vorburger commented on a change in pull request #807:
URL: https://github.com/apache/fineract/pull/807#discussion_r419994641
##########
File path: docker/server.xml
##########
@@ -108,7 +108,7 @@
-->
<!-- Define an AJP 1.3 Connector on port 8009 -->
- <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
+ <Connector port="8009" protocol="AJP/1.3" redirectPort="8443"
secret="xyz123" />
Review comment:
Hm, a "magical" :imp: `secret`... I doubt anyone uses the AJP Connector
with Tomcat in a Container, and for better security than shipping with a
default password (bad best practice) I suggest that we just remove (or at least
comment out) this `Connector` entirely here, what do you think?
##########
File path: Dockerfile
##########
@@ -37,18 +37,20 @@ RUN ./gradlew clean -x rat -x test war
# =========================================
-FROM bitnami/tomcat:7.0.94 as fineract
+FROM bitnami/tomcat:latest as fineract
Review comment:
```suggestion
FROM bitnami/tomcat:9.0 as fineract
```
because `:latest` is always dangerous (it could silently break us when
Tomcat 10 is released)
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
