Tomcat is an open source servlet engine and a J2EE container. It's a lightweight solution for development purposes. A developer needs a server where applications can be deployed and server can be started in a short amount of time and this process can be repeated many times during the development process. Tomcat is very helpful for a developer and it is compliant with almost all the security standard features required for system administrators.
Tomcat is a commonly used servlet engine. It can be used as a stand-alone web server or embedded into another server, like JBoss or Apache. System and network administrators will find it comfortable with the installation, configuration, and maintenance. It has very valuable features such as SSL support, authentication schemes and Apache integration among others.
After tested and used in Microsoft Windows and Linux, I found that it lacks for several features requiring you to install additional packages.
There are some problems reported related to JSF 1.2 support, clustering support is partial and is not fully Java EE compliant. Despite all of this, it doesn't require much memory and runs fast even on smaller servers.
v7.0 [Jul 1, 2010]
add 41718: Include a response body when sending a redirect. (markt)
add 51640: Improve the memory leak prevention for leaks triggered by java.sql.DriverManager. (markt)
fix 51644: Fix annotation scanning for contexts with a multi-level context path such as /a/b. (markt)
fix Unregisters MBean of DataSource when web application stops. (kfujino)
fix 51650: Code clean-up. Patch provided by Felix Schumacher. (markt)
fix 51653: Move application level error page handling from the Host to the Context. This ensures that application error page handling is completed before the requestDestroyed event of any ServletRequestListener is fired. (markt)
fix 51654: Improve handling of invalid appBase settings for Host elements. (markt)
fix 51658: Fix possible NPE when logging a failed request. Based on a suggestion by Felix Schumacher. (markt)
fix 51688: JreMemoryLeakPreventionListener now protects against AWT thread creation. (schultz)
fix 51712: Ensure cache control headers are sent when appropriate even if the request is secure. Patch provided by Michael Zampani. (markt)
fix 51713: Improve message that is logged if there is an error in the value of protocol in a Connector. (kkolinko)
fix 51739: When using a landing page with FORM authentication ensure that the request has a valid HTTP method. (markt)
fix 51641: Use correct key when removing processor instances from the connections map during clean-up. Patch provided by zhh. (mark)
fix More changes to align the code between the different HTTP connectors. (markt)
fix Ensure AjpMessage headers are correct for the direction of the message. (markt)
code Code clean-up and re-factoring to reduce duplicate code in the AJP processor implementations. (markt)
add Detect incomplete AJP messages and reject the associated request if one is found. (markt)
fix 51698: Fix CVE-2011-3190. Prevent AJP message injection. (markt)
fix 41673: Use platform line-endings when reporting compilation errors. (markt)
add 51736: Make rpcTimeout configurable in BackupManager. (kfujino)
fix 51649: Update the documentation web application to include the ThreadLocal leak prevention listener. (markt)
add 51583 (r1157874, r1162102): Fix shutdown delay in jdbc-pool. (fhanik/kkolinko)
fix 51558: Don't force the use of StandardManager when using any of the Tomcat#addWebapp() methods. (markt)
fix 51704: Make use of File#mkdirs() more robust. (markt)
Mall Creeps
