ApacheCon US 2008 Session
Securing Apache Tomcat for your Environment
- Mark Thomas
- Thu, 06 November 2008 16:30
- Download Materials
- Tags: Presentation,Technical,Novice,Tomcat,Security
A default Apache Tomcat installation is secure but each installation environment is different and may have additional security requirements. This presentation will examine the security configuration options available in Apache Tomcat, when to use them (and when not to use them) and the threats they might help mitigate. The rationale behind having resource passwords (eg for database access) in clear text in server.xml will also be discussed.