tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Aydın Toprak <>
Subject Tomcat, Security, Anonymous Authentication
Date Mon, 13 Feb 2006 09:27:08 GMT

I have a question about the security issue that I have to cover of my 

I have web service which runs on Tomcat 5.5 with SSL  ...
I have installed all the SSL system on the server and it works fine, 
however as a little advance subject,
I have to recover some security issues,...
 the first one is Disabling anonymous authentication ...
I actually dont know the exact meaning of it an how to fix it...
as far as foundfrom the web, I need to add some lines like

SSLProtocol -ALL +SSLv3 +TLSv1

 to SOMEWHERE that I dont know and how...
according to web site that I have inspired :) , those lines should be 
added to Apache/mos_ssl, httpd.conf, or ssl.conf ...
but I dont have these files in tomcat directory...

what should I do ?

thank you...

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message