| Links Top Level Elements Executors Connectors Containers Nested Components Cluster Elements web.xml Other | System Properties| Introduction |  | 
  The following sections list the system properties that may be set to modify
  the default Tomcat behaviour. | 
 | Property replacements |  | 
  | Property | Description | 
|---|
 | org.apache.tomcat.util.digester. PROPERTY_SOURCE | Set this to a fully qualified name of a class that implements
         org.apache.tomcat.util.IntrospectionUtils.PropertySource.
         Required to have a public constructor with no arguments. Use this to add a property source, that will be invoked when
         ${parameter}denoted parameters are found in the XML files
         that Tomcat parses. org.apache.tomcat.util.digester.EnvironmentPropertySourcecan be used to replace parameters from the process' environment
         variables, e.g. injected ConfigMaps or Secret objects in container
         based systems like OpenShift or Kubernetes.
 | 
 | 
 | Clustering |  | 
  | Property | Description | 
|---|
 | org.apache.catalina. tribes.dns_lookups | If true, the clustering module will attempt to use DNS to
      resolve any host names provided in the cluster configuration. If not specified, the default value of falsewill be used. | 
 | 
 | Expression Language |  | 
  | Property | Description | 
|---|
 | org.apache.el.BeanELResolver. CACHE_SIZE | The number of javax.el.BeanELResolver.BeanProperties objects that will
      be cached by the EL Parser. If not specified, the default of 1000will be used. |  | org.apache.el.ExpressionBuilder. CACHE_SIZE | The number of parsed EL expressions that will be cached by the EL
      Parser. If not specified, the default of 5000will be used. |  | org.apache.el.parser. COERCE_TO_ZERO | If true, when coercing expressions to numbers""andnullwill be coerced to zero as required
      by the specification. If not specified, the default value of truewill be used. |  | org.apache.el.parser. SKIP_IDENTIFIER_CHECK | If true, when parsing expressions, identifiers will not be
      checked to ensure that they conform to the Java Language Specification for
      Java identifiers. If not specified, the default value of falsewill be used. | 
 | 
 | Jasper |  | 
  | Property | Description | 
|---|
 | org.apache.jasper.compiler. Generator.POOL_TAGS_WITH_EXTENDS | By default, JSPs that use their own base class via the extends
      attribute of the page directive, will have Tag pooling disabled since
      Jasper cannot guarantee that the necessary initialisation will have taken
      place. This can have a negative impact on performance. Providing the
      alternative base class calls _jspInit() from Servlet.init(), setting  this
      property to truewill enable pooling with an alternative base
      class. If the alternative base class does not call _jspInit() and this
      property istrue, NPEs will occur when attempting to use
      tags. If not specified, the default value of falsewill be used. |  | org.apache.jasper.compiler. Generator.STRICT_GET_PROPERTY | If true, the requirement to have the object referenced injsp:getPropertyaction to be previously "introduced"
      to the JSP processor, as specified in the chapter JSP.5.3 of JSP 2.0 and
      later specifications, is enforced. If not specified, the specification compliant default of
      truewill be used. |  | org.apache.jasper.compiler. Generator.VAR_EXPRESSIONFACTORY | The name of the variable to use for the expression language expression
      factory. If not specified, the default value of _el_expressionfactorywill be used. |  | org.apache.jasper.compiler. Generator.VAR_INSTANCEMANAGER | The name of the variable to use for the instance manager factory. If not specified, the default value of _jsp_instancemanagerwill be used. |  | org.apache.jasper.compiler. Parser.STRICT_QUOTE_ESCAPING | If falsethe requirements for escaping quotes in JSP
      attributes will be relaxed so that an unescaped quote will not
      cause an error. If not specified, the specification compliant default of
