SpringSource
<<< Previous speaker next speaker >>>

Senior Software Engineer Mark Thomas, SpringSource

Senior Software Engineer Mark Thomas

Mark Thomas is a Senior Software Engineer with SpringSource. At SpringSource Mark leads the integration of Tomcat with tc Server and has also had a hand in the development and integration of the additional serviceability functionality.

Mark has been using and developing Apache Tomcat for more than five years. He first got involved in the development of Tomcat when he needed better control over the SSL configuration than was available at the time. After fixing that first bug, he started working his way through the remaining Tomcat bugs and is still going. Along the way, Mark has become a Tomcat committer and PMC member, volunteered to be the Tomcat 4 release manager, created the Tomcat security pages, became a member of the ASF and joined the Apache Security Committee. He also helps maintain the ASF's Bugzilla instances.

Mark has a MEng in Electronic and Electrical Engineering from the University of Birmingham, United Kingdom.

Presentation: "Performance Tuning for Apache Tomcat"

Time: Monday 15:00 - 16:15

Location: Foyer Room

Abstract:

Performance tuning is often considered to be a black art. This presentation will provide a standard approach for optimizing and tuning your applications running on Apache Tomcat.

The options available to tune Tomcat and the JVM will be discussed, with a focus on how the options apply to different usage patterns, hardware and network topologies.

You'll learn when and how to apply the different tuning and configuration options as well as gaining an understanding of load balancers and how they can impact your configuration settings.

The impact of clustering and replication on your environment will also be discussed.

Presentation: "Securing Apache Tomcat for your Environment"

Time: Wednesday 09:00 - 10:15

Location: Foyer Room

Abstract:

A default Apache Tomcat installation is secure but each installation environment is different and may have additional security requirements.

This presentation will examine the security configuration options available in Apache Tomcat, when to use them (and when not to use them) and the threats they might help mitigate.

The rationale behind having resource passwords (eg for database access) in clear text in server.xml will also be discussed.