Guys,
I have done the hardening on Tomcat 8 version (PF below mentioned
configuration changes), but in application level some of the functionalities
are not working properly and observed some errors in the backend (PF below
mentioned errors), please re-check and provide me the proper solution ASAP.
Enabled the below changes on web.xml file (tomcat8/conf).
Web.xml:
<filter>
<filter-name>httpHeaderSecurity</filter-name>
<filter-class>org.apache.catalina.filters.HttpHeaderSecurityFilter</filter-c
lass>
<init-param>
<param-name>hstsMaxAgeSeconds</param-name>
<param-value>31536000</param-value>
</init-param>
<init-param>
<param-name>hstsMaxAgeSeconds</param-name>
<param-value>31536000</param-value>
</init-param>
<async-supported>true</async-supported>
</filter>
<filter-mapping>
<filter-name>httpHeaderSecurity</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
</filter-mapping>
Server.xml: (added the secure tag on connector)
<Connector secure="true
Below errors observed in the back end:
Regards,
Naga Ramesh