      truewill be used. |  | org.apache.jasper.compiler. Parser.STRICT_WHITESPACE | If falsethe requirements for whitespace before an
      attribute name will be relaxed so that the lack of whitespace will not
      cause an error. If not specified, the specification compliant default of
      truewill be used. |  | org.apache.jasper.runtime. BodyContentImpl.BUFFER_SIZE | The size (in characters) to use when creating a tag buffer. If not specified, the default value of
      org.apache.jasper.Constants.DEFAULT_TAG_BUFFER_SIZE(512)
      will be used. |  | org.apache.jasper.runtime. BodyContentImpl.LIMIT_BUFFER | If true, any tag buffer that expands beyondorg.apache.jasper.runtime.BodyContentImpl.BUFFER_SIZEwill be
      destroyed and a new buffer created. If not specified, the default value of falsewill be used. |  | org.apache.jasper.runtime. JspFactoryImpl.USE_POOL | If true, a ThreadLocalPageContextpool will
      be used. If not specified, the default value of truewill be used. |  | org.apache.jasper.runtime. JspFactoryImpl.POOL_SIZE | The size of the ThreadLocal PageContext. If not specified, the default value of 8will be used. |  | org.apache.jasper.Constants. JSP_SERVLET_BASE | The base class of the Servlets generated from the JSPs. If not specified, the default value of
      org.apache.jasper.runtime.HttpJspBasewill be used. |  | org.apache.jasper.Constants. SERVICE_METHOD_NAME | The name of the service method called by the base class. If not specified, the default value of _jspServicewill be used. |  | org.apache.jasper.Constants. SERVLET_CLASSPATH | The name of the ServletContext attribute that provides the classpath
      for the JSP. If not specified, the default value of
      org.apache.catalina.jsp_classpathwill be used. |  | org.apache.jasper.Constants. JSP_FILE | The name of the request attribute for <jsp-file>element of a servlet definition. If present on a request, this overrides
      the value returned byrequest.getServletPath()to select the
      JSP page to be executed. If not specified, the default value of
      org.apache.catalina.jsp_filewill be used. Deprecated: This will be removed in Tomcat 9.0.x
      onwards. It is replaced by the use of the jspFile servlet initialisation
      parameter |  | org.apache.jasper.Constants. PRECOMPILE | The name of the query parameter that causes the JSP engine to just
      pregenerate the servlet but not invoke it. If not specified, the default value of jsp_precompilewill be used, as defined by JSP specification (JSP.11.4.2). |  | org.apache.jasper.Constants. JSP_PACKAGE_NAME | The default package name for compiled jsp pages. If not specified, the default value of org.apache.jspwill be used. |  | org.apache.jasper.Constants. TAG_FILE_PACKAGE_NAME | The default package name for tag handlers generated from tag files. If not specified, the default value of org.apache.jsp.tagwill be used. |  | org.apache.jasper.Constants. ALT_DD_ATTR | The servlet context attribute under which the alternate deployment
      descriptor for this web application is stored. If not specified, the default value of
      org.apache.catalina.deploy.alt_ddwill be used. |  | org.apache.jasper.Constants. TEMP_VARIABLE_NAME_PREFIX | Prefix to use for generated temporary variable names. If not specified, the default value of _jspx_tempwill be used. |  | org.apache.jasper.Constants. USE_INSTANCE_MANAGER_FOR_TAGS | If true, the instance manager is used to obtain tag
      handler instances. If not specified, the default value of falsewill be used. | 
 | 
 | Security |  | 
  | Property | Description | 
|---|
 | org.apache.catalina.connector. RECYCLE_FACADES | If this is trueor if a security manager is in use a new
      facade object will be created for each request. If not specified, the default value of falsewill be used. |  | org.apache.catalina.connector. CoyoteAdapter.ALLOW_BACKSLASH | If this is truethe '\' character will be permitted as a
      path delimiter. If not specified, the default value of falsewill be used. |  | org.apache.tomcat.util.buf. UDecoder.ALLOW_ENCODED_SLASH | If this is true'%2F' and '%5C' will be permitted as path
