Okay great. I'll check the docs on that once I get the server side stuff
running right. Thanks for all the hel.
Roberto
David Smith <[EMAIL PROTECTED]>
08/15/2005 10:59 AM
Please respond to
"Tomcat Users List"
To
Tomcat Users List
cc
Subject
Re: Security Quest
a real proxy server. Thanks.
>
>Roberto
>
>
>
>Hassan Schroeder <[EMAIL PROTECTED]>
>08/15/2005 10:30 AM
>Please respond to
>"Tomcat Users List"
>
>
>To
>Tomcat Users List
>cc
>
>Subject
>Re: Security Questions Regarding Tomcat
>
sers List"
To
Tomcat Users List
cc
Subject
Re: Security Questions Regarding Tomcat
Robert V. Coward/CTR/OSAGWI wrote:
> Understood. But I do not want to use Tomcat proxying services. I just
want
> to host 8080 locally and let my ipfilter firewall block and proxy for
Robert V. Coward/CTR/OSAGWI wrote:
Understood. But I do not want to use Tomcat proxying services. I just want
to host 8080 locally and let my ipfilter firewall block and proxy for me.
Then the default Tomcat configuration of listening on port 8080 is
just what you need. I highly recommend makin
cc
Subject
Re: Security Questions Regarding Tomcat
Robert V. Coward/CTR/OSAGWI wrote:
> Hmmm. Well take a look at this entry from the server.xml file:
>
>
>
>
>
> I did not add this and from what I can tell this comes with the default
> config. An
Robert V. Coward/CTR/OSAGWI wrote:
Hmmm. Well take a look at this entry from the server.xml file:
I did not add this and from what I can tell this comes with the default
config. Any info?
About what? This is in the Fine Manual -- see the Connector
documentation under tomcat-d
network admin is giving me much grief about allowing port 8080 access to
>>the web.
>>
>>Thanks
>>
>>
>>
>>
>>
>>Paul Singleton <[EMAIL PROTECTED]>
>>08/12/2005 10:08 AM
>>Please respond to
>>"Tomcat Users List"
>
>
>
>I did not add this and from what I can tell this comes with the default
>config. Any info?
>
>Roberto
>
>
>
>
>David Smith <[EMAIL PROTECTED]>
>08/12/2005 11:40 AM
>Please respond to
>"Tomcat Users List"
>
omcat Users List
cc
Subject
Re: Security Questions Regarding Tomcat
This sounds really fishy. Tomcat does not by default have any
connectors configured for port 80. There must be another service or
you've modified your server.xml somehow.
--David
Robert V. Coward/CTR/OSAGWI wrot
Leandro Meiners wrote:
Where can I find documentation regarding limting HTTP methods using
security-constraints?
The Security section of the Servlet 2.4 Spec (SRV.12) has some good
examples -- highly recommended :-)
FWIW!
--
Hassan Schroeder - [EMAIL PROTECTED]
We
Tim, list:
Where can I find documentation regarding limting HTTP methods using
security-constraints?
All I was able to do was requiere authentication in order to use some HTTP
methods but I would like to limit them like it can be donde with the
directive "Limit" in Apache.
I will also appreciate
I don't know -- I can see some value to the root only ports below 1024.
It prevents non-privileged users from stealing trusted service ports in
a mainframe environment -- not that that's a reality anymore. The best
way to handle this in a production environment is to use the
commons-daemon projec
work admin is giving me much grief about allowing port 8080 access to
>the web.
>
>Thanks
>
>
>
>
>
>Paul Singleton <[EMAIL PROTECTED]>
>08/12/2005 10:08 AM
>Please respond to
>"Tomcat Users List"
>
>
>To
>Tomcat Users List
>cc
>
n
>to use ports under 1000.
>
>Ralph B. Harrell
>UNC Charlotte
>Manager, Oracle Database Administration
>[EMAIL PROTECTED]
>(704) 687-2951
>-Original Message-
>From: Alon Belman [mailto:[EMAIL PROTECTED]
>Sent: Thursday, August 11, 2005 4:20 PM
>To: Tomcat U
Robert V. Coward/CTR/OSAGWI wrote:
Apparently T5 comes with a port 80 proxy server a special servlet
container or something. Basically I have ipfilter running and only allow
access to port 8080, but if you send a request to 80 tTomcat picks up and
does some sort of internal redirect to port 8
D]>
Subject
Re: Security Questions Regarding Tomcat
Harrell, Ralph wrote:
> I would like to be able to start TOMCAT as a non-root
> user but am unable to as we are running SSL and use
> port 443 and non-root users do not have the permission
> to use ports under 1000.
...not
Harrell, Ralph wrote:
I would like to be able to start TOMCAT as a non-root
user but am unable to as we are running SSL and use
port 443 and non-root users do not have the permission
to use ports under 1000.
...not in Linux and some (all?) Unix variants, anyway.
(FWIW I think this root-only-b
-Original Message-
From: Alon Belman [mailto:[EMAIL PROTECTED]
Sent: Thursday, August 11, 2005 4:20 PM
To: Tomcat Users List
Subject: Re: Security Questions Regarding Tomcat
copied "share" to meb/robo
laters!
On 8/11/05, LFM <[EMAIL PROTECTED]> wrote:
> Tim,
>
> Th
Setting the server header is a tomcat 5.5 feature.
-Tim
LFM wrote:
Tim,
Thanks for the reply, but I can't get in working:
In conf/server.xml I added server="TEST", as shown:
Stopped, started Tomcat. nc'ed to localhost, but still got the old
server header.
$ nc localhost 8180
GET / HTTP/
copied "share" to meb/robo
laters!
On 8/11/05, LFM <[EMAIL PROTECTED]> wrote:
> Tim,
>
> Thanks for the reply, but I can't get in working:
>
> In conf/server.xml I added server="TEST", as shown:
>
>
> port="8180" minProcessors="5" maxProcessors="75"
> enableLookups="true" acceptCount="10" de
Tim,
Thanks for the reply, but I can't get in working:
In conf/server.xml I added server="TEST", as shown:
Stopped, started Tomcat. nc'ed to localhost, but still got the old
server header.
$ nc localhost 8180
GET / HTTP/1.0
HTTP/1.1 302 Moved Temporarily
Location: http://localhost.localdom
The Server header can be configured in the declaration.
server='Sun Solaris IIS/6.0'
To limit the HTTP methods this can be done a few ways;
1) Use a servlet filter
2) Use web.xml and security constraints on those method types
3) ???
-Tim
LFM wrote:
Hi!
I'm hardening a Web Server running T
Hi!
I'm hardening a Web Server running Tomcat for a client, but I'm having
difficulty in finding information on how to accomplish the following
tasks (bored of googling so I decided to ask here):
1. Remove/modify the banner presented by the coyote connector on the
server header of an http reply.
2
23 matches
Mail list logo