xain Asked: 2011-02-26 04:21:44 +0800 CST2011-02-26 04:21:44 +0800 CST 2011-02-26 04:21:44 +0800 CST How to secure tomcat's manager with ssl 772 How can I secure tomcat's application manager with ssl ? I already have the certificates for the site. Thanks tomcat ssl 3 Answers Voted mahnsc 2011-03-07T14:00:11+08:002011-03-07T14:00:11+08:00 You could try adding user-data-constraints in tomcat manager's web.xml. That might do the trick: <user-data-constraint> <transport-guarantee>CONFIDENTIAL</transport-guarantee> </user-data-constraint> Maybe insert them before the /security-contraint closing tag in the HTML Manager commands section of that web.xml: aligot 2011-02-26T04:37:18+08:002011-02-26T04:37:18+08:00 you can use nginx or apache in front of your tomcat to control access easily. Best Answer Giovanni Tirloni 2011-03-07T17:37:45+08:002011-03-07T17:37:45+08:00 Define the admin app inside a SSL connector. http://tomcat.apache.org/tomcat-5.5-doc/ssl-howto.html
You could try adding user-data-constraints in tomcat manager's web.xml. That might do the trick:
Maybe insert them before the /security-contraint closing tag in the HTML Manager commands section of that web.xml:
you can use nginx or apache in front of your tomcat to control access easily.
Define the admin app inside a SSL connector.
http://tomcat.apache.org/tomcat-5.5-doc/ssl-howto.html