Hi all,

I am reviewing some legacy code in Apache OFBiz [*], in the attempt to
simplify its integration with Tomcat 8.0.+ and in preparation to upgrade to
Tomcat 8.5.+.
I have noticed that OFBiz, which starts a Tomcat instance in embedded mode,
uses a legacy class that extends the Tomcat's JSSEImplementation class.
This implementation, in particular, overrides the getServerFactory(...)
method to save an instance of ServerSocketFactory and return it if already
set [**].

Unfortunately I don't know enough about Tomcat internals to understand if
the OFBiz implementation makes any sense: do you have any feedback to share
on how this code could affect the behavior of Tomcat? Maybe a difference in
performance in the setup of an encrypted connection?
As a side note, OFBiz seems to work fine even when I switch to the Tomcat
standard implementation by setting:

Thanks in advance,


[*] http://ofbiz.apache.org/

[**] the OFBiz legacy implementation (simplified) of JSSEImplementation:

public class SSLImpl extends JSSEImplementation {
    protected ServerSocketFactory ssFactory = null;

    public ServerSocketFactory getServerSocketFactory(AbstractEndpoint
endpoint) {
        if (this.ssFactory == null) {
            this.ssFactory = (new
        return ssFactory;

Reply via email to