      delimiters. If not specified, the default value of falsewill be used. | 
 | 
 | Specification |  | 
  | Property | Description | 
|---|
 | org.apache.catalina. STRICT_SERVLET_COMPLIANCE | The default value of this system property is false. If this is truethe default values will be changed for: 
      org.apache.catalina.core.ApplicationContext.GET_RESOURCE_REQUIRE_SLASH
org.apache.catalina.core.ApplicationDispatcher.WRAP_SAME_OBJECT
org.apache.catalina.core.StandardHostValve.ACCESS_SESSION
org.apache.catalina.session.StandardSession.ACTIVITY_CHECK
org.apache.catalina.session.StandardSession.LAST_ACCESS_AT_START
org.apache.tomcat.util.http.ServerCookie.ALWAYS_ADD_EXPIRES
org.apache.tomcat.util.http.ServerCookie.FWD_SLASH_IS_SEPARATOR
org.apache.tomcat.util.http.ServerCookie.PRESERVE_COOKIE_HEADER
org.apache.tomcat.util.http.ServerCookie.STRICT_NAMING
The resourceOnlyServletsattribute of any
          Context element.The tldValidationattribute of any
          Context element.The useRelativeRedirectsattribute of any
          Context element.The xmlNamespaceAwareattribute of any
          Context element.The xmlValidationattribute of any
          Context element. Note that changing a number of the above defaults is likely to break
      the majority of systems as some browsers are unable to correctly handle
      the cookie headers that result from a strict adherence to the
      specifications. Defaults, regardless of whether or not they have been
      changed by setting
      org.apache.catalina.STRICT_SERVLET_COMPLIANCEcan always be
      overridden by explicitly setting the appropriate system property or element
      attribute. |  | org.apache.catalina.connector. Response.ENFORCE_ENCODING_IN_GET_WRITER | If this is truethen
      a call toResponse.getWriter()if no character encoding
      has been specified will result in subsequent calls toResponse.getCharacterEncoding()returningISO-8859-1and theContent-Typeresponse header
      will include acharset=ISO-8859-1component. (SRV.15.2.22.1) If not specified, the default specification compliant value of
      truewill be used. |  | org.apache.catalina.core.ApplicationContext .GET_RESOURCE_REQUIRE_SLASH | If this is truethen the path passed toServletContext.getResource()orServletContext.getResourceAsStream()must start with
      "/". Iffalse, code likegetResource("myfolder/myresource.txt")will work. If org.apache.catalina.STRICT_SERVLET_COMPLIANCEis set totrue, the default of this setting will betrue,
      else the default value will befalse. |  | org.apache.catalina.core. ApplicationDispatcher.WRAP_SAME_OBJECT | If this is truethen any wrapped request or response
      object passed to an application dispatcher will be checked to ensure that
      it has wrapped the original request or response. If org.apache.catalina.STRICT_SERVLET_COMPLIANCEis set totrue, the default of this setting will betrue,
      else the default value will befalse. |  | org.apache.tomcat.util.http. ServerCookie.ALLOW_EQUALS_IN_VALUE | If this is trueTomcat will allow '='
      characters when parsing unquoted cookie values. Iffalse,
      cookie values containing '=' will be terminated when the
      '=' is encountered and the remainder of the cookie value will
      be dropped. If not specified, the default value specification compliant value of
      falsewill be used. |  | org.apache.tomcat.util.http. ServerCookie.ALLOW_HTTP_SEPARATORS_IN_V0 | If this is trueTomcat will allow HTTP separators in
      cookie names and values. If not specified, the default specification compliant value of
      falsewill be used. |  | org.apache.tomcat.util.http. ServerCookie.ALLOW_NAME_ONLY | If this is falsethen the requirements of the cookie
      specifications that cookies must have values will be enforced and cookies
      consisting only of a name but no value will be ignored. If not specified, the default specification compliant value of
      falsewill be used. |  | org.apache.tomcat.util.http. ServerCookie.ALWAYS_ADD_EXPIRES | If this is trueTomcat will always add an expires
