- First implemented in Tomcat 9 and back-ported to 8.5, Tomcat now supports Server Name Indication (SNI). This allows multiple SSL configurations to be associated with a single secure connector with the configuration used for any given connection determined by the host name requested by the client.
- I’ve tested with Apache Tomcat 8.5.15 on Digital Ocean Linux (CentOS distro) server. Note: If you are looking for overall hardening & security then you may refer this guide. As a best practice, take a backup of necessary configuration file before making changes or test in a non-production environment.
20 Tomcat 8.5 timing Possible roadmap 6 months of 8.0.x and 8.5.x Extended if needed. one month between releases after no more 8.0.x releases First 8.5 release 24 March 2016 Current release: 8.5.3 stable Expect last 8.0.x around end of September 2016.
The HTTP2 Upgrade Protocol
Table of Contents
- Attributes
Introduction
The HTTP Upgrade Protocol element represents an Upgrade Protocol component that supports the HTTP/2 protocol. An instance of this component must be associated with an existing HTTP/1.1 Connector.
HTTP/2 connectors use non-blocking I/O, only utilising a container thread from the thread pool when there is data to read and write. However, because the Servlet API is fundamentally blocking, each HTTP/2 stream requires a dedicated container thread for the duration of that stream.
Attributes
Common Attributes
All implementations of Upgrade Protocol support the following attributes:
Attribute | Description |
---|---|
className | This must be |
Standard Implementation
See All Results For This Question
The HTTP/2 Upgrade Protocol implementation supports the following attributes in addition to the common attributes listed above.
Attribute | Description |
---|---|
allowedTrailerHeaders | By default Tomcat will ignore all trailer headers when processing HTTP/2 connections. For a header to be processed, it must be added to this comma-separated list of header names. |
compressibleMimeType | The value is a comma separated list of MIME types for which HTTP compression may be used. The default value is |
compression | The HTTP/2 protocol may use compression in an attempt to save server bandwidth. The acceptable values for the parameter is 'off' (disable compression), 'on' (allow compression, which causes text data to be compressed), 'force' (forces compression in all cases), or a numerical integer value (which is equivalent to 'on', but specifies the minimum amount of data before the output is compressed). If the content-length is not known and compression is set to 'on' or more aggressive, the output will also be compressed. If not specified, this attribute is set to 'off'. Note: There is a tradeoff between using compression (saving your bandwidth) and using the sendfile feature (saving your CPU cycles). If the connector supports the sendfile feature, e.g. the NIO2 connector, using sendfile will take precedence over compression. The symptoms will be that static files greater that 48 Kb will be sent uncompressed. You can turn off sendfile by setting |
compressionMinSize | If compression is set to 'on' then this attribute may be used to specify the minimum amount of data before the output is compressed. If not specified, this attribute is defaults to '2048'. |
initialWindowSize | Controls the initial size of the flow control window for streams that Tomcat advertises to clients. If not specified, the default value of |
keepAliveTimeout | The time, in milliseconds, that Tomcat will wait between HTTP/2 frames when there is no active Stream before closing the connection. Negative values will be treated as an infinite timeout. If not specified, a default value of |
maxConcurrentStreamExecution | The controls the maximum number of streams for any one connection that can be allocated threads from the container thread pool. If more streams are active than threads are available, those streams will have to wait for a stream to become available. If not specified, the default value of |
maxConcurrentStreams | The controls the maximum number of active streams permitted for any one connection. If a client attempts to open more active streams than this limit, the stream will be reset with a |
maxHeaderCount | The maximum number of headers in a request that is allowed by the container. A request that contains more headers than the specified limit will be rejected. A value of less than 0 means no limit. If not specified, a default of 100 is used. |
maxHeaderSize | The maximum total size for all headers in a request that is allowed by the container. Total size for a header is calculated as the uncompressed size of the header name in bytes, plus the uncompressed size of the header value in bytes plus an HTTP/2 overhead of 3 bytes per header. A request that contains a set of headers that requires more than the specified limit will be rejected. A value of less than 0 means no limit. If not specified, a default of 8192 is used. |
maxTrailerCount | The maximum number of trailer headers in a request that is allowed by the container. A request that contains more trailer headers than the specified limit will be rejected. A value of less than 0 means no limit. If not specified, a default of 100 is used. |
maxTrailerSize | The maximum total size for all trailer headers in a request that is allowed by the container. Total size for a header is calculated as the uncompressed size of the header name in bytes, plus the uncompressed size of the header value in bytes plus an HTTP/2 overhead of 3 bytes per header. A request that contains a set of trailer headers that requires more than the specified limit will be rejected. A value of less than 0 means no limit. If not specified, a default of 8192 is used. |
noCompressionUserAgents | The value is a regular expression (using |
overheadCountFactor | The factor to apply when counting overhead frames to determine if a connection has too high an overhead and should be closed. The overhead count starts at |
readTimeout | The time, in milliseconds, that Tomcat will wait for additional data when a partial HTTP/2 frame has been received. Negative values will be treated as an infinite timeout. If not specified, a default value of |
streamReadTimeout | The time, in milliseconds, that Tomcat will wait for additional data frames to arrive for the stream when an application is performing a blocking I/O read and additional data is required. Negative values will be treated as an infinite timeout. If not specified, a default value of |
streamWriteTimeout | The time, in milliseconds, that Tomcat will wait for additional window update frames to arrive for the stream and/or conenction when an application is performing a blocking I/O write and the stream and/or connection flow control window is too small for the write to complete. Negative values will be treated as an infinite timeout. If not specified, a default value of |
writeTimeout | The time, in milliseconds, that Tomcat will wait to write additional data when an HTTP/2 frame has been partially written. Negative values will be treated as an infinite timeout. If not specified, a default value of |
The HTTP/2 upgrade protocol will also inherit the following limits from the HTTP Connector it is nested with:
- maxCookieCount
- maxParameterCount
- maxPostSize
- maxSavePostSize
Nested Components
This component does not support any nested components.
Special Features
This component does not support any special features.
Apache Tomcat 8 Configuration Reference (8.5.65) - The HTTP ...
Notice: This comments section collects your suggestions on improving documentation for Apache Tomcat.
If you have trouble and need help, read Find Help page and ask your question on the tomcat-users mailing list. Do not ask such questions here. This is not a Q&A section.
The Apache Comments System is explained here. Comments may be removed by our moderators if they are either implemented or considered invalid/off-topic.