TomcatExpert
Home » Presentations » Securing Apache Tomcat for Enterprise Use

Securing Apache Tomcat for Enterprise Use

posted by SpringSource on April 8, 2010 12:06 PM

For development and operations teams, a presentation that covers various security configuration options available in Apache Tomcat and SpringSource tc Server.

A default Apache Tomcat installation is secure but each installation environment is different and may have additional security requirements. This presentation will examine the security configuration options available in Apache Tomcat and SpringSource tc Server, when to use them (and when not to use them) and the threats they might help mitigate. The rationale behind having resource passwords (e.g. for database access) in clear text in server.xml will also be discussed.

EMBEDDED PRESENTATION SLIDES (i.e. user can click “Next” thru slides)

To download or watch the presentation, visit www.springsource.com/webinars

 

Presentation Agenda:

  • Background
  • Threats
  • Keeping up to date
  • Operating system
  • Tomcat deployment, access logs, manager application, realms, system properties
  • Passwords
  • Web applications
  • Policy and Process

 

Presentation Outline:

  • Introductions
  • Agenda
  • Background
  • Threats
  • Keeping up to date
  • Operating system
  • Tomcat: Demployment
  • Tomcat: SecurityManager
  • Tomcat: Logging
  • Tomcat: Manager application
  • Tomcat: Realms
  • Tomcat: System properties
  • Tomcat: Miscellaneous
  • Tomcat: Passwords
  • Webapps: Authentication
  • Webapps: SSL
  • Webapps: context.xml
  • Webapps: Miscellaneous
  • Policy and Process
  • Questions
For more than 10 years, SpringSource employees have been supporting Apache technologies, with unparalleled experience and commitment to the Apache Software Foundation. More than 400 of the Fortune 500 count on SpringSource to support their mission-critical business applications. Leaders of the Apache Software Foundation, including Board Members, work at SpringSource and dedicate a significant amount of time further developing the Apache Tomcat open source project. Over the last 2 years, 95% of the issues fixed in the Apache Tomcat project were fixed by SpringSource engineers. For more information on how SpringSource can help your enterprise, see the SpringSource website, or call 800/444-1935.
0
Rating

Tags: access logs, authentication, deployment, logs, manager application, operating system, passwords, properties, realms, security, system properties, threats, Tomcat, Tomcat Configuration, Tomcat Logging, Tomcat Security, Tomcat SSL

Categories: Security

prev | next

Comments

Post new comment

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.
Image CAPTCHA
Enter the characters shown in the image.
prev | next