SlideShare a Scribd company logo

Hacking Tomcat

Download as PPT, PDF
G
guestc27cd9
Technology
1 of 39
Hacking Tomcat Secrets Revealed
Talk Sponsored By
Actual Sponsor
Who am I – bla bla ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Who are We ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Welcome to Tomcat We are Hiring!!!
What we will cover ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
What We Will Not Cover ,[object Object],[object Object],[object Object],[object Object],[object Object]
History of Tomcat ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Basics ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Basics ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Basics ,[object Object],[object Object],[object Object],[object Object],[object Object]
Basics ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Basics ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Basics Tomcat – The Server Services Engine (Catalina) Context JSPs Servlets Valves AJP Connector 8009 SSL Connector 8443 8080 HTTP Connector Hosts Realm Valves Valves
Basics ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Basics ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Advanced ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Performance Tip ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Connectors ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Connectors <Handler> There are some pretty ugly interdependencies here. While re-factoring would resolve that, time has been spent improving performance. Connector Protocol EndPoint Processor Adapter Engine
Connectors ,[object Object],1. New HTTP Request All java.io/java.nio/apr socket logic is in the EndPoint Processor sets up input/output buffers HTTP Parsing logic is in here Parses request, if request is available Once the request is parsed The CoyoteAdapter (bridge between connector and engine) Passes the request to the servlet engine Connector Protocol EndPoint Processor Adapter Engine
Performance Tip ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Performance Tip ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Advanced ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Performance Tip ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Advanced ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],1. Everything starts with the thread 2. NIO Connector defaults to ThreadPoolExecutor 3. SocketProcessor – Simple Runnable to invoke Handler.process 4. HttpProcessor – parses HTTP request 5. CoyoteAdapter Creates Request Response pair 6. StandardEngineValve First valve in the engine container 7. ErrorReportValve Catches Throwable Reports 400+ errors 8. StandardHostValve Sets context class loader 9. StandardContextValve Invokes (spec) ServletRequestListeners 10. StandardWrapperValve Invokes (spec) FilterChain 11. ApplicationFilterChain Represents Servlet (spec) FilterChain, invokes servlet 12. The Servlet Execution of the servlet
Advanced ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Performance Tip ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Advanced ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Advanced ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Advanced ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Advanced ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Performance Tip ,[object Object],[object Object],[object Object],[object Object],[object Object]
Performance Tip ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Performance Tip ,[object Object],[object Object],[object Object],[object Object]
Conclusion ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Want to join? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Q & A ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Recommended

Introduction to Apache Tomcat 7 Presentation
Introduction to Apache Tomcat 7 PresentationIntroduction to Apache Tomcat 7 Presentation
Introduction to Apache Tomcat 7 PresentationTomcat Expert
 
Tomcat server
Tomcat server Tomcat server
Tomcat serverUtkarsh Agarwal
 
Tomcat Optimisation & Performance Tuning
Tomcat Optimisation & Performance TuningTomcat Optimisation & Performance Tuning
Tomcat Optimisation & Performance Tuninglovingprince58
 
Tomcat next
Tomcat nextTomcat next
Tomcat nextJean-Frederic Clere
 
Tomcat Configuration (1)
Tomcat Configuration (1)Tomcat Configuration (1)
Tomcat Configuration (1)nazeer pasha
 
Apache TomEE - Tomcat with a kick
Apache TomEE - Tomcat with a kickApache TomEE - Tomcat with a kick
Apache TomEE - Tomcat with a kickVishwanath Krishnamurthi
 
Apache Tomcat 8 Application Server
Apache Tomcat 8 Application ServerApache Tomcat 8 Application Server
Apache Tomcat 8 Application Servermohamedmoharam
 
Tomcatx performance-tuning
Tomcatx performance-tuningTomcatx performance-tuning
Tomcatx performance-tuningVladimir Khokhryakov
 

Recommended

Introduction to Apache Tomcat 7 Presentation
Introduction to Apache Tomcat 7 PresentationIntroduction to Apache Tomcat 7 Presentation
Introduction to Apache Tomcat 7 PresentationTomcat Expert
 
