Content

Apache Tomcat Versions

Apache Tomcat® is an open source software implementation of a subset of the Jakarta EE (formally Java EE) technologies. Different versions of Apache Tomcat are available for different versions of the specifications. The mapping between the specifications and the respective Apache Tomcat versions is:

Servlet Spec JSP Spec EL Spec WebSocket Spec Authentication (JASPIC) Spec Apache Tomcat Version Latest Released Version Supported Java Versions
6.0 3.1 5.0 2.1 3.0 10.1.x 10.1.1 11 and later
5.0 3.0 4.0 2.0 2.0 10.0.x 10.0.27 8 and later
4.0 2.3 3.0 1.1 1.1 9.0.x 9.0.68 8 and later
3.1 2.3 3.0 1.1 1.1 8.5.x 8.5.83 7 and later
3.1 2.3 3.0 1.1 N/A 8.0.x (superseded) 8.0.53 (superseded) 7 and later
3.0 2.2 2.2 1.1 N/A 7.0.x (archived) 7.0.109 (archived) 6 and later
(7 and later for WebSocket)
2.5 2.1 2.1 N/A N/A 6.0.x (archived) 6.0.53 (archived) 5 and later
2.4 2.0 N/A N/A N/A 5.5.x (archived) 5.5.36 (archived) 1.4 and later
2.3 1.2 N/A N/A N/A 4.1.x (archived) 4.1.40 (archived) 1.3 and later
2.2 1.1 N/A N/A N/A 3.3.x (archived) 3.3.2 (archived) 1.1 and later

Each version of Tomcat is supported for any stable Java release that meets the requirements of the final column in the table above.

Tomcat should also work on any Java early access build that meets the requirements of the final column in the table above. For example, users were successfully running Tomcat 8 on Java 8 many months before the first stable Java 8 release. However, users of early access builds should be aware of the following:

  • It is not unusual for the initial early access builds to contain bugs that can cause problems for web applications running on Tomcat.
  • If the new Java version introduces new language features then the default JSP compiler may not support them immediately. Switching the JSP compiler to javac may enable these new language features to be used in JSPs.
  • If you do discover an problem using a Java early access build, please ask for help. The Tomcat user's mailing list is probably the best place to start.

The releases are described in more detail below to help you determine which one is right for you. More details about each release can be found in the associated release notes.

Please note that although we offer downloads and documentation of older releases, such as Apache Tomcat 7.x, we strongly encourage users to use the latest stable version of Apache Tomcat whenever possible. We recognize that upgrading across major versions may not be a trivial task, and some support is still offered on the mailing list for users of old versions. However, because of the community-driven support approach, the older your version, fewer people will be interested or able to support you.

Alpha / Beta / Stable

When voting for a release, reviewers specify the stability level that they consider the release has reached. Initial releases of a new major version typically process from Alpha, through Beta to Stable over a period of several months. However, the Stable level is only available once the Java specifications the release implements have been finalised. This means a release that in all other respects is considered stable, may still be labelled as Beta if the specifications are not final.

The download pages will always show the latest stable release and any newer Alpha or Beta release if one exists. Alpha and beta releases are always clearly marked on the download pages.

Stability is a subjective judgement and you should always read carefully the release notes for any version you intend to make use of. If you are an early adopter of a release, we would love to hear your opinion about its stability as part of the vote: it takes place on the development mailing list.

Alpha releases may contain large amounts of untested/missing functionality required by the specification and/or significant bugs and are not expected to run stably for any length of time.

Beta releases may contain some untested functionality and/or a number of relatively minor bugs. Beta releases are not expected to run stably.

Stable releases may contain a small number of relatively minor bugs. Stable releases are intended for production use and are expected to run stably for extended periods of time.

Apache Tomcat 10.1.x

Apache Tomcat 10.1.x is the current focus of development. It builds on Tomcat 10.0.x and implements the Servlet 6.0, JSP 3.1, EL 5.0, WebSocket 2.1 and Authentication 3.0 specifications (the versions required by Jakarta EE 10 platform).

Apache Tomcat 10.0.x

Apache Tomcat 10.0.x builds on Tomcat 9.0.x and implements the Servlet 5.0, JSP 3.0, EL 4.0, WebSocket 2.0 and Authentication 2.0 specifications (the versions required by Jakarta EE 9 platform).

