The Spring Blog

News and Events

Spring.NET 1.2.0 RC1 Released

We are pleased to announce that Spring .NET 1.2.0 RC1 has been released.

Download | Support | Documentation | Changelog

This release contains the following features:

  • WCF Integration - Configure WCF services using dependency injection. Apply AOP advice to WCF services.

  • MSMQ integration - MSMQ helper classes to increase your productivity developing messaging applications. Provides integration with Spring’s transaction management features.

  • Apache ActiveMQ integration - Helper classes to increase your productivity developing messaging applications with ActiveMQ

  • Quartz integration - Configure Quartz jobs, schedulers,
    triggers using dependency injection. Convenience classes for implementing Quartz Jobs and integration with Spring’s transaction management features.

  • AOP New inheritance based AOP proxy generation.

  • Performance Improvements in WebForm dependency injection.

  • NHibernate 2.0.1 support.


Spring Batch 2.0.0.M2 Released

Spring Batch 2.0.0.M2 is now available. See the Spring Batch downloads page for more information - there is the usual .zip download and also Maven artifacts in S3.

Most work in this release went into the chunk-oriented approach to processing, which means changes to the ItemReader and ItemWriter interfaces, plus the introduction of the ItemProcessor as a top-level concern for translating between input and output items. Chunk-oriented processing is a key enabler for performance and scalability, as well as being much clearer for users in the extension points and interfaces (no more framework callbacks in business code).


Optimising and Tuning Apache Tomcat - Part 2

A few weeks ago Filip Hanik and I gave the second in a series of webinars on Optimising and Tuning Apache Tomcat. A recording of the webinar and a copy of the slides can be obtained from the webinars section of the SpringSource website. The same page has links for all the previous SpringSource webinars, as well as the Covalent webinar archive.

We weren’t able to get to all of the questions during the Q&A session so, as promised, here are the remaining questions and our answers.

  • How do you identify memory leaks in a Tomcat application?

    You will almost certainly need to use a profiler to identify the root cause of a memory leak. The latest Sun JDKs include tools like jhat and jmap. There are also many other profilers available, both free and commercial. Filip and I use YourKit when investigating Tomcat memory leaks as YourKit provide free licences to open source developers.

  • How can redeployment cause a memory leak?

    This usually occurs when a class loaded by Tomcat retains a reference to a class loaded by the web application. When the web application is stopped, the Tomcat class loader continues to retain the reference to the class loaded by the web application. This class retains a reference to the web application's class loader which in turn, retains references to all the classes it loaded. Therefore, the web application class loader and all the classes it loaded are not eligible for garbage collection. This causes a memory leak. The typical root causes of this are JDBC drivers and logging frameworks.

  • What is the best way to change the JVM Tomcat uses?

    The JVM to use is set using the JAVA_HOME (full JDK) or JRE_HOME (JRE only) environment variable. The correct place to set this will depend on your environment, particularly if Tomcat is configured to start automatically at system start. If you have a free choice on where to set this then use setenv.bat or as appropriate for your operating system.

  • Do you recommend a particular JVM?

    No, we do not. The JVM vendor you choose depends on your OS.

  • Which connector should I use to connect Apache httpd to Tomcat?

    We recommend mod_proxy_http with mod_jk a close second. Generally, mod_proxy_ajp is less stable than either mod_proxy_http or mod_jk. Note that mod_jk2 has been deprecated and should no longer be used.

  • What is the correct setting for maxKeepAliveRequests when using SSL?

    When using SSL HTTP keep alive should be enabled as the SSL handshake is a relatively expensive operation to perform for every request.

  • If we run Tomcat on Solaris, do you recommend against using the native APR connector?

    Yes, we do. The feedback we have received from clients is that the APR connector is not stable on Solaris.

  • We previously tried moving to mod_proxy_http on Solaris but we encountered several bugs. Have these bugs been resolved?

    Without knowing the exact bugs or version you were using, it is difficult to comment. All known Apache httpd issues and the current status can be found in the ASF Bugzilla Database. Tomcat issues can also be found in Bugzilla.

  • What value should I use for maxKeepAliveRequests with the default blocking IO HTTP connector?

    For high concurrency environments, set it to 1. Otherwise, set it to the average number of objects you have on a page, anywhere between 10 and 100.