Tomcat server
Tomcat server Tomcat server
Tomcat serverUtkarsh Agarwal
 
Tomcat Optimisation & Performance Tuning
Tomcat Optimisation & Performance TuningTomcat Optimisation & Performance Tuning
Tomcat Optimisation & Performance Tuninglovingprince58
 
Tomcat next
Tomcat nextTomcat next
Tomcat nextJean-Frederic Clere
 
Tomcat Configuration (1)
Tomcat Configuration (1)Tomcat Configuration (1)
Tomcat Configuration (1)nazeer pasha
 
Apache TomEE - Tomcat with a kick
Apache TomEE - Tomcat with a kickApache TomEE - Tomcat with a kick
Apache TomEE - Tomcat with a kickVishwanath Krishnamurthi
 
Apache Tomcat 8 Application Server
Apache Tomcat 8 Application ServerApache Tomcat 8 Application Server
Apache Tomcat 8 Application Servermohamedmoharam
 
Tomcatx performance-tuning
Tomcatx performance-tuningTomcatx performance-tuning
Tomcatx performance-tuningVladimir Khokhryakov
 
Tomcat and apache httpd training
Tomcat and apache httpd trainingTomcat and apache httpd training
Tomcat and apache httpd trainingFranck SIMON
 
Tomcat Clustering
Tomcat ClusteringTomcat Clustering
Tomcat Clusteringgouthamrv
 
Auxiliary : Tomcat
Auxiliary : TomcatAuxiliary : Tomcat
Auxiliary : Tomcatwebhostingguy
 
Tomcat
TomcatTomcat
TomcatVenkat Pinagadi
 
25 Apache Performance Tips
25 Apache Performance Tips25 Apache Performance Tips
25 Apache Performance TipsMonitis_Inc
 
Web container and Apache Tomcat
Web container and Apache TomcatWeb container and Apache Tomcat
Web container and Apache TomcatAuwal Amshi
 
Apache tomcat
Apache tomcatApache tomcat
Apache tomcatShashwat Shriparv
 
Tomcat Server
Tomcat ServerTomcat Server
Tomcat ServerAnirban Majumdar
 
Apache Performance Tuning: Scaling Out
Apache Performance Tuning: Scaling OutApache Performance Tuning: Scaling Out
Apache Performance Tuning: Scaling OutSander Temme
 
Apache Tomcat + Java EE = Apache TomEE
Apache Tomcat + Java EE = Apache TomEEApache Tomcat + Java EE = Apache TomEE
Apache Tomcat + Java EE = Apache TomEEJacek Laskowski
 
Apache Tomcat 7 by Filip Hanik
Apache Tomcat 7 by Filip HanikApache Tomcat 7 by Filip Hanik
Apache Tomcat 7 by Filip HanikEdgar Espina
 
Tomcat New Evolution
Tomcat New EvolutionTomcat New Evolution
Tomcat New EvolutionAllan Huang
 
Tomcat configuration
Tomcat configurationTomcat configuration
Tomcat configurationDima Gomaa
 
Introduction of Tomcat
Introduction of TomcatIntroduction of Tomcat
Introduction of TomcatDebashis Nath
 
How to monitor and manage Apache Tomcat
How to monitor and manage Apache TomcatHow to monitor and manage Apache Tomcat
How to monitor and manage Apache TomcatEgnyte
 
Servlets
ServletsServlets
ServletsSharon Cek
 
Java troubleshooting thread dump
Java troubleshooting thread dumpJava troubleshooting thread dump
Java troubleshooting thread dumpejlp12
 
JavaOne 2013 - Apache TomEE, Java EE Web Profile {and more} on Tomcat
JavaOne 2013 - Apache TomEE, Java EE Web Profile {and more} on TomcatJavaOne 2013 - Apache TomEE, Java EE Web Profile {and more} on Tomcat
JavaOne 2013 - Apache TomEE, Java EE Web Profile {and more} on TomcatDavid Blevins
 
