siteMinder implementation for our application

2017-03-24 Thread Kikkeri, Amith 
Hi,
Our application runs on tomcat7 (Port 80) and we don't use a web server. We are 
implementing SSO and planning to use siteMinder. When trying to install 
siteMinder web agent, we realized that it is not recognizing tomcat. Please let 
me  know if there is an option to make siteMinder webagent work with tomcat7.

If it is mandatory to use a web server, can we use IIS.

Any help appreciated.

Thanks.
Regards,
Amith Kikkeri

RE: Appscan Issues

2016-04-08 Thread Kikkeri, Amith 
Thanks... I will me more detailed.
We don't use Apache HTTPD or ngnix. It's just tomcat7. Below is my connector 
configuration.

  



Regards,
Amith



-Original Message-
From: Olaf Kock [mailto:tom...@olafkock.de] 
Sent: Friday, April 08, 2016 9:29 AM
To: users@tomcat.apache.org
Subject: Re: Appscan Issues



Am 08.04.2016 um 15:17 schrieb Kikkeri, Amith:
> Hi,
> Appscan was performed on our application and 2 issues were encountered. Could 
> anyone please let me know how to resolve these issues ? We use tomcat7.
>
> Browser Exploit Against SSL/TLS (a.k.a. BEAST)
> RC4 cipher suites were detected
> (Remove support of SSLv3/TLS1.0 cipher suites with CBC.)
Sure. Remove SSL support.

Seriously: With the level of information that you give, what's the level of 
detail that you expect back?

Are you using tomcat only? Do you front it with Apache httpd? nginx? Any 
loadbalancer or SSL-Terminator (pardon the use of SSL here)? If you only have 
tomcat, what's the configuration of your https connector? Which of the options 
that are documented in the connector's documentation 
(http://tomcat.apache.org/tomcat-7.0-doc/config/http.html#SSL_Support or 
http://tomcat.apache.org/tomcat-7.0-doc/ssl-howto.html among others) do you 
need help with?

Olaf

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Appscan Issues

2016-04-08 Thread Kikkeri, Amith 
Hi,
Appscan was performed on our application and 2 issues were encountered. Could 
anyone please let me know how to resolve these issues ? We use tomcat7.

Browser Exploit Against SSL/TLS (a.k.a. BEAST)
RC4 cipher suites were detected
(Remove support of SSLv3/TLS1.0 cipher suites with CBC.)

Regards,
Amith

RE: Access application without giving port number and context root

2015-11-16 Thread Kikkeri, Amith 
Thank you.. 
I will try IIS reverse proxy and update the status once I am successful.

Regards,
Amith Kikkeri

-Original Message-
From: Tauzell, Dave [mailto:dave.tauz...@surescripts.com] 
Sent: Monday, November 16, 2015 10:26 AM
To: Tomcat Users List
Subject: RE: Access application without giving port number and context root

Yes, you can use IIS as a reverse proxy.   I haven't done it, but looked into 
this in the past and found a few solutions.  You can google "IIS Reverse 
Proxy".   Some things to consider with a reverse proxy:

1. Your application cannot be sending back links with the hostname/port in it.
2. If your application does HTTP redirects, then you need to setup the reverse 
proxy to re-write those (not an issue, but something you need to configure).

-Dave

-Original Message-----
From: Kikkeri, Amith [mailto:amith.kikk...@aig.com] 
Sent: Monday, November 16, 2015 9:22 AM
To: Tomcat Users List
Subject: RE: Access application without giving port number and context root

Thanks. Ngnix is not an approved software in my company. Hence trying to see if 
there is a work around. Can IIS be used as a reverse proxy? I see IIS as an 
approved one.

Regards,
Amith Kikkeri


-Original Message-
From: Tauzell, Dave [mailto:dave.tauz...@surescripts.com] 
Sent: Monday, November 16, 2015 10:17 AM
To: Tomcat Users List
Subject: RE: Access application without giving port number and context root

If you want to have multiple applications running on the same tomcat but each 
has a URL that hides this you need to use a reverse proxy server.



