dependency. Hence, the WebNMS server start up is free from library incompatibility issues.
When Apache was used, it redirected certain type of requests to Tomcat and handled rest of the requests by itself. With Tomcat alone, all requests are directly handled by Tomcat.
Tomcat Web Server In Web Technology Pdf
Copyright © 2013, ZOHO Corp. All Rights Reserved.
Tomcat Web Server In Web Technology Solutions