RESTful web service with JBoss Fuse
RESTful web service with JBoss FuseRESTful web service with JBoss Fuse
RESTful web service with JBoss Fuseejlp12
 
Java EE 7, what's in it for me?
Java EE 7, what's in it for me?Java EE 7, what's in it for me?
Java EE 7, what's in it for me?Alex Soto
 
Description d'un fichier de prélèvements SEPA minimum
Description d'un fichier de prélèvements SEPA minimumDescription d'un fichier de prélèvements SEPA minimum
Description d'un fichier de prélèvements SEPA minimumFranck SIMON
 
Apache Performance Tuning: Scaling Up
Apache Performance Tuning: Scaling UpApache Performance Tuning: Scaling Up
Apache Performance Tuning: Scaling UpSander Temme
 

More Related Content

What's hot

Tomcat and apache httpd training
Tomcat and apache httpd trainingTomcat and apache httpd training
Tomcat and apache httpd trainingFranck SIMON
 
Tomcat Clustering
Tomcat ClusteringTomcat Clustering
Tomcat Clusteringgouthamrv
 
25 Apache Performance Tips
25 Apache Performance Tips25 Apache Performance Tips
25 Apache Performance TipsMonitis_Inc
 
Web container and Apache Tomcat
Web container and Apache TomcatWeb container and Apache Tomcat
Web container and Apache TomcatAuwal Amshi
 
Apache Performance Tuning: Scaling Out
Apache Performance Tuning: Scaling OutApache Performance Tuning: Scaling Out
Apache Performance Tuning: Scaling OutSander Temme
 
Apache Tomcat + Java EE = Apache TomEE
Apache Tomcat + Java EE = Apache TomEEApache Tomcat + Java EE = Apache TomEE
Apache Tomcat + Java EE = Apache TomEEJacek Laskowski
 
Apache Tomcat 7 by Filip Hanik
Apache Tomcat 7 by Filip HanikApache Tomcat 7 by Filip Hanik
Apache Tomcat 7 by Filip HanikEdgar Espina
 
Tomcat New Evolution
Tomcat New EvolutionTomcat New Evolution
Tomcat New EvolutionAllan Huang
 
Tomcat configuration
Tomcat configurationTomcat configuration
Tomcat configurationDima Gomaa
 
Introduction of Tomcat
Introduction of TomcatIntroduction of Tomcat
Introduction of TomcatDebashis Nath
 
How to monitor and manage Apache Tomcat
How to monitor and manage Apache TomcatHow to monitor and manage Apache Tomcat
How to monitor and manage Apache TomcatEgnyte
 
Java troubleshooting thread dump
Java troubleshooting thread dumpJava troubleshooting thread dump
Java troubleshooting thread dumpejlp12
 
JavaOne 2013 - Apache TomEE, Java EE Web Profile {and more} on Tomcat
JavaOne 2013 - Apache TomEE, Java EE Web Profile {and more} on TomcatJavaOne 2013 - Apache TomEE, Java EE Web Profile {and more} on Tomcat
JavaOne 2013 - Apache TomEE, Java EE Web Profile {and more} on TomcatDavid Blevins
 
RESTful web service with JBoss Fuse
RESTful web service with JBoss FuseRESTful web service with JBoss Fuse
RESTful web service with JBoss Fuseejlp12
 
Java EE 7, what's in it for me?
Java EE 7, what's in it for me?Java EE 7, what's in it for me?
Java EE 7, what's in it for me?Alex Soto
 

What's hot (20)

Tomcat and apache httpd training
Tomcat and apache httpd trainingTomcat and apache httpd training
Tomcat and apache httpd training
 
Tomcat Clustering
Tomcat ClusteringTomcat Clustering
Tomcat Clustering
 
Auxiliary : Tomcat
Auxiliary : TomcatAuxiliary : Tomcat
Auxiliary : Tomcat
 
Tomcat
TomcatTomcat
Tomcat
 
25 Apache Performance Tips
25 Apache Performance Tips25 Apache Performance Tips
25 Apache Performance Tips
 
Web container and Apache Tomcat
Web container and Apache TomcatWeb container and Apache Tomcat
Web container and Apache Tomcat
 
