<ronald.wagen...@quicknet.nl> wrote in message
news:fb91a4c0c0682.4b6a8...@quicknet.nl...
We are running a few web applications on Tomcat 6 on a Windows Server 2003
system in a Windows 2003 Active Directory Forest.
How to make the Tomcat environment secure (hardening)?
I read about security manager, but how to add the web applications in the
cataline.policy?
Is it possible to use Windows Authentication?
Are there more possibilities?
If they are your apps, then a security manager just adds overhead in
production (although it's not a bad idea to run it in development). After
all, you can just fire the developer that inserted a back door into the app
;).
Ronald
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