  • How do I configure JkOptions +DisableReuse?

    JkOptions +DisableReuse should be placed in your httpd.conf file with your other mod_jk settings.

  • When is it best to use the bon-blocking IO HTTP connector?

    When you need to support high concurrency with keep alive and APR is not an option, e.g. because it is unstable on your platform.

  • Will I see better performance if I use Apache httpd in front of Apache Tomcat?

    It depends. If you proxy all of the requests to Tomcat then performance will decrease slightly. If httpd handles some requests (eg all the static content) then you will probably see some benefit. There are a number of benchmarks that attempt to demonstrate that one connector is better than another. However, it is very unlikely that any of these benchmarks will be representative of your application. The only way to know for sure is to test it in your environment with realistic load and usage patterns.

  • Can Tomcat be used in production without a web server in front of it?

    Yes. Whether this offers the best performance for your environment will depend on that environment and your application. As with the previous question, the only way to know for sure is to test it in your environment with realistic load and usage patterns.

  • Will using Apache httpd in front of Tomcat increase security?

    The security of your installation will depend on many factors. The use, or not, of Apache httpd is unlikely to significantly change the security of your installation. Other factors such as keep up to date with patches and using a firewall usually have a much greater impact on your overall level of security.

  • Which Apache httpd MPM provides the best performance?

    As always, it will depend on your environment but the httpd performance tuning documentation offers some useful general guidance.

  • What is the performance difference between SpringSource ERS and Apache Tomcat?

    SpringSource ERS is much more than just Apache Tomcat. From a pure Tomcat perspective, performance isn't the differentiating factor. The benefits of ERS are the simple installation, the easy to manage upgrades and patching, support for multiple instances and the integration of all of the components.

  • My company uses Tomcat and XYZ application server. How does Tomcat compare to XYZ application server and are there benefits in consolidating?

    There will be lots of differences and the differences that matter will vary from organisation to organisation. Start by working out what you want from an application server and then compare that list to the market. There are benefits in consolidating. Greater consistency means simpler maintenance, less training and so on. However, there are also costs. You would need to look at your organisation and how it planned to consolidate (new projects only, all projects for next major release, everything now, etc) to compare the costs with the associated benefit.

  • Do you have performance comparisons available for Tomcat and XYZ application server?

    Various reports have been published in this area. How useful the results are depends on how well matches the test is to your load. As always, the only way to know for sure is to test in your environment with realistic load and usage patterns.

  • What is a good method for load testing a Tomcat server?

    There are several options available with tools that drive load, both free and commercial. The free tools include ab and JMeter.

  • For high availability and performance, can Tomcat be configured to launch multiple JVMs for the same web application?

    Tomcat does not provide this as a configuration option. You can, of course, create multiple Tomcat instances, install your application on each instance and then load-balance across the instances.

  • Is there a generic health-check script for Tomcat?

    The Manager status page is probably a good place to start. You can use the code for that Servlet as the basis for your own, more specific/extensive checks if required. If you do enhance it, consider contributing your enhancements back to the Apache Tomcat community.

  • Where is the file located?

    The default location is in $CATALINA_BASE/conf.


A Question of Balance: Tuning the Maintenance Policy

Running a business is like writing code in at least one respect: You don't always get it right the first time, even if you know what you want to achieve—but you do get a better result in the end if you are prepared to rework things when necessary. At SpringSource, we had a clear vision for our recently announced maintenance policy: balancing the needs of the open source community with those of enterprise users and the creators of Spring, for the benefit of all. However, we didn't get the balance quite right first time, and it's time for some refactoring.


The Common Service Locator library

The CommonServiceLocator project was released this week on CodePlex with the general idea of providing an IoC container agnostic API for resolving dependencies using Service Location. Erich Eichinger from SpringSource contributed the Spring.NET implementation, thanks Erich!

Here is the API so you get the basic idea
public interface IServiceLocator : System.IServiceProvider {

object GetInstance(Type serviceType);
object GetInstance(Type serviceType, string key);
IEnumerable GetAllInstances(Type serviceType);
TService GetInstance ();
TService GetInstance (string key);
IEnumerable GetAllInstances ();

One of the fears I had in participating in this project was that it would promote the approach of Service Location/Dependency Pull over Dependency Injection. I’m glad to see blogs entries like Ayende’s and (more forcefully) Daniel Cuzzulino’s that put this library in the proper perspective.