Apache tomcat
Apache tomcatApache tomcat
Apache tomcat
 
Tomcat Server
Tomcat ServerTomcat Server
Tomcat Server
 
Apache Performance Tuning: Scaling Out
Apache Performance Tuning: Scaling OutApache Performance Tuning: Scaling Out
Apache Performance Tuning: Scaling Out
 
Apache Tomcat + Java EE = Apache TomEE
Apache Tomcat + Java EE = Apache TomEEApache Tomcat + Java EE = Apache TomEE
Apache Tomcat + Java EE = Apache TomEE
 
Apache Tomcat 7 by Filip Hanik
Apache Tomcat 7 by Filip HanikApache Tomcat 7 by Filip Hanik
Apache Tomcat 7 by Filip Hanik
 
Tomcat New Evolution
Tomcat New EvolutionTomcat New Evolution
Tomcat New Evolution
 
Tomcat configuration
Tomcat configurationTomcat configuration
Tomcat configuration
 
Introduction of Tomcat
Introduction of TomcatIntroduction of Tomcat
Introduction of Tomcat
 
How to monitor and manage Apache Tomcat
How to monitor and manage Apache TomcatHow to monitor and manage Apache Tomcat
How to monitor and manage Apache Tomcat
 
Servlets
ServletsServlets
Servlets
 
Java troubleshooting thread dump
Java troubleshooting thread dumpJava troubleshooting thread dump
Java troubleshooting thread dump
 
JavaOne 2013 - Apache TomEE, Java EE Web Profile {and more} on Tomcat
JavaOne 2013 - Apache TomEE, Java EE Web Profile {and more} on TomcatJavaOne 2013 - Apache TomEE, Java EE Web Profile {and more} on Tomcat
JavaOne 2013 - Apache TomEE, Java EE Web Profile {and more} on Tomcat
 
RESTful web service with JBoss Fuse
RESTful web service with JBoss FuseRESTful web service with JBoss Fuse
RESTful web service with JBoss Fuse
 
Java EE 7, what's in it for me?
Java EE 7, what's in it for me?Java EE 7, what's in it for me?
Java EE 7, what's in it for me?
 

Viewers also liked

Description d'un fichier de prélèvements SEPA minimum
Description d'un fichier de prélèvements SEPA minimumDescription d'un fichier de prélèvements SEPA minimum
Description d'un fichier de prélèvements SEPA minimumFranck SIMON
 
Apache Performance Tuning: Scaling Up
Apache Performance Tuning: Scaling UpApache Performance Tuning: Scaling Up
Apache Performance Tuning: Scaling UpSander Temme
 
Gwt jetty et sources de données
Gwt jetty et sources de donnéesGwt jetty et sources de données
Gwt jetty et sources de donnéesFranck SIMON
 
JavaFX 2.0 - リッチクライアントのためのUI基盤
JavaFX 2.0 - リッチクライアントのためのUI基盤JavaFX 2.0 - リッチクライアントのためのUI基盤
JavaFX 2.0 - リッチクライアントのためのUI基盤Yuichi Sakuraba
 
Les ateliers android_1_vers2015
Les ateliers android_1_vers2015Les ateliers android_1_vers2015
Les ateliers android_1_vers2015Saber LAJILI
 
Autumn collection JavaOne 2014
Autumn collection JavaOne 2014Autumn collection JavaOne 2014
Autumn collection JavaOne 2014José Paumard
 
INTRODUCTION TO IIS
INTRODUCTION TO IISINTRODUCTION TO IIS
INTRODUCTION TO IISsanya6900
 
50 new things you can do with java 8
50 new things you can do with java 850 new things you can do with java 8
50 new things you can do with java 8José Paumard
 
Java 8-streams-collectors-patterns
Java 8-streams-collectors-patternsJava 8-streams-collectors-patterns
Java 8-streams-collectors-patternsJosé Paumard
 
