Please respond to
Tomcat Users List tomcat-user@jakarta.apache.org
To
Tomcat Users List tomcat-user@jakarta.apache.org
cc
Subject
Re: Security Questions Regarding Tomcat
This sounds really fishy. Tomcat does not by default have any
connectors configured for port 80. There must be another
tomcat-user@jakarta.apache.org
cc
Subject
Re: Security Questions Regarding Tomcat
This sounds really fishy. Tomcat does not by default have any
connectors configured for port 80. There must be another service or
you've modified your server.xml somehow.
--David
Robert V. Coward/CTR/OSAGWI wrote
tomcat-user@jakarta.apache.org
cc
Subject
Re: Security Questions Regarding Tomcat
But it's also commented out and not active. It's there as an example of
a proxied port if you happen to be using Apache and mod_rewrite as a
front end to tomcat.
--David
Robert V. Coward/CTR/OSAGWI wrote:
Hmmm
Robert V. Coward/CTR/OSAGWI wrote:
Hmmm. Well take a look at this entry from the server.xml file:
!-- Define a Proxied HTTP/1.1 Connector on port 8082 --
!-- See proxy documentation for more information about using this.
--
!--
Connector port=8082
maxThreads=150
Users List tomcat-user@jakarta.apache.org
cc
Subject
Re: Security Questions Regarding Tomcat
Robert V. Coward/CTR/OSAGWI wrote:
Hmmm. Well take a look at this entry from the server.xml file:
!-- Define a Proxied HTTP/1.1 Connector on port 8082 --
!-- See proxy documentation
Robert V. Coward/CTR/OSAGWI wrote:
Understood. But I do not want to use Tomcat proxying services. I just want
to host 8080 locally and let my ipfilter firewall block and proxy for me.
Then the default Tomcat configuration of listening on port 8080 is
just what you need. I highly recommend
To
Tomcat Users List tomcat-user@jakarta.apache.org
cc
Subject
Re: Security Questions Regarding Tomcat
Robert V. Coward/CTR/OSAGWI wrote:
Understood. But I do not want to use Tomcat proxying services. I just
want
to host 8080 locally and let my ipfilter firewall block and proxy for
me
PROTECTED]
08/15/2005 10:30 AM
Please respond to
Tomcat Users List tomcat-user@jakarta.apache.org
To
Tomcat Users List tomcat-user@jakarta.apache.org
cc
Subject
Re: Security Questions Regarding Tomcat
Robert V. Coward/CTR/OSAGWI wrote:
Understood. But I do not want to use Tomcat proxying
cc
Subject
Re: Security Questions Regarding Tomcat
Regardless of what you put up in front of tomcat to act as the proxy
host, you'll most likely need the proxyPort and proxyName attributes in
your connector so tomcat can write urls correctly as needed (like in
sending external redirects). I
-Original Message-
From: Alon Belman [mailto:[EMAIL PROTECTED]
Sent: Thursday, August 11, 2005 4:20 PM
To: Tomcat Users List
Subject: Re: Security Questions Regarding Tomcat
copied share to meb/robo
laters!
On 8/11/05, LFM [EMAIL PROTECTED] wrote:
Tim,
Thanks for the reply, but I can't get
Harrell, Ralph wrote:
I would like to be able to start TOMCAT as a non-root
user but am unable to as we are running SSL and use
port 443 and non-root users do not have the permission
to use ports under 1000.
...not in Linux and some (all?) Unix variants, anyway.
(FWIW I think this
Alon Belman [EMAIL PROTECTED]
Subject
Re: Security Questions Regarding Tomcat
Harrell, Ralph wrote:
I would like to be able to start TOMCAT as a non-root
user but am unable to as we are running SSL and use
port 443 and non-root users do not have the permission
to use ports under 1000
Robert V. Coward/CTR/OSAGWI wrote:
Apparently T5 comes with a port 80 proxy server a special servlet
container or something. Basically I have ipfilter running and only allow
access to port 8080, but if you send a request to 80 tTomcat picks up and
does some sort of internal redirect to port
ports under 1000.
