On Thu, Jul 23, 2015 at 10:50 AM, Mark Thomas ma...@apache.org wrote:
On 23 July 2015 15:07:01 CEST, Jim Sellers jim.sell...@gmail.com wrote:
Hi all.
Sorry if this has already been answered, but I couldn't find it.
I'm looking at using tomcat in a docker container and I was wondering
why
there isn't a binary distribution that has most / all of the steps
already
done from the security how to?
https://tomcat.apache.org/tomcat-7.0-doc/security-howto.html
I understand that there wouldn't be a true one size fits all, but I
rather
than get everyone to try to follow the same basic steps I thought that
they
would be done upstream in the project.
If there's a reason why, I'm curious to learn what it is.
I've also opened a ticket with the official docker tomcat image project
for
a tomcat that has this done.
https://github.com/docker-library/tomcat/issues/14
Thanks for your time.
Jim
Which default settings do you expect to be changed?
Mark
I was thinking the parts from that document that say should be or not
intended for production.
e.g. deleting the default apps, disabling the version number, etc.
I'm somewhat new to TC and was looking for distribution that was closer to
the recommended TC production setup than the default one.
I was assuming that both would be available for download.
Jim