      parameter to a SetCookie header even for cookies with version greater than
      zero. This is to work around a known IE6 and IE7 bug that causes IE to
      ignore the Max-Age parameter in a SetCookie header. If org.apache.catalina.STRICT_SERVLET_COMPLIANCEis set totrue, the default of this setting will befalse,
      else the default value will betrue. |  | org.apache.tomcat.util.http. ServerCookie.FWD_SLASH_IS_SEPARATOR |  If this is true then the /(forward slash) character will
      be treated as a separator. Note that this character is frequently used in
      cookie path attributes and some browsers will fail to process a cookie if
      the path attribute is quoted as is required by a strict adherence to the
      specifications. This is highly likely to break session tracking using
      cookies. If org.apache.catalina.STRICT_SERVLET_COMPLIANCEis set totrue, the default of this setting will betrue,
      else the default value will befalse. |  | org.apache.tomcat.util.http. ServerCookie.PRESERVE_COOKIE_HEADER | If this is trueTomcat will ensure that cookie
      processing does not modify cookie header returned byHttpServletRequest.getHeader(). If org.apache.catalina.STRICT_SERVLET_COMPLIANCEis set totrue, the default of this setting will betrue,
      else the default value will befalse. |  | org.apache.tomcat.util.http. ServerCookie.STRICT_NAMING |  If this is true then the requirements of the Servlet specification
      that Cookie names must adhere to RFC2109 (no use of separators) will be
      enforced. If org.apache.catalina.STRICT_SERVLET_COMPLIANCEis set totrue, the default of this setting will betrue,
      else the default value will befalse. | 
 | 
 | Sessions |  | 
  | Property | Description | 
|---|
 | org.apache.catalina.authenticator.                     Constants.SSO_SESSION_COOKIE_NAME | An alternative name for the single sign on session cookie. Defaults to
      JSESSIONIDSSO. |  | org.apache.catalina.core. StandardHostValve.ACCESS_SESSION | If this is true, every request that is associated with a
      session will cause the session's last accessed time to be updated
      regardless of whether or not the request explicitly accesses the session. If org.apache.catalina.STRICT_SERVLET_COMPLIANCEis set totrue, the default of this setting will betrue,
      else the default value will befalse. |  | org.apache.catalina.session. StandardSession.ACTIVITY_CHECK | If this is true, Tomcat will track the number of active
      requests for each session. When determining if a session is valid, any
      session with at least one active request will always be considered valid. If org.apache.catalina.STRICT_SERVLET_COMPLIANCEis set totrue, the default of this setting will betrue,
      else the default value will befalse. |  | org.apache.catalina.session. StandardSession.LAST_ACCESS_AT_START | If this is true, the last accessed time for sessions will
      be calculated from the beginning of the previous request. Iffalse, the last accessed time for sessions will be calculated
      from the end of the previous request. This also affects how the idle time
      is calculated. If org.apache.catalina.STRICT_SERVLET_COMPLIANCEis set totrue, the default of this setting will betrue,
      else the default value will befalse. | 
 | 
 | Logging |  | 
  | Property | Description | 
|---|
 | org.apache.juli.formatter | If no logging configuration file is specified and no logging configuration class is specified
         using the java.util.logging.config.classandjava.util.logging.config.fileproperties the default logging frameworkorg.apache.juliwill use the defaultjava.util.logging.SimpleFormatterfor all console output.
         To simply override the console output formatter, one can use the described property. Example:-Dorg.apache.juli.formatter=org.apache.juli.OneLineFormatter |  | org.apache.juli. AsyncOverflowDropType | When the memory limit of records has been reached the system needs to determine what action to take.
