Please update AEAP.
From: Naga Ramesh [mailto:naga.ram...@manthan.com] Sent: Thursday, June 28, 2018 11:01 PM To: users@tomcat.apache.org Subject: Tomcat8 hardening issues Guys, I have done the hardening on Tomcat 8 version (PF below mentioned configuration changes), but in application level some of the functionalities are not working properly and observed some errors in the backend (PF below mentioned errors), please re-check and provide me the proper solution ASAP. Enabled the below changes on web.xml file (tomcat8/conf). Web.xml: <filter> <filter-name>httpHeaderSecurity</filter-name> <filter-class>org.apache.catalina.filters.HttpHeaderSecurityFilter</filter-c lass> <init-param> <param-name>hstsMaxAgeSeconds</param-name> <param-value>31536000</param-value> </init-param> <init-param> <param-name>hstsMaxAgeSeconds</param-name> <param-value>31536000</param-value> </init-param> <async-supported>true</async-supported> </filter> <filter-mapping> <filter-name>httpHeaderSecurity</filter-name> <url-pattern>/*</url-pattern> <dispatcher>REQUEST</dispatcher> </filter-mapping> Server.xml: (added the secure tag on connector) <Connector secure="true Below errors observed in the back end: Regards, Naga Ramesh
