zfreebird

朝闻道 夕死可矣
  博客园  :: 首页  :: 新随笔  :: 联系 :: 订阅 订阅  :: 管理
  18 随笔 :: 0 文章 :: 0 评论 :: 19369 阅读
SpringBoot修改内置的Tomcat版本

springboot内置tomcat各版本漏洞及修复情况参考链接:
https://mvnrepository.com/artifact/org.apache.tomcat.embed/tomcat-embed-core

打开项目,找到pom.xml文件找到对应节点,按以下步骤修改:
1、pom添加tomcat版本信息
    <properties>
        <java.version>1.8</java.version>
        <tomcat.version>9.0.86</tomcat.version>
    </properties>
    
2、排除spring-boot-starter-web下依赖
        <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-web</artifactId>
            <exclusions>
                <exclusion>
                    <groupId>org.springframework.boot</groupId>
                    <artifactId>spring-boot-starter-tomcat</artifactId>
                </exclusion>
                <exclusion>
                    <groupId>org.apache.tomcat.embed</groupId>
                    <artifactId>tomcat-embed-core</artifactId>
                </exclusion>
                <exclusion>
                    <groupId>org.apache.tomcat.embed</groupId>
                    <artifactId>tomcat-embed-el</artifactId>
                </exclusion>
                <exclusion>
                    <groupId>org.apache.tomcat.embed</groupId>
                    <artifactId>tomcat-embed-websocket</artifactId>
                </exclusion>
                <exclusion>
                    <groupId>org.apache.tomcat</groupId>
                    <artifactId>tomcat-annotations-api</artifactId>
                </exclusion>
            </exclusions>
        </dependency>
3、添加新依赖
        <!-- tomcat 修复漏洞 -->
        <dependency>
            <groupId>org.apache.tomcat.embed</groupId>
            <artifactId>tomcat-embed-core</artifactId>
            <version>${tomcat.version}</version>
            <exclusions>
                <exclusion>
                    <groupId>org.apache.tomcat</groupId>
                    <artifactId>tomcat-annotations-api</artifactId>
                </exclusion>
            </exclusions>
        </dependency>
        <dependency>
            <groupId>org.apache.tomcat</groupId>
            <artifactId>tomcat-annotations-api</artifactId>
            <version>${tomcat.version}</version>
        </dependency>
        <dependency>
            <groupId>org.apache.tomcat.embed</groupId>
            <artifactId>tomcat-embed-el</artifactId>
            <version>${tomcat.version}</version>
        </dependency>
        <dependency>
            <groupId>org.apache.tomcat.embed</groupId>
            <artifactId>tomcat-embed-websocket</artifactId>
            <version>${tomcat.version}</version>
            <exclusions>
                <exclusion>
                    <groupId>org.apache.tomcat.embed</groupId>
                    <artifactId>tomcat-embed-core</artifactId>
                </exclusion>
            </exclusions>
        </dependency>
4、重新加载依赖运行即可。

posted on   zfreebird  阅读(3755)  评论(0编辑  收藏  举报
相关博文:
· spring framework与spring boot版本对应依赖关系
· Jenkins安装运行war修改端口修改工作目录
· SpringBoot修改内置tomcat版本的操作步骤
· springboot 升级内置 tomcat
· springboot指定tomcat版本
阅读排行:
· Manus重磅发布:全球首款通用AI代理技术深度解析与实战指南
· 被坑几百块钱后,我竟然真的恢复了删除的微信聊天记录!
· 没有Manus邀请码?试试免邀请码的MGX或者开源的OpenManus吧
· 园子的第一款AI主题卫衣上架——"HELLO! HOW CAN I ASSIST YOU TODAY
· 【自荐】一款简洁、开源的在线白板工具 Drawnix
点击右上角即可分享
微信分享提示