The intention of this library is primarily for low-level integration between application frameworks. It has a role in business code only as a last resort when you need to ask a container to provide you with a new object instance at runtime that takes advantage of additional container services such as configuration via dependency injection or applying AOP advice. WebForms, WCF Services, and ‘traditional’ server-side objects created at application startup (DAOs, etc) can all be configured non-invasively using dependency injection.

If you find yourself frequently using the service locator approach in your application you should consider refactoring the code to use dependency injection. Not only will you remove an extraneous dependency, always a good thing, but you will get the additional benefit of making your class easier to unit test in isolation of the container as its dependencies will be exposed via standard properties and constructors.

One alternative approach, used in Spring Java but not yet implemented in Spring.NET is to provide a ServiceLocatorFactoryObject, described by my colleague Alef Arendsen here. This allows you to write your own simple service locator interface, for example.

public interface ProcessCreator {
Process CreateProcess(string processId);

The container would provide the implementation dynamically at runtime. You can then use dependency injection to configure your class with a reference to ProcessCreator. The only service locator ‘API’ provided with ServiceLocatorFactoryObject are of methods with the signatures IMyService GetService() or IMyService GetService(string id) but others could be envisioned.


Spring Security 2.0.4 Released

We're pleased to an announce the release of Spring Security 2.0.4.

This release contains minor bugfixes and improvements. There are also some changes to the security namespace so you should update to the new 2.0.4 schema file if necessary. There are also some documentation updates, including two new reference appendices in the manual - one describing the database schema used within Spring Security and one describing the elements and attributes in the namespace and how they map to underlying implementation classes.


SpringSource dm Server 1.0.0 reaches GA

You may have noticed that SpringSource announced the general availability of the SpringSource dm Server™ today. The dm Server is part of the SpringSource Application Platform. Since this is the first time out for the dm Server, I want to make a couple of short comments about the product.

We believe that the dm Server overall will change the way enterprise Java software is developed and deployed. In particular, the dm Server is designed from the ground up, to be lightweight (the dm Kernel has a footprint of about 3 megabytes), flexible, and fast. It is also designed to facilitate modular development and simplify dependency management. On the operational side, the dm Server is designed to provision, deploy, start and stop services at runtime. As services are increasingly deployed in grid, virtualized, and cloud environments, the ability to initially provision the kernel only and load additional services on the fly in response to service requests will become a significant differentiator.


SpringSource Seminar Day Linz in Review

A brief pictorial review of the SpringSource Seminar Day in Linz, having happened on September 8th, 2008, at the Bergschloessl Linz… More than 150 people were listening to a six-pack of presentations about what’s new and upcoming at SpringSource. The “Story of Spring” keynote by Rod Johnson and Adrian Colyer was a great start into a day full of information: about the SpringSource Application Platform, the SpringSource Tool Suite, Spring 3.0, etc. (See the original blog announcement for details on the agenda.)


SpringSource (and other top vendors) leading the OSGi charge

In a press release made available by the OSGi Alliance yesterday, several leading vendors including SpringSource, IBM, Oracle, RedHat, Sun, SAP, ProSyst, and Paremus joined forces in their support of OSGi as the foundation for next generation server platforms.

To highlight some of the key points:

Craig Hayman, VP IBM WebSphere said

[IBM] has been shipping WebSphere Application Server built on OSGi since 2006. As a result, IBM clients benefit from a modular platform built with proven components and the ability to automatically use only the components required by their application.

SpringSource dm Server 1.0 RC2 Released

I’m happy to announce the availability of RC2 of the SpringSource dm Server, previously known as the SpringSource Application Platform. This release is feature complete and barring any serious issues will become 1.0 GA in two weeks time.

This release fixes a few critical bugs, upgrades to Tomcat 6.0.18 and updates all code, documentation and supporting materials to reflect the new name.

Due to the renaming of the product, PlatformOsgiBundleXmlWebApplicationContext has been renamed to ServerOsgiBundleXmlWebApplicationContext and moved from the package to the package. Thus, if you are setting the contextClass for Spring MVC’s ContextLoaderListener or DispatcherServlet in web.xml in a Shared Services WAR, be sure to change the fully qualified path to