         Currently there are three actions that can be taken:
       
           int OVERFLOW_DROP_LAST = 1- the record that caused the overflow will be dropped and not loggedint OVERFLOW_DROP_FIRST = 2- the record that is next in line to be logged will be dropped to make room for the latest record on the queueint OVERFLOW_DROP_FLUSH = 3- suspend the thread while the queue empties out and flushes the entries to the write bufferint OVERFLOW_DROP_CURRENT = 4- drop the current log entry The default value is 1(OVERFLOW_DROP_LAST). |  | org.apache.juli. AsyncMaxRecordCount | The max number of log records that the async logger will keep in memory. When this limit is reached and a new record is being logged by the
         JULI framework the system will take an action based on the org.apache.juli.AsyncOverflowDropTypesetting. The default value is 10000records.
         This number represents the global number of records, not on a per handler basis. |  | org.apache.juli. AsyncLoggerPollInterval | The poll interval in milliseconds for the asynchronous logger thread in milliseconds.
         If the log queue is empty, the async thread will issue a poll(poll interval)
         in order to not wake up too often. The default value is 1000milliseconds. |  | org.apache.juli.logging. UserDataHelper.CONFIG | The type of logging to use for errors generated by invalid input data.
         The options are: DEBUG_ALL,INFO_THEN_DEBUG,INFO_ALLandNONE. WhenINFO_THEN_DEBUGis used, the period for which errors are
         logged at DEBUG rather than INFO is controlled by the system propertyorg.apache.juli.logging.UserDataHelper.SUPPRESSION_TIME. The default value is INFO_THEN_DEBUG. The errors currently logged using this system are: 
         invalid cookies;invalid parameters;too many headers, too many parameters (hitting
           maxHeaderCountormaxParameterCountlimits
           of a connector).invalid host names Other errors triggered by invalid input data may be added to this
         system in later versions. |  | org.apache.juli.logging. UserDataHelper.SUPPRESSION_TIME | When using INFO_THEN_DEBUGfororg.apache.juli.logging.UserDataHelper.CONFIGthis system
         property controls how long messages are logged at DEBUG after a message
         has been logged at INFO. Once this period has elapsed, the next message
         will be logged at INFO followed by a new suppression period where
         messages are logged at DEBUG and so on. The value is measured
         in seconds. A value of 0is equivalent to usingINFO_ALLfororg.apache.juli.logging.UserDataHelper.CONFIG. A negative value means an infinite suppression period. The default value is 86400(24 hours). | 
 | 
 | JAR Scanning |  | 
  | Property | Description | 
|---|
 | tomcat.util.scan. DefaultJarScanner.jarsToSkip | The comma-separated list of file name patterns of JARs that Tomcat will
         not scan for configuration information when using the
         JarScanner functionality. The file name
         pattern syntax is described in
         JarScanner documentation. Note that
         there are additional system properties that enable JARs to be excluded
         from specific scans rather than all scans. The coded default is that no JARs are skipped however the system
         property is set in a default Tomcat installation via the
         $CATALINA_BASE/conf/catalina.propertiesfile. |  | org.apache.catalina.startup. ContextConfig.jarsToSkip | The comma-separated list of additional filenames of JARs that Tomcat
         will not scan for Servlet 3.0 pluggability features. The coded default is that no JARs are skipped however the system
         property is set in a default Tomcat installation via the
         $CATALINA_BASE/conf/catalina.propertiesfile. |  | org.apache.catalina.startup. TldConfig.jarsToSkip | The comma-separated list of additional filenames of JARs that Tomcat
         will not scan for TLDs. The coded default is that no JARs are skipped however the system
         property is set in a default Tomcat installation via the
         $CATALINA_BASE/conf/catalina.propertiesfile. | 
 | 
 | Websockets |  | 
  | Property | Description | 
|---|
 | org.apache.tomcat .websocket.ALLOW_UNSUPPORTED_EXTENSIONS | If true, allow unknown extensions to be declared by
