tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Leo Donahue - PLANDEVX <>
Subject Securing Tomcat Manager auth-method
Date Mon, 26 Sep 2011 15:09:26 GMT
In light of the recent announcement, is securing Tomcat Manager with org.apache.catalina.valves.RemoteAddrValve
enough if we are using or should I consider changing the manager auth-method from
BASIC to FORM and enable HTTPS as well?  Is running Tomcat as a Windows service considered


  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message