Most common Tobago will be used in a Maven project, so an explicit download is not needed. Nevertheless, here are the artifacts to download.
Use the links below to download a distribution of MyFaces Tobago from one of our mirrors. It is good practice to verify the integrity of the distribution files.
You will be prompted for a mirror - if the file is not found on yours, please be patient, as it may take 24 hours to reach all mirrors.
Apache MyFaces Tobago is distributed as a zip archive and as a tar.gz archive. The content is the same. Please note that the tar.gz archives contain file names longer than 100 characters and have been created using GNU tar extensions. Thus, they must be untarred with a GNU compatible version of tar.
Release notes can be found in Jira
| Type | File | Checksum | Signature | |
|---|---|---|---|---|
| MyFaces Tobago | tar.gz | Download Site | Checksum | Signature |
| MyFaces Tobago | zip | Download Site | Checksum | Signature |
| MyFaces Tobago Source | zip | Download Site | Checksum | Signature |
Release notes can be found in Jira
| Type | File | Checksum | Signature | |
|---|---|---|---|---|
| MyFaces Tobago | tar.gz | Download Site | Checksum | Signature |
| MyFaces Tobago | zip | Download Site | Checksum | Signature |
| MyFaces Tobago Source | zip | Download Site | Checksum | Signature |
Release notes can be found in Jira
| Type | File | Checksum | Signature | |
|---|---|---|---|---|
| MyFaces Tobago | tar.gz | Download Site | Checksum | Signature |
| MyFaces Tobago | zip | Download Site | Checksum | Signature |
| MyFaces Tobago Source | zip | Download Site | Checksum | Signature |
The source code is available on Github and Apache Gitbox.
Older releases are available in the Apache archive. Those releases are only provided as historical artifacts. We strongly recommend not to use those releases, but upgrade to the most recent release.
It is essential that you verify the integrity of the downloaded files using the SHA-256. This verification ensures the file was not corrupted during the download or mirroring process.
To verify the hash signature on the files, you need to use a program called e. g. sha, shasum, which is included in many UNIX distributions and macOS. It is also available for Windows.
PGP verification ensures that the file came from a certain person. We recommend you verify your downloads with PGP.
First download the Apache MyFaces KEYS as well as the asc signature file for the particular distribution. It is important that you get these files from the ultimate trusted source - the main ASF distribution site, rather than from a mirror.
You need an installation of e. g. OpenPGP or GPG to check the files. More information you'll find on the Apache verification site.
Then verify the signatures for all downloaded files. With gpg for the dist.tar.gz it looks like
$ TOBAGO_VERSION=5.0.0 $ gpg --import KEYS $ gpg --verify myfaces-tobago-$TOBAGO_VERSION-dist.tar.gz.asc myfaces-tobago-$TOBAGO_VERSION-dist.tar.gz