Apache Tomcat 9.x

Apache Tomcat 9.x builds on Tomcat 8.0.x and 8.5.x and implements the Servlet 4.0, JSP 2.3, EL 3.0, WebSocket 1.1 and JASPIC 1.1 specifications (the versions required by Java EE 8 platform). In addition to this, it includes the following significant improvements:

  • Adds support for HTTP/2 (requires either running on Java 9 (since Apache Tomcat 9.0.0.M18) or the Tomcat Native library being installed)
  • Adds support for using OpenSSL for TLS support with the JSSE connectors (NIO and NIO2)
  • Adds support for TLS virtual hosting (SNI)

Apache Tomcat 8.x

Apache Tomcat 8.0.x builds on Tomcat 7.0.x and implements the Servlet 3.1, JSP 2.3, EL 3.0 and WebSocket 1.1 specifications. In addition to that, it includes the following significant improvements:

  • A single, common resources implementation to replace the multiple resource extension features provided in earlier versions.

Apache Tomcat 8.5.x supports the same Servlet, JSP, EL, and WebSocket Specification versions as Apache Tomcat 8.0.x. In addition to that, it also implements the JASPIC 1.1 specification.

It was created in March 2016 as a fork from Tomcat 9.0.0.M4 (alpha) milestone release. It provides HTTP/2 support and other features from Tomcat 9.x codebase, while being compatible with Tomcat 8.0 runtime and specification requirements. (A stable release of Tomcat 9.0 could not be created at that time, as Java EE specifications targeted by Tomcat 9 were finalized only a few years later).

Tomcat 8.5 is thought as a replacement for Tomcat 8.0. Please refer to Migration guide for guidance on migrating to Tomcat 8.5.

Apache Tomcat 8.5.x includes the following significant improvements:

  • Adds support for HTTP/2 (requires the Tomcat Native library)
  • Adds support for using OpenSSL for TLS support with the JSSE connectors (NIO and NIO2)
  • Adds support for TLS virtual hosting (SNI)

The following technologies were removed in Apache Tomcat 8.5.x:

  • BIO implementation of HTTP and AJP connectors
  • Support for Comet API

There are significant changes in many areas under the hood, resulting in improved performance, stability, and total cost of ownership. Please refer to the Apache Tomcat 8.5 Changelog for details.

Users of Tomcat 8.0 should be aware that Tomcat 8.0 has now reached end of life. Users of Tomcat 8.0.x should upgrade to Tomcat 8.5.x or later.

Apache Tomcat 7.x

Apache Tomcat 7.x builds upon the improvements made in Tomcat 6.0.x and implements the Servlet 3.0, JSP 2.2, EL 2.2 and WebSocket 1.1 specifications. In addition to that, it includes the following improvements:

  • Web application memory leak detection and prevention
  • Improved security for the Manager and Host Manager applications
  • Generic CSRF protection
  • Support for including external content directly in a web application
  • Refactoring (connectors, lifecycle) and lots of internal code clean-up

Users of Tomcat 7 should be aware that Tomcat 7 has now reached end of life. Users of Tomcat 7.x should upgrade to Tomcat 8.5.x or later.

Apache Tomcat 6.x

Apache Tomcat 6.x builds upon the improvements made in Tomcat 5.5.x and implements the Servlet 2.5 and JSP 2.1 specifications. In addition to that, it includes the following improvements:

  • Memory usage optimizations
  • Advanced IO capabilities
  • Refactored clustering

Users of Tomcat 6 should be aware that Tomcat 6 has now reached end of life. Users of Tomcat 6.x should upgrade to Tomcat 7.x or later.

Apache Tomcat 5.x

Apache Tomcat 5.x is available for download from the archives.

Apache Tomcat 5.5.x supports the same Servlet and JSP Specification versions as Apache Tomcat 5.0.x. There are significant changes in many areas under the hood, resulting in improved performance, stability, and total cost of ownership. Please refer to the Apache Tomcat 5.5 Changelog for details.

