Security researcher Alexander Klink and Julian Wälde revealed a serious vulnerability that until recently affected the vast majority of web server. The attack only requires a single HTTP request that is specially designed to create hash code collisions in POST form data. When first discovered this attack affected Python, Ruby, PHP, Java, and ASP.NET, but vendors have been working on patches.
MechSoft releases Siwpas, a lightweight application server based on Apache Tomcat that focuses exclusively on Web applications.
When Oracle released its GlassFish roadmap, a notable absence was the GlassFish gem. This gem-based server for Rails, Merb, and Sinatra applications has become a common deployment option for the JRuby platform and has been widely recommended to the JRuby community. The gem allows Rails users running in multithreaded mode to take advantage of the JVM by running multiple threads per server instance.
MuleSoft's cloud service offering of Apache Tomcat container, called CloudCat, provides a virtual image that allows developers and QA teams to build and test web applications in the cloud environment. MuleSoft recently announced CloudCat product availability and a partnership with cloud infrastructure hosting provider GoGrid.
Tcat Server, an Apache Tomcat-based application server created by MuleSoft (formerly MuleSource), was released today. InfoQ took the opportunity to talk with Mahau Ma, Greg Schott and Ross Mason of MuleSoft to learn more about Tcat Server and another new integration framework called iBeans.
Google App Engine was initially using Apache Tomcat as their webserver/servlet container but eventually switched to Jetty.
Apache Tribes, a Tomcat 6 module, supports group communication in the server cluster. Filip Hanik talked about the challenges in heterogeneous clusters and how Tribes helps with group communication requirements of Tomcat clusters. He did a presentation at SpringOne Americas conference about Tribes messaging framework.
According to a recent study conducted by BZ Research, Tomcat is used by almost two thirds of corporate Java developers. With its support for clustering & server monitoring, Tomcat has gained more popularity compared to other application servers. IBM WebSphere and RedHat JBoss came second and third in the research study.
Mainsoft has released a preview of Grasshopper 2.0 that is compatible with Visual Studio 2005. Grasshopper allows Visual Studio developers to cross-compile IL into Java bytecode. Developers can then run their applications on a J2EE/Tomcat stack.
JVM clustering vendor Terracotta has released for free use their Terracotta Sessions for Tomcat. The product is based on their distributed shared objects (DSO) product which uses a hub and spoke architecture and can synchronize changes across nodes at the field level (instead of serialization). The license allows projects with up to 4 nodes in their cluster to use it for free.