tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <ch...@christopherschultz.net>
Subject Re: Context Path for a subdirectory
Date Sat, 01 Dec 2012 03:27:48 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Leo,

On 11/30/12 7:07 PM, Leo Donahue - RDSA IT wrote:
>> -----Original Message----- From: Leo Donahue - RDSA IT
>> [mailto:LeoDonahue@mail.maricopa.gov] Sent: Friday, November 30,
>> 2012 5:02 PM To: Tomcat Users List Subject: RE: Context Path for
>> a subdirectory
>> 
>> 
>> The way the Server 1 is configured, there are accounts that the
>> rest/admin web app will take which let you do things like
>> shutdown the services and other stuff, if you were able to brute
>> force the rest/admin username/password.
>> 
> 
> That would only do you any good if you knew the internal server
> name. But I have to protect from internal threats as well, right?

Now, you're thinking properly ;)

Just remember that you asked to be able to restrict by IP address.
Well, an internal threat might be able to come from that IP address,
so you might want credentials that can be relatively quickly revoked.
I suppose you could change the IP whitelist, but then maybe you'll
have to figure out what the new blessed IP will be...

- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.17 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iEYEARECAAYFAlC5eTQACgkQ9CaO5/Lv0PB6PwCdHxGgWyhTjvxfq/sUuelnXI2I
2CUAn2XccinoszoRrw6H52zgZj73WyB3
=XjhS
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message