      the user. The default value is false. |  | org.apache.tomcat. websocket.DEFAULT_ORIGIN_HEADER_VALUE | Default value of the origin header that will be sent by the client
         during the upgrade handshake. The default is null so that no origin header is sent. |  | org.apache.tomcat. websocket.DEFAULT_PROCESS_PERIOD | The number of periodic ticks between periodic processing which
         involves in particular session expiration checks. The default value is 10which corresponds to 10
         seconds. |  | org.apache.tomcat. websocket.DISABLE_BUILTIN_EXTENSIONS | If true, disable all built-in extensions provided by the
         server, such as message compression. The default value is false. | 
 | 
 | Other |  | 
  | Property | Description | 
|---|
 | org.apache.coyote. USE_CUSTOM_STATUS_MSG_IN_HEADER | If this is
      true, custom HTTP status messages will be used within HTTP
      headers. If a custom message is specified that is not valid for use in an
      HTTP header (as defined by RFC2616) then the custom message will be
      ignored and the default message used. If not specified, the default value of falsewill be used. |  | catalina.useNaming | If this is falseit will override theuseNamingattribute for all 
      Context elements. |  | javax.sql.DataSource.Factory | The class name of the factory to use to create resources of type
      javax.sql.DataSource. If not specified the default oforg.apache.tomcat.dbcp.dbcp.BasicDataSourceFactoryis used
      which is a package renamed (to avoid conflicts) copy of
      Apache Commons DBCP 1.x. |  | javax.mail.Session.Factory | The class name of the factory to use to create resources of type
      javax.mail.Session. If not specified the default oforg.apache.naming.factory.MailSessionFactoryis used. |  | jvmRoute | Provides a default value for the jvmRouteattribute of the
      Engine element. It does not override the value
      configured on the Engine element. |  | catalina.config | The URL for the catalina.properties configuration file. |  | tomcat.util.buf.StringCache.byte.enabled | If true, the String cache is enabled forByteChunk. If not specified, the default value of falsewill be used. |  | tomcat.util.buf.StringCache.char.enabled | If true, the String cache is enabled forCharChunk. If not specified, the default value of falsewill be used. |  | tomcat.util.buf.StringCache.trainThreshold | The number of times toString()must be called before the
      cache is activated. If not specified, the default value of 20000will be used. |  | tomcat.util.buf.StringCache.cacheSize | The size of the String cache. If not specified, the default value of 200will be used. |  | tomcat.util.buf.StringCache.maxStringSize | The maximum length of String that will be cached. If not specified, the default value of 128will be used. |  | org.apache.tomcat.util. http.FastHttpDateFormat.CACHE_SIZE | The size of the cache to use parsed and formatted date value. If not specified, the default value of 1000will be used. |  | org.apache.tomcat.util. net.NioSelectorShared | If true, use a shared selector for servlet write/read. If not specified, the default value of truewill be used. |  | org.apache.catalina.startup. EXIT_ON_INIT_FAILURE | If true, the server will exit if an exception happens
         during the server initialization phase. If not specified, the default value of falsewill be used. |  | org.apache.catalina.startup. RealmRuleSet.MAX_NESTED_REALM_LEVELS | The CombinedRealm allows nested Realms. This property controls the
      maximum permitted number of levels of nesting. If not specified, the default value of 3will be used. |  | tomcat.util.http.parser.HttpParser. requestTargetAllow | This system property is deprecated. Use the
      relaxedPathCharsandrelaxedQueryCharsattributes of the Connector instead. These attributes permit a wider range
      of characters to be configured as valid. A string comprised of characters the server should allow even when they are not encoded.
      These characters would normally result in a 400 status. The acceptable characters for this property are: |,{, and} WARNING: Use of this option may expose the server to CVE-2016-6816.
       If not specified, the default value of nullwill be used. | 
 | 
 |