Migrating from tomcat6 or tomcat7:

  * Refer to the upstream migration guides for application compatibility
    and configuration chages:
    - http://tomcat.apache.org/migration-7.html
    - http://tomcat.apache.org/migration-8.html

  * The Debian packages for tomcat[678] each create a separate tomcatX user.
    You may need to recursively update your application directories to be
    owned by the tomcat8 user.

Getting started:
  * After installing the tomcat8 package, the server should be accessible
    at http://localhost:8080/
  * If you install tomcat8-admin, then you need to edit 
    /etc/tomcat8/tomcat-users.xml and add to it the following:
      <role rolename="manager"/>
      <user username="tomcat" password="s3cret" roles="manager"/>
    Tomcat administration will be accessible on 
    http://localhost:8080/manager/html
  * Tomcat is not running under a Java security manager by default. If you
    expose your Tomcat instance to the internet, please consider editing
    your /etc/default/tomcat8 file and set TOMCAT8_SECURITY="yes", then
    adjust policy files in /etc/tomcat8/policy.d/ as explained in
    http://tomcat.apache.org/tomcat-8.0-doc/security-manager-howto.html
  * To run more than one Tomcat instance on your server, install the package
    tomcat8-user and run the tomcat8-instance-create utility.
    You should remove the tomcat8 package if you don't want Tomcat to
    start as a daemon at boot time.
  * If you configure your Tomcat to listen on one
    or more privileged ports (such as port 80 or port 443), then you
    may now enable authbind in your /etc/default/tomcat8 file.  The
    authbind package can allow your Tomcat JVM user (a non-root user)
    to listen on privileged ports.  Set AUTHBIND="yes" to enable it,
    and then configure your Tomcat to listen on any port number you
    wish.  See the "man authbind" for information on configuring
    authbind.