I have been reading Tomcat 5 Unleashed since I purchased it a couple of weeks ago. It is a great book and I am finally starting to learn how to use Tomcat properly. I have always been bothered by the default Tomcat configuration and how it holds deployed applications in the installation directory. Fortunately this book explains how to "productionalize" the Tomcat installation. (the book actually uses that word over and over) The book also provides some examples are provided for Tomcat 4 for those who are not prepared to upgrade just yet.
As yet I have only been reading the specific tips and instructions in the book based on my current needs and interests. There are over 700 pages of information in there and it seems every page it useful. It is a far cry from the poorly published O'Reilly books I have purchased this past year. Like the "Ant: The Definitive Guide" which is basically a screen dump of the Ant website. This Tomcat book actually covers many topics which I could never understand by reading the documentation on the website.
One area I found needed more explanation was deployment and configuration with a database connection pool. It walks through a detailed example of how to do that with a JNDI resource which can be configured within Tomcat or with your own deployment descriptor which goes out with your WAR file. It seems like such an easy task that I wonder why it was so hard to learn by just using the Tomcat website.
And the book covers many more topics...
Another section of the book thoroughly covers security and the various layers of security for different layers like the OS, network, server and application level. It provides practical examples for Windows and Unix/Linux as well which is useful because I sometimes need to run Tomcat on either platform.
The book then gets into some examples for JSP and Servlet programming as well as using XSLT. It also details using Tomcat in an Enterprise environment with various configuration examples and the various ways to administer Tomcat. There are more than 150 pages dedicated to those topics.
An area I am very interested in is integration with other web servers, such as Apache or IIS. It explains the mod_jk extension can be used to have the Apache web server run as the frontend for Tomcat. It explains how to set up Apache and configure it to use Tomcat. While it does explain you can have IIS act as a frontend for Tomcat it does not detail how that is done. I would have appreciated that example.
Last night I read about using JAAS to provide login functionality with various backend systems such as LDAP, Windows Authentication or Kerberos. It is pretty amazing how simple it appears it could be to change from one provider to another. It would be great to leverage an existing user directory or Kerberos service to authenticate users to provide a single sign-on functionality. The book provides many examples and I am sure I will use them to set up my own single sign-on systems.
There are many more topics covered in the book and I am anxious to get through all of them. As I have done much more ASP.NET development this past year I am eager to catch up with what is not possible with Java web applications. It seems that Tomcat is getting more robust and easy to use all of the time. And as JSF begins to mature and provide more useful features I plan to develop some Java web applications. And ideally I could port some popular PHP applications, such as JetNuke which is a Java port of PHPNuke.
I give this book high marks. Out of 5 stars... it gets all 5!