I'm just guessing here but you could run the manager app over https. If however your support team expressed concerns that the manager app might be backdoored, I suggest you slap them a little bit and ask them to change their medication :)
-----Original Message----- From: Andrew Watters [mailto:[EMAIL PROTECTED] Sent: 09 March 2004 11:32 To: Tomcat Users List Subject: Manager app security concerns I'm using the manager app to deploy web apps. I'm interfacing to it using deployer ant tasks. My support team have raised concerns that this is inherently insecure. They are concerned that a third party can use the manager app to take control of the server. Is this a valid concern? Is the username and password securely transmitted? Are there any back doors or bugs with the manager app that would allow it to be taken over? If there are any problems is there a way to improve the security of the manager? Thanks in advance for any help. Andrew --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] ________________________________________________________________________ This e-mail has been scanned for all viruses by Star Internet. The service is powered by MessageLabs. Note:__________________________________________________________________ This message is for the named person's use only. It may contain confidential, proprietary or legally privileged information. No confidentiality or privilege is waived or lost by any mistransmission. If you receive this message in error, please immediately delete it and all copies of it from your system, destroy any hard copies of it and notify the sender. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. Jaguar Freight Services and any of its subsidiaries each reserve the right to monitor all e-mail communications through its networks. Any views expressed in this message are those of the individual sender, except where the message states otherwise and the sender is authorized to state them to be the views of any such entity. ________________________________________________________________________ This e-mail has been scanned for all viruses by Star Internet. The service is powered by MessageLabs.