Cycle de vie d'activité Android et les composant d'Android
Cycle de vie d'activité Android et les composant d'AndroidCycle de vie d'activité Android et les composant d'Android
Cycle de vie d'activité Android et les composant d'AndroidHoussem Lahiani
 
Internet Information Server (IIS)
Internet Information Server (IIS)Internet Information Server (IIS)
Internet Information Server (IIS)Rosariio92
 
50 nouvelles choses que l'on peut faire avec Java 8
50 nouvelles choses que l'on peut faire avec Java 850 nouvelles choses que l'on peut faire avec Java 8
50 nouvelles choses que l'on peut faire avec Java 8José Paumard
 
In01 - Programmation Android - 01 - introduction
In01 - Programmation Android - 01 - introductionIn01 - Programmation Android - 01 - introduction
In01 - Programmation Android - 01 - introductionYann Caron
 
API Asynchrones en Java 8
API Asynchrones en Java 8API Asynchrones en Java 8
API Asynchrones en Java 8José Paumard
 

Viewers also liked (19)

Description d'un fichier de prélèvements SEPA minimum
Description d'un fichier de prélèvements SEPA minimumDescription d'un fichier de prélèvements SEPA minimum
Description d'un fichier de prélèvements SEPA minimum
 
Apache Performance Tuning: Scaling Up
Apache Performance Tuning: Scaling UpApache Performance Tuning: Scaling Up
Apache Performance Tuning: Scaling Up
 
Gwt jetty et sources de données
Gwt jetty et sources de donnéesGwt jetty et sources de données
Gwt jetty et sources de données
 
JavaFX 2.0 - リッチクライアントのためのUI基盤
JavaFX 2.0 - リッチクライアントのためのUI基盤JavaFX 2.0 - リッチクライアントのためのUI基盤
JavaFX 2.0 - リッチクライアントのためのUI基盤
 
Les ateliers android_1_vers2015
Les ateliers android_1_vers2015Les ateliers android_1_vers2015
Les ateliers android_1_vers2015
 
Introduction aux-sockets
Introduction aux-socketsIntroduction aux-sockets
Introduction aux-sockets
 
Formation1 sockets
Formation1 socketsFormation1 sockets
Formation1 sockets
 
Autumn collection JavaOne 2014
Autumn collection JavaOne 2014Autumn collection JavaOne 2014
Autumn collection JavaOne 2014
 
INTRODUCTION TO IIS
INTRODUCTION TO IISINTRODUCTION TO IIS
INTRODUCTION TO IIS
 
Le Réseau et Java
Le Réseau et JavaLe Réseau et Java
Le Réseau et Java
 
50 new things you can do with java 8
50 new things you can do with java 850 new things you can do with java 8
50 new things you can do with java 8
 
Java 8-streams-collectors-patterns
Java 8-streams-collectors-patternsJava 8-streams-collectors-patterns
Java 8-streams-collectors-patterns
 
Cycle de vie d'activité Android et les composant d'Android
Cycle de vie d'activité Android et les composant d'AndroidCycle de vie d'activité Android et les composant d'Android
Cycle de vie d'activité Android et les composant d'Android
 
Internet Information Server (IIS)
Internet Information Server (IIS)Internet Information Server (IIS)
Internet Information Server (IIS)
 
Understanding IIS
Understanding IISUnderstanding IIS
Understanding IIS
 
50 nouvelles choses que l'on peut faire avec Java 8
50 nouvelles choses que l'on peut faire avec Java 850 nouvelles choses que l'on peut faire avec Java 8
50 nouvelles choses que l'on peut faire avec Java 8
 
In01 - Programmation Android - 01 - introduction
In01 - Programmation Android - 01 - introductionIn01 - Programmation Android - 01 - introduction
In01 - Programmation Android - 01 - introduction
 
APACHE TOMCAT
APACHE TOMCATAPACHE TOMCAT
APACHE TOMCAT
 
API Asynchrones en Java 8
API Asynchrones en Java 8API Asynchrones en Java 8
API Asynchrones en Java 8
 

Similar to Hacking Tomcat

Java Servlets
Java ServletsJava Servlets
Java ServletsNitin Pai
 
Web Applications and Deployment
Web Applications and DeploymentWeb Applications and Deployment
Web Applications and DeploymentBG Java EE Course
 
