How do I disable SSLv3 in tomcat for the POOLDE Vulnerability found, what impact it will have on browser, will all the browser work ?

Use following conffiguration in server.xml (Last line is important)

       `<Connector protocol="HTTP/1.1" SSLEnabled="true" 
       port="8443" address="${jboss.bind.address}"
       scheme="https" secure="true" clientAuth="false" 
       keystoreFile="${jboss.server.home.dir}/conf/keystore.jks"
       keystorePass="rmi+ssl"
       sslProtocols = "TLS" sslEnabledProtocols="TLSv1+TLSv1.1+TLSv1.2"/>`

The Impact of Disabling SSLv3

There’s little impact for most people in disabling SSLv3 because they are not relying on SSLv3 to make connections via SSL/TLS. The large majority relies on TLS.

In the future, browsers such as Google Chrome and FireFox will have SSLv3 disabled at release. It is also advisable to disable SSLv3 on home browsers, not only server applications.

Very old browsers like IE 6 will have issues with it, but i guess those are anyways do not support may latest technologies as well.

Note: Thanks Christopher, updated as per your suggestions.

I tried the config suggested by Deepak. Though Tomcat did start, web apps were still accessible using SSLv3. The config suggested in this blog post about the POODLE attack worked for me. We are running Tomcat 7.0.55 and 7.0.56. Example connector below (note, that we are using JKS keystores, hence the protocol attribute)

<Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol" SSLEnabled="true"
        maxThreads="150" scheme="https" secure="true" clientAuth="false"
        keystoreFile="conf\store\tomcat.keystore" enableLookups="true"
        keystorePass="password" sslProtocol = "TLS" ciphers="TLS_RSA_WITH_AES_128_CBC_SHA" 
        sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2" server="Apache Tomcat" />

For my configuration where I am using Tomcat 7 (7.0.56) and HTTP/1.1 Connector (so it is not NIO or native connector) the combination of those attributes works well:

sslProtocol="TLS"
sslEnabledProtocols="TLSv1.2,TLSv1.1,TLSv1"

And just to add - I am running on Java 7.

Seems that there might be differences in notation (i.e. whether to separate protocols by comma or whether it needs to be a single value based on "+" concatenation of protocols) between various kind of Connectors.

For me sslEnabledProtocols works as comma-separated as stated in Tomcat 7 Configuration reference (http://tomcat.apache.org/tomcat-7.0-doc/config/http.html#SSL_Support)

In Tomcat 6.0.20 the following configuration in the connector clause of server.xml works

sslProtocol="SSL" sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2"