Apache Tomcat 5.0.x improves on Apache Tomcat 4.1 in many ways, including:

  • Performance optimizations and reduced garbage collection
  • Refactored application deployer, with an optional standalone deployer allowing validation and compilation of a web application before putting it in production
  • Complete server monitoring using JMX and the manager web application
  • Scalability and reliability enhancements
  • Improved Taglibs handling, including advanced pooling and tag plugins
  • Improved platform integration, with native Windows and Unix wrappers
  • Embedding using JMX
  • Enhanced Security Manager support
  • Integrated session clustering
  • Expanded documentation

Users of Tomcat 5 should be aware that Tomcat 5 has now reached end of life. Users of Tomcat 5.x should upgrade to Tomcat 7.x or later.

Apache Tomcat 4.x

Apache Tomcat 4.x is available for download from the archives.

Apache Tomcat 4.x implements a new servlet container (called Catalina) that is based on completely new architecture. The 4.x releases implement the Servlet 2.3 and JSP 1.2 specifications.

Apache Tomcat 4.1.x is a refactoring of Apache Tomcat 4.0.x, and contains significant enhancements, including:

  • JMX based administration features
  • JSP and Struts based administration web application
  • New Coyote connector (HTTP/1.1, AJP 1.3 and JNI support)
  • Rewritten Jasper JSP page compiler
  • Performance and memory efficiency improvements
  • Enhanced manager application support for integration with development tools
  • Custom Ant tasks to interact with the manager application directly from build.xml scripts

Apache Tomcat 4.0.x. Apache Tomcat 4.0.6 is the old production quality release. The 4.0 servlet container (Catalina) has been developed from the ground up for flexibility and performance. Version 4.0 implements the final released versions of the Servlet 2.3 and JSP 1.2 specifications. As required by the specifications, Apache Tomcat 4.0 also supports web applications built for the Servlet 2.2 and JSP 1.1 specifications with no changes.

Users of Tomcat 4 should be aware that Tomcat 4 has now reached end of life. Users of Tomcat 4.x should upgrade to Tomcat 7.x or later.

Apache Tomcat 3.x

Apache Tomcat 3.x is available for download from the archives.

  • Version 3.3 is the current production quality release for the Servlet 2.2 and JSP 1.1 specifications. Apache Tomcat 3.3 is the latest continuation of the Apache Tomcat 3.x architecture; it is more advanced then 3.2.4, which is the 'old' production quality release.
  • Version 3.2.4 is the 'old' production quality release and is now in maintenance only mode.
  • Version 3.1.1 is a legacy release.

All Apache Tomcat 3.x releases trace their heritage back to the original Servlet and JSP implementations that Sun donated to the Apache Software Foundation. The 3.x versions all implement the Servlet 2.2 and JSP 1.1 specifications.

Apache Tomcat 3.3.x. Version 3.3.2 is the current production quality release. It continues the refactoring that was begun in version 3.2 and carries it to its logical conclusion. Version 3.3 provides a much more modular design and allows the servlet container to be customized by adding and removing modules that control the processing of servlet requests. This version also contains many performance improvements.

Apache Tomcat 3.2.x. Version 3.2 added few new features since 3.1; the major effort was a refactoring of the internals to improve performance and stability. The 3.2.1 release, like 3.1.1, was a security patch. Version 3.2.2 fixed a large number of bugs and all known specification compliance issues. Version 3.2.3 was a security update that closes a serious security hole. Version 3.2.4 is a minor bug fix release. All users of Apache Tomcat versions prior to 3.2.3 should upgrade as soon as possible. With the exception of fixes for critical security related bugs, development on the Apache Tomcat 3.2.x branch has stopped.

Apache Tomcat 3.1.x. The 3.1 release contained several improvements over Apache Tomcat 3.0, including servlet reloading, WAR file support and added connectors for the IIS and Netscape web servers. The latest maintenance release, 3.1.1, contained fixes for security problems. There is no active development ongoing for Apache Tomcat 3.1.x. Users of Apache Tomcat 3.1 should update to 3.1.1 to close the security holes and they are strongly encouraged to migrate to the current production release, Apache Tomcat 3.3.

Apache Tomcat 3.0.x. Initial Apache Tomcat release.

Users of Tomcat 3 should be aware that Tomcat 3 has now reached end of life. Users of Tomcat 3.x should upgrade to Tomcat 7.x or later.