GTLAB Overview
GTLAB OverviewGTLAB Overview
GTLAB Overviewmarpierc
 
B2 2006 tomcat_clusters
B2 2006 tomcat_clustersB2 2006 tomcat_clusters
B2 2006 tomcat_clustersSteve Feldman
 
Play Framework: async I/O with Java and Scala
Play Framework: async I/O with Java and ScalaPlay Framework: async I/O with Java and Scala
Play Framework: async I/O with Java and ScalaYevgeniy Brikman
 
Servlets Java Slides & Presentation
Servlets Java Slides & Presentation Servlets Java Slides & Presentation
Servlets Java Slides & Presentation Anas Sa
 
Web Application Deployment
Web Application DeploymentWeb Application Deployment
Web Application Deploymentelliando dias
 
Bt0083 server side programing 2
Bt0083 server side programing 2Bt0083 server side programing 2
Bt0083 server side programing 2Techglyphs
 
Web Server/App Server Connectivity
Web Server/App Server ConnectivityWeb Server/App Server Connectivity
Web Server/App Server Connectivitywebhostingguy
 
Play framework : A Walkthrough
Play framework : A WalkthroughPlay framework : A Walkthrough
Play framework : A Walkthroughmitesh_sharma
 
1 java servlets and jsp
1 java servlets and jsp1 java servlets and jsp
1 java servlets and jspAnkit Minocha
 
Server-side Technologies in Java
Server-side Technologies in JavaServer-side Technologies in Java
Server-side Technologies in JavaAnirban Majumdar
 
Ta Javaserverside Eran Toch
Ta Javaserverside Eran TochTa Javaserverside Eran Toch
Ta Javaserverside Eran TochAdil Jafri
 
Container orchestration from theory to practice
Container orchestration from theory to practiceContainer orchestration from theory to practice
Container orchestration from theory to practiceDocker, Inc.
 

Similar to Hacking Tomcat (20)

Jsp and jstl
Jsp and jstlJsp and jstl
Jsp and jstl
 
Tomcat 6: Evolving our server
Tomcat 6: Evolving our serverTomcat 6: Evolving our server
Tomcat 6: Evolving our server
 
Java Servlets
Java ServletsJava Servlets
Java Servlets
 
Web Applications and Deployment
Web Applications and DeploymentWeb Applications and Deployment
Web Applications and Deployment
 
GTLAB Overview
GTLAB OverviewGTLAB Overview
GTLAB Overview
 
Java Servlets & JSP
Java Servlets & JSPJava Servlets & JSP
Java Servlets & JSP
 
B2 2006 tomcat_clusters
B2 2006 tomcat_clustersB2 2006 tomcat_clusters
B2 2006 tomcat_clusters
 
Play Framework: async I/O with Java and Scala
Play Framework: async I/O with Java and ScalaPlay Framework: async I/O with Java and Scala
Play Framework: async I/O with Java and Scala
 
Servlets Java Slides & Presentation
Servlets Java Slides & Presentation Servlets Java Slides & Presentation
Servlets Java Slides & Presentation
 
19servlets
19servlets19servlets
19servlets
 
Sun Web Server Brief
Sun Web Server BriefSun Web Server Brief
Sun Web Server Brief
 
Web Application Deployment
Web Application DeploymentWeb Application Deployment
Web Application Deployment
 
Bt0083 server side programing 2
Bt0083 server side programing 2Bt0083 server side programing 2
Bt0083 server side programing 2
 
Web Server/App Server Connectivity
Web Server/App Server ConnectivityWeb Server/App Server Connectivity
Web Server/App Server Connectivity
 
Play framework : A Walkthrough
Play framework : A WalkthroughPlay framework : A Walkthrough
Play framework : A Walkthrough
 
Panama.pdf
Panama.pdfPanama.pdf
Panama.pdf
 
1 java servlets and jsp
1 java servlets and jsp1 java servlets and jsp
1 java servlets and jsp
 