End User   > Reverse Proxy (NGINX for example )   
->   App 1
  http://foo.bar/   
 ->  http://app.server:7832/foo
  http://baz/bar/   
->  http://app.server:7832/bar


This is more complicated to setup but has the benefit of being able to move the 
tomcat instance around (a different port or server, for example) without the 
End User needed to change the URL they use.

If you don't want to run and manage a new process there are some java based 
reverse proxies that I think you could run on the Tomcat server itself:  
http://wiki.apache.org/tomcat/ServletProxy.   You won't be able to hide the 
port with these however.

-Dave


-Original Message-
From: Kikkeri, Amith [mailto:amith.kikk...@aig.com]
Sent: Monday, November 16, 2015 9:11 AM
To: Tomcat Users List
Subject: RE: Access application without giving port number and context root

Hi,
I don’t want to install my application as ROOT.war application. This will make 
it difficult if I want to deploy multiple applications in same tomcat instance.
Please suggest.

Regards,
Amith Kikkeri

-Original Message-
From: Konstantin Kolinko [mailto:knst.koli...@gmail.com]
Sent: Thursday, November 12, 2015 4:17 PM
To: Tomcat Users List
Subject: Re: Access application without giving port number and context root

2015-11-13 0:04 GMT+03:00 Kikkeri, Amith <amith.kikk...@aig.com>:
> Hi..
> I am trying to deploy a web application tomcat 7.0.61 . I have a DNS created 
> and I want access the application without using port number and context root. 
> Please suggest the best approach to achieve this.
>
> I can change the Port in server.xml to default port 80, but I would still 
> need to give the context root, else it would be redirected to tomcat home 
> page. In PRODUCTION, I would have a DNS created to access my application and 
> want to avoid port number and context root, hence want to know the steps and 
> best approach to achieve this. If there are some tutorials/Links, please 
> share the same.


Both questions are already answered in the FAQ. See HowTo page there and search 
for "ROOT" (uppercase)

Best regards,
Konstantin Kolinko

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

B�CB��[��X��ܚX�KK[XZ[
�\�\��][��X��ܚX�P�X�]
�\X�K�ܙ�B��܈Y][ۘ[��[X[��K[XZ[
�\�\��Z[�X�]
�\X�K�ܙ�B�
This e-mail and any files transmitted with it are confidential, may contain 
sensitive information, and are intended solely for the use of the individual or 
entity to whom they are addressed. If you have received this e-mail in error, 
please notify the sender by reply e-mail immediately and destroy all copies of 
the e-mail and any attachments.
B�CB��[��X��ܚX�KK[XZ[
�\�\��][��X��ܚX�P�X�]
�\X�K�ܙ�B��܈Y][ۘ[��[X[��K[XZ[
�\�\��Z[�X�]
�\X�K�ܙ�B�

RE: Access application without giving port number and context root

2015-11-16 Thread Kikkeri, Amith 
Thanks. Ngnix is not an approved software in my company. Hence trying to see if 
there is a work around. Can IIS be used as a reverse proxy? I see IIS as an 
approved one.

Regards,
Amith Kikkeri


-Original Message-
From: Tauzell, Dave [mailto:dave.tauz...@surescripts.com] 
Sent: Monday, November 16, 2015 10:17 AM
To: Tomcat Users List
Subject: RE: Access application without giving port number and context root

If you want to have multiple applications running on the same tomcat but each 
has a URL that hides this you need to use a reverse proxy server.



End User   > Reverse Proxy (NGINX for example )   
->   App 1
  http://foo.bar/   
 ->  http://app.server:7832/foo
  http://baz/bar/   
->  http://app.server:7832/bar


This is more complicated to setup but has the benefit of being able to move the 
tomcat instance around (a different port or server, for example) without the 
End User needed to change the URL they use.

If you don't want to run and manage a new process there are some java based 
reverse proxies that I think you could run on the Tomcat server itself:  
http://wiki.apache.org/tomcat/ServletProxy.   You won't be able to hide the 
port with these however.

