Security Basics mailing list archives

Tomcat 5.5 Admin webpage

From: <m.farid.shawara () gmail com>
Date: Wed, 6 Feb 2008 15:40:57 +0200

Dear All :
We have a system works with Tomcat 5.5.25 on port 443

We used to use the application with the address https://servername
To manage the application we are using the URL : https://servername/Admin

The problem is that opening the page https://servername/Admin doesn't need
any credentials !!!!
When we asked the software house - they said that we can secure it by only
enable the localhost IP or any other IP in the server.xml file !!!

I need to put a username/password technique on this Admin page - what is
your advise ??

Current thread:

Tomcat 5.5 Admin webpage m.farid.shawara (Feb 06)
- Re: Tomcat 5.5 Admin webpage Jeronimo Zucco (Feb 07)