Server-side Technologies in Java
Server-side Technologies in JavaServer-side Technologies in Java
Server-side Technologies in Java
 
Ta Javaserverside Eran Toch
Ta Javaserverside Eran TochTa Javaserverside Eran Toch
Ta Javaserverside Eran Toch
 
Container orchestration from theory to practice
Container orchestration from theory to practiceContainer orchestration from theory to practice
Container orchestration from theory to practice
 

More from guestc27cd9

Improving Web App Sec Microsoft
Improving Web App Sec MicrosoftImproving Web App Sec Microsoft
Improving Web App Sec Microsoftguestc27cd9
 
Iis Security Programming Countermeasures
Iis Security Programming CountermeasuresIis Security Programming Countermeasures
Iis Security Programming Countermeasuresguestc27cd9
 
Financial Website Security
Financial Website SecurityFinancial Website Security
Financial Website Securityguestc27cd9
 
Future Inet Worms
Future Inet WormsFuture Inet Worms
Future Inet Wormsguestc27cd9
 
Guide2 Web App Sec
Guide2 Web App SecGuide2 Web App Sec
Guide2 Web App Secguestc27cd9
 
Http Request Smuggling
Http Request SmugglingHttp Request Smuggling
Http Request Smugglingguestc27cd9
 
Http Response Splitting
Http Response SplittingHttp Response Splitting
Http Response Splittingguestc27cd9
 
I Http Module Leveraging
I Http Module LeveragingI Http Module Leveraging
I Http Module Leveragingguestc27cd9
 
Exploiting And Defending Web Applications
Exploiting And Defending Web ApplicationsExploiting And Defending Web Applications
Exploiting And Defending Web Applicationsguestc27cd9
 

More from guestc27cd9 (11)

Improving Web App Sec Microsoft
Improving Web App Sec MicrosoftImproving Web App Sec Microsoft
Improving Web App Sec Microsoft
 
Iis Security Programming Countermeasures
Iis Security Programming CountermeasuresIis Security Programming Countermeasures
Iis Security Programming Countermeasures
 
Financial Website Security
Financial Website SecurityFinancial Website Security
Financial Website Security
 
Form Tampering
Form TamperingForm Tampering
Form Tampering
 
Future Inet Worms
Future Inet WormsFuture Inet Worms
Future Inet Worms
 
Guide2 Web App Sec
Guide2 Web App SecGuide2 Web App Sec
Guide2 Web App Sec
 
Http Request Smuggling
Http Request SmugglingHttp Request Smuggling
Http Request Smuggling
 
Http Response Splitting
Http Response SplittingHttp Response Splitting
Http Response Splitting
 
I Http Module Leveraging
I Http Module LeveragingI Http Module Leveraging
I Http Module Leveraging
 
Exploiting And Defending Web Applications
Exploiting And Defending Web ApplicationsExploiting And Defending Web Applications
Exploiting And Defending Web Applications
 
Evolution Xss
Evolution XssEvolution Xss
Evolution Xss
 

Recently uploaded

The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfSeasiaInfotech2
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embeddingZilliz
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 

Recently uploaded (20)

The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdf
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embedding
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 

Hacking Tomcat

  • 3. Actual Sponsor
  • 4.
  • 5.
  • 6. Welcome to Tomcat We are Hiring!!!
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
  • 14.
  • 15. Basics Tomcat – The Server Services Engine (Catalina) Context JSPs Servlets Valves AJP Connector 8009 SSL Connector 8443 8080 HTTP Connector Hosts Realm Valves Valves
  • 16.
  • 17.
  • 18.
  • 19.
  • 20.
  • 21. Connectors <Handler> There are some pretty ugly interdependencies here. While re-factoring would resolve that, time has been spent improving performance. Connector Protocol EndPoint Processor Adapter Engine
  • 22.
  • 23.
  • 24.
  • 25.
  • 26.
  • 27.
  • 28.
  • 29.
  • 30.
  • 31.
  • 32.
  • 33.
  • 34.
  • 35.
  • 36.
  • 37.
  • 38.
  • 39.