HOME SCALA & F# JAVA .NET WEB GROOVY & GRAILS ANDROID & IOS NOSQL ARCHITECTURE AGILE & SCRUM AGILE DEVELOPER  
Spring in Finance eXchange 2008: Mark Thomas on Tomcat: Maximizing Performance & Security
Tomcat: Maximizing Performance & Security
Mark Thomas discusses how to maximize performance and security in Tomcat.

Review:
Mark Thomas, a senior software engineer from SpringSource and the leading contributor to Tomcat security, talks about how security vulnerabilities are handled by the Tomcat team and how end users are served while preventing security problems.

Mark discusses how using an open source project has the following disadvantage: as soon as a new version is published, the new version can be reverse engineered and vulnerabilities can be discovered. Therefore, commits are not announced as security vulnerabilities. Once a release is available for download vulnerabilities are announced.

Mark gives some examples of previous security issues and explains them briefly. Some of the vulnerabilities do not apply for all versions of a release. Upgrading or patching can be appropriate solutions in most cases. Mark demonstrates how these are done by changing the Tomcat configuration. Clustering can be another option and he explains how can this be achieved towards the end of the talk.
Review by Eren Aykin


ABOUT MARK THOMAS
Mark Thomas is a Senior Software Engineer with SpringSource, has a MEng in Electronic and Electrical Engineering from the University of Birmingham, UK and is a Senior Software Engineer and Consultant with the Covalent Products Division of SpringSo
More about Mark Thomas
PODCAST TOMCAT: MAXIMIZING PERFORMANCE

This session took part at the Spring in Finance eXchange 2008. You can view the other 8 podcasts here.
SPONSORS
SpringSource
Skills Matter Ltd

Cake Solutions
CLOUD PODCASTS
Adrian Withy:Milliman, Milliman
Adrian Withy : 23rd Apr 2012
View Podcast: Milliman,
Brendan Sterne:Bazaarvoice, Bazaarvoice
Brendan Sterne : 23rd Apr 2012
View Podcast: Bazaarvoice,
Peter Ledbrook:A cloud for developers: Cloud Foundry, A cloud for developers: Cloud Foundry
Peter Ledbrook : 8th Dec 2011
View Podcast: A cloud for developers: Cloud Foundry,
Chris O Davies:Introduction to User Group and Heroku, Heroku platform
Chris O Davies : 5th Dec 2011
View Podcast: Introduction to User Group and Heroku,
Nicola Tassini:Deploying Java Apps to Heroku, Deploying Java Apps to Heroku
Nicola Tassini : 5th Dec 2011
View Podcast: Deploying Java Apps to Heroku,
John Beynon:The Why, What and How of Heroku, The Why, What and How of Heroku
John Beynon : 5th Dec 2011
View Podcast: The Why, What and How of Heroku,
Dave Gardner:Real Life Cassandra, Cassandra
Dave Gardner : 2nd Nov 2011
View Podcast: Real Life Cassandra,
 :Amjad Khan on Force.com ERD using SchemaSpy, SchemaSpy
: 20th Oct 2011
View Podcast: Amjad Khan on Force.com ERD using SchemaSpy,
 :Simon Goodyear on Making better use of interfaces on the Force.com platform, Interfaces on the Force.com platform
: 20th Oct 2011
View Podcast: Simon Goodyear on Making better use of interfaces on the Force.com platform,
 :Testing on the Force.com Platform, Testing on Force.com
: 20th Oct 2011
View Podcast: Testing on the Force.com Platform,
 :Effective B2C management, B2C management
: 20th Oct 2011
View Podcast: Effective B2C management,
Bruce Durling:Turning Your Org into a Fully Operational Battle Station using ruby and selenium, Fully Operational Battle Station
Bruce Durling : 20th Oct 2011
View Podcast: Turning Your Org into a Fully Operational Battle Station using ruby and selenium,
Simon Waterer:Introduction to Platform MapReduce, Introduction to Platform MapReduce
Simon Waterer : 12th Oct 2011
View Podcast: Introduction to Platform MapReduce,
Nick Telford:Cassandra vs HBase, Cassandra vs HBase
Nick Telford : 5th Sep 2011
View Podcast: Cassandra vs HBase,
Richard Low:Cassandra failure modes, Failure modes
Richard Low : 5th Sep 2011
View Podcast: Cassandra failure modes,
OTHER CLOUD EVENTS
Cloud East 2012, Cloud East 2012
CONFERENCE (1 DAY)
Cambridge, Thursday, June 28th BOOK NOW!
Robert Schneider:Robert Schneider's Mission Critical Service Testing Using soapUI Pro,  Robert Schneider's Service Testing w soapUI Pro
2 DAY COURSE. Featuring Robert Schneider
London, Monday, July 16th
Robert Schneider:Robert Schneider's Mission Critical Service Testing Using soapUI Pro,  Robert Schneider's Service Testing w soapUI Pro
2 DAY COURSE. Featuring Robert Schneider
London, Thursday, September 13th
© Copyright 2003-2011, Skills Matter Ltd
  Web development by You In Control
About Us  Jobs  Find Us  Meeting & Training Rooms  Newsletter  Jobs: Sales Executive  Jobs: Student SkillsCaster  jobs - junior event coordinator  Speed Coding 2011  Open Source Journal  Ticket Raffle  Agile Expert Series  Jobs: Sponsorship Development  jobs: Marketing & Sales Graduate Internship