Apache Tomcat^®

Announcements from previous years can be found here:

• year 2020
• year 2019
• year 2018
• year 2017
• year 2016
• year 2015
• year 2014
• year 2013
• year 2012
• year 2011
• year 2010

The Apache Tomcat Project is proud to announce the release of version 10.0.0-M1 of Apache Tomcat. This release is a milestone release and is targeted at Jakarta EE 9.

Users of Tomcat 10 onwards should be aware that, as a result of the move from Java EE to Jakarta EE as part of the transfer of Java EE to the Eclipse Foundation, the primary package for all implemented APIs has changed from javax.* to jakarta.*. This will almost certainly require code changes to enable applications to migrate from Tomcat 9 and earlier to Tomcat 10 and later. A migration tool is under development to aid this process.

The notable changes in this release are:

• Update to Jakarta Servlet 5.0, Jakarta Server Pages 3.0. Jakarta Expression Language 4.0, Jakarta WebSocket 2.0, Jakarta Authentication 2.0 and Jakarta Annotations 2.0 specifications.
• Use <request-character-encoding> and <response-character-encoding> in conf/web.xml to set the default request and response character encodings to UTF-8.
• Remove duplication of HTTP/1.1 configuration on the HTTP/2 UpgradeProtocol element. Configuration from the main Connector element will now be used.

Full details of these changes, and all the other changes, are available in the Tomcat 10 (alpha) changelog.

Download

The Apache Tomcat Project is proud to announce the release of version 7.0.100 of Apache Tomcat. This release contains a number of bug fixes and improvements compared to version 7.0.99.

• AJP defaults changed to listen the loopback address, require a secret and to be disabled in the sample server.xml file. If you are using the AJP protocol, please refer to the Migration Guide and update your configuration.
• The JmxRemoteLifecycleListener is now deprecated
• The HTTP Connector attribute rejectIllegalHeaderName is renamed to rejectIllegalHeader and expanded to include header values as well as names

Full details of these changes, and all the other changes, are available in the Tomcat 7 changelog.

Note: End of life date for Apache Tomcat 7.0.x is announced. Read more...

Download

The Apache Tomcat Project is proud to announce the release of version 9.0.31 of Apache Tomcat. The notable changes compared to 9.0.30 include:

• AJP defaults changed to listen the loopback address, require a secret and to be disabled in the sample server.xml file. If you are using the AJP protocol, please refer to the Migration Guide and update your configuration.
• The JmxRemoteLifecycleListener is now deprecated
• The HTTP Connector attribute rejectIllegalHeaderName is renamed to rejectIllegalHeader and expanded to include header values as well as names

Full details of these changes, and all the other changes, are available in the Tomcat 9 changelog.

Download

The Apache Tomcat Project is proud to announce the release of version 8.5.51 of Apache Tomcat. Apache Tomcat 8.5.x replaces 8.0.x and includes new features pulled forward from Tomcat 9.0.x. The minimum Java version and implemented specification versions remain unchanged. The notable changes compared to 8.5.50 include:

• AJP defaults changed to listen the loopback address, require a secret and to be disabled in the sample server.xml file. If you are using the AJP protocol, please refer to the Migration Guide and update your configuration.
• The JmxRemoteLifecycleListener is now deprecated
• The HTTP Connector attribute rejectIllegalHeaderName is renamed to rejectIllegalHeader and expanded to include header values as well as names

Full details of these changes, and all the other changes, are available in the Tomcat 8.5 changelog.

Download