Ralph B. Harrell
UNC Charlotte
Manager, Oracle Database Administration
[EMAIL PROTECTED]
(704) 687-2951
-Original Message-
From: Alon Belman [mailto:[EMAIL PROTECTED]
Sent: Thursday, August 11, 2005 4:20 PM
To: Tomcat Users List
Subject: Re: Security Questions Regarding
port 8080 access to
the web.
Thanks
Paul Singleton [EMAIL PROTECTED]
08/12/2005 10:08 AM
Please respond to
Tomcat Users List tomcat-user@jakarta.apache.org
To
Tomcat Users List tomcat-user@jakarta.apache.org
cc
Alon Belman [EMAIL PROTECTED]
Subject
Re: Security Questions Regarding Tomcat
I don't know -- I can see some value to the root only ports below 1024.
It prevents non-privileged users from stealing trusted service ports in
a mainframe environment -- not that that's a reality anymore. The best
way to handle this in a production environment is to use the
commons-daemon
Tim, list:
Where can I find documentation regarding limting HTTP methods using
security-constraints?
All I was able to do was requiere authentication in order to use some HTTP
methods but I would like to limit them like it can be donde with the
directive Limit in Apache.
I will also appreciate
Leandro Meiners wrote:
Where can I find documentation regarding limting HTTP methods using
security-constraints?
The Security section of the Servlet 2.4 Spec (SRV.12) has some good
examples -- highly recommended :-)
FWIW!
--
Hassan Schroeder - [EMAIL PROTECTED]
The Server header can be configured in the Connector declaration.
server='Sun Solaris IIS/6.0'
To limit the HTTP methods this can be done a few ways;
1) Use a servlet filter
2) Use web.xml and security constraints on those method types
3) ???
-Tim
LFM wrote:
Hi!
I'm hardening a Web Server
Tim,
Thanks for the reply, but I can't get in working:
In conf/server.xml I added server=TEST, as shown:
!-- Define a non-SSL Coyote HTTP/1.1 Connector on port 8180 --
Connector className=org.apache.coyote.tomcat4.CoyoteConnector
port=8180 minProcessors=5 maxProcessors=75
enableLookups=true
copied share to meb/robo
laters!
On 8/11/05, LFM [EMAIL PROTECTED] wrote:
Tim,
Thanks for the reply, but I can't get in working:
In conf/server.xml I added server=TEST, as shown:
!-- Define a non-SSL Coyote HTTP/1.1 Connector on port 8180 --
Connector
Setting the server header is a tomcat 5.5 feature.
-Tim
LFM wrote:
Tim,
Thanks for the reply, but I can't get in working:
In conf/server.xml I added server=TEST, as shown:
!-- Define a non-SSL Coyote HTTP/1.1 Connector on port 8180 --
Connector
--
To unsubscribe, e-mail: mailto:[EMAIL PROTECTED]
For additional commands, e-mail: mailto:[EMAIL PROTECTED]
What is the default password for the admin context?
It's in tomcat/conf/tomcat-users.xml .
where can I find documentation on implementing security with tomcat?
Start with the servlet specification at
http://java.sun.com/products/servlet/ . You could also look at JDBCRealm
(sources and
Thanks very much.
-Original Message-
From: William Kaufman [mailto:[EMAIL PROTECTED]]
Sent: Monday, July 30, 2001 5:00 PM
To: '[EMAIL PROTECTED]'
Subject: RE: Security questions
What is the default password for the admin context?
It's in tomcat/conf/tomcat-users.xml .
where can I
RequestInterceptorclassName="org.apache.tomcat.request.AccessInterceptor"
debug="0" /
From
that class' javadoc:
* Access control - find
if a request matches any web-resource-collection* and set the
"required" attributes.** The spec requires additive
checking ( i.e. there is no "best
26 matches
Mail list logo