-Dave


-Original Message-
From: Kikkeri, Amith [mailto:amith.kikk...@aig.com]
Sent: Monday, November 16, 2015 9:11 AM
To: Tomcat Users List
Subject: RE: Access application without giving port number and context root

Hi,
I don’t want to install my application as ROOT.war application. This will make 
it difficult if I want to deploy multiple applications in same tomcat instance.
Please suggest.

Regards,
Amith Kikkeri

-Original Message-
From: Konstantin Kolinko [mailto:knst.koli...@gmail.com]
Sent: Thursday, November 12, 2015 4:17 PM
To: Tomcat Users List
Subject: Re: Access application without giving port number and context root

2015-11-13 0:04 GMT+03:00 Kikkeri, Amith <amith.kikk...@aig.com>:
> Hi..
> I am trying to deploy a web application tomcat 7.0.61 . I have a DNS created 
> and I want access the application without using port number and context root. 
> Please suggest the best approach to achieve this.
>
> I can change the Port in server.xml to default port 80, but I would still 
> need to give the context root, else it would be redirected to tomcat home 
> page. In PRODUCTION, I would have a DNS created to access my application and 
> want to avoid port number and context root, hence want to know the steps and 
> best approach to achieve this. If there are some tutorials/Links, please 
> share the same.


Both questions are already answered in the FAQ. See HowTo page there and search 
for "ROOT" (uppercase)

Best regards,
Konstantin Kolinko

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

B�CB��[��X��ܚX�KK[XZ[
�\�\��][��X��ܚX�P�X�]
�\X�K�ܙ�B��܈Y][ۘ[��[X[��K[XZ[
�\�\��Z[�X�]
�\X�K�ܙ�B�
This e-mail and any files transmitted with it are confidential, may contain 
sensitive information, and are intended solely for the use of the individual or 
entity to whom they are addressed. If you have received this e-mail in error, 
please notify the sender by reply e-mail immediately and destroy all copies of 
the e-mail and any attachments.
B�CB��[��X��ܚX�KK[XZ[
�\�\��][��X��ܚX�P�X�]
�\X�K�ܙ�B��܈Y][ۘ[��[X[��K[XZ[
�\�\��Z[�X�]
�\X�K�ܙ�B�

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

RE: Access application without giving port number and context root

2015-11-16 Thread Kikkeri, Amith 
Hi,
I don’t want to install my application as ROOT.war application. This will make 
it difficult if I want to deploy multiple applications in same tomcat instance.
Please suggest.

Regards,
Amith Kikkeri

-Original Message-
From: Konstantin Kolinko [mailto:knst.koli...@gmail.com] 
Sent: Thursday, November 12, 2015 4:17 PM
To: Tomcat Users List
Subject: Re: Access application without giving port number and context root

2015-11-13 0:04 GMT+03:00 Kikkeri, Amith <amith.kikk...@aig.com>:
> Hi..
> I am trying to deploy a web application tomcat 7.0.61 . I have a DNS created 
> and I want access the application without using port number and context root. 
> Please suggest the best approach to achieve this.
>
> I can change the Port in server.xml to default port 80, but I would still 
> need to give the context root, else it would be redirected to tomcat home 
> page. In PRODUCTION, I would have a DNS created to access my application and 
> want to avoid port number and context root, hence want to know the steps and 
> best approach to achieve this. If there are some tutorials/Links, please 
> share the same.


Both questions are already answered in the FAQ. See HowTo page there and search 
for "ROOT" (uppercase)

Best regards,
Konstantin Kolinko

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Access application without giving port number and context root

2015-11-12 Thread Kikkeri, Amith 
Hi..
I am trying to deploy a web application tomcat 7.0.61 . I have a DNS created 
and I want access the application without using port number and context root. 
Please suggest the best approach to achieve this.

I can change the Port in server.xml to default port 80, but I would still need 
to give the context root, else it would be redirected to tomcat home page. In 
PRODUCTION, I would have a DNS created to access my application and want to 
avoid port number and context root, hence want to know the steps and best 
approach to achieve this. If there are some tutorials/Links, please share the 
same.

Appreciate you assistance.

Regards,
Amith