Java server strutting its stuff in web traffic

The Java language has been reigning as the number one development platform for many years. According to the Stack Overflow Survey results, Java is still the most popular programming language in use today.

This popularity is mainly due to the versatility of Java. It can be used for anything from developing desktop applications to creating powerful web-based systems. In this article, we will take a look at some of the best Java servers currently available on the market.

Jetty

Jetty is a well-known Java server that was created by Eclipse Foundation in 1995. It is an open-source project licensed under the Eclipse Public License. Jetty has a modular architecture and it supports a wide range of protocols, such as HTTP/2, WebSocket, and SPDY.

It also features an event-driven model that makes it ideal for development of dynamic web applications. One of the advantages of using Jetty is its small footprint. The entire Jetty server download is only around 5 MB in size. This makes it an attractive option for deployment in constrained environments such as containers and microservices architectures.

Tomcat

Tomcat is another popular Java server that was first released by Apache Software Foundation in 1999. It is an Apache project licensed under the Apache License Version 2.0. Tomcat has a large user base and it is estimated that around 60% of all web servers are running Tomcat.

Tomcat is known for its stability and performance maturity. It also offers a wide range of features, including support for Servlet 4, JSP 2.3, EL 3.0, and WebSocket 1.1 standards. One downside of Tomcat is that it can be complex to set up and configure properly. However, with a bit of effort, you can get it up and running in no time at all.

WildFly Swarm

WildFly Swarm is a new lightweight Java EE runtime created by Red Hat Inc. It was announced in 2016 and released as beta in 2017. WildFly Swarm can be used to create standalone microservices or packaged as a WAR file for deployment on traditional application servers such as WildFly or Tomcat . Shearly speaking... not bad either...)

Here are some other ones:

## HornetQ

If you're looking for a reliable message broker with high throughputs and low latency, then HornetQ might be just what you need . Developed by JBoss , HornetQ has been gaining quite a following in recent years .

Being Java-based , HornetQ naturally integrates well into any Java environment . And because HornetQ implements JMS 2 . 0 , you'll have all the features you need right out of the box .

Another plus side to using HornetQ? It's completely open source – so you can rest assured there won't be any nasty surprises when upgrading down the road ...

Tomcat powers ahead of Jetty and Undertow

Tomcat has long been the frontrunner in Java servlet containers, but there are now contenders in Jetty and Undertow. How do they compare?

Each of these servlet containers offers unique features, but Tomcat still comes out on top. Let's take a closer look at the pros and cons of each:

Tomcat

• Easy to set up and use
• Well-maintained and supported
• Robust with many features
• Good community support
• Used by many large organizations

Jetty

• Lightweight and fast
• Modular architecture for easy extension
• Good community support
• Used by many small organizations

Undertow

• Lightweight and fast
• Modular architecture for easy extension
• Good community support

Apache Tomcat 9 now Generally Available

The Apache Software Foundation has announed the release of Apache Tomcat 9.0, the second major release of the Tomcat 9 series.

Tomcat 9.0 is a long term support (LTS) release that will be maintained for 3 years. It includes new features and enhancements as well as numerous stability and security improvements.

A few of the key features in Tomcat 9.0 include:

• Support for Java 8 and 9

• HTTP/2 support

• Ability to run multiple versions of Tomcat on the same server

• Automatic reloading of JavaServer Pages (JSPs) and servlets when changes are detected

Tomcat 9.0 is available now for download from the Apache Tomcat website: http://tomcat.apache.org

How to Secure Apache Tomcat Web Applications

Apache Tomcat is a well-known and widely used Java Servlet Container. It is an open source implementation of the Java Servlet and JavaServer Pages technologies.

Tomcat provides a web server environment for Java applications, and enables you to host web applications on your computer. A web application is an application that is accessed over the Internet, through a web browser.

In this article, we will show you how to secure Apache Tomcat web applications with SSL/TLS certificates. We will also show you how to configure Tomcat to use a self-signed SSL/TLS certificate.

Let's get started!

First, you need to install a SSL/TLS certificate on your computer. There are many free and paid SSL/TLS certificates available online. We recommend using a trusted SSL/TLS certificate provider, such as DigiCert or Let's Encrypt.

Once you have installed a SSL/TLS certificate on your computer, you need to generate a keystore file. A keystore file contains the private key and certificate for your computer. You can generate a keystore file with the following command:

keytool -genkeypair -alias tomcat -keyalg RSA -keysize 2048 -validity 10000

This will generate a keystore file named "tomcat.keystore" in the current directory. The keytool command will ask you for several pieces of information, including the name of the keystore file, the alias for the keypair, and the password for the keystore file. Make sure to remember the password for the keystore file!

Next, you need to configure Tomcat to use your SSL/TLS certificate. To do this, create a new file named "server.xml" in the "/conf" directory of your Tomcat installation. The server.xml file contains configuration information for Tomcat servers. Add the following lines to the server.xml file:

<Connector port="8443" protocol="HTTP/1.1" SSLEnabled="true" maxThreads="150" scheme="https" secure="true">  <SSLContext sslContextClassName="org.apache.coyote.tomcat5 .SSLContext">  <OwnerPassword>password</OwnerPassword>  <KeyStore location="/path/to/.keystore"/>  <KeyPass>password</KeyPass> </SSLContext> </Connector>  

In this example, we are configuring Tomcat to use port 8443 and HTTPS protocol with our self-signed SSL/TLS certificate located at "/path/to/.keystore". Make sure to change these values according to your own setup! Save and close the server.xml file when you are finished editing it.

Finally, restart Tomcat and open your web browser to https://localhost:8443/. You should see a secure connection warning in your browser because our self-signed SSL/TLS certificate is not trusted by default. Click on "Accept" to continue connecting to Tomcat securely over HTTPS:

10 Best Practices for Apache Tomcat Security

1. Use the latest version of Tomcat

When it comes to security, using the latest version of Tomcat is always a best practice. The Tomcat team regularly releases new versions with security updates and patches. So, if you're running an older version of Tomcat, make sure to upgrade as soon as possible.

1. Bind Tomcat to a specific IP address

Another best practice is to bind Tomcat to a specific IP address. This will help minimize the chances of someone else exploiting your server. To do this, open up your Tomcat configuration file (usually called conf/server.xml) and add under the section. Then, specify the IP address you want to bind Tomcat to in the section like this: . Finally, restart Tomcat.

1. Disable unneeded features and protocols

As with any other application or service, disabling unneeded features and protocols can help improve security. In Tomcat, you can disable these features by editing the conf/server.xml file. For example, you can disable unused connectors by setting enabled="false" like this: . You can also disable certain protocols by setting their value to "none" like this: . Be sure to replace /path/to/.keystore with the actual path to your keystore file and password with the password you set for it.. Also, note that if you use self-signed certificates, you will also need to add trustCertificateAuthorities=/path/to/.trustcacerts . Finally, restart Tomcat.

1. Restrict access to sensitive files and directories

You can restrict access to sensitive files and directories by adding appropriate permissions on them. For example, you can add readonly permissions for specific users like this: chmod o+r /path/to/sensitive_file . Alternatively, you can use the Apache tomcat-users config file (usually found at /etc/tomcat-users.xml) to specify which users have access to which resources like this:

     </tomcat-users>