-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Alejandro,
On 11/3/17 5:54 PM, Alejandro Vargas M. wrote:
> You can help with an example of this url-rewrite to add this
> header,
The url-rewrite user manual is quite comprehensive, including many
examples. I'm sure you can figure it out.
- -chri
You can help with an example of this url-rewrite to add this header,
Please,
Thanks in advance.
On 11/01/2017 02:03 PM, Christopher Schultz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Alejandro,
On 11/1/17 3:37 PM, Alejandro Vargas M. wrote:
Hello,
I recently used on web.xml
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
André,
On 11/2/17 9:35 AM, André Warnier (tomcat) wrote:
> You seem to be responding on the wrong thread, but here are some
> answers anyway (will save Christopher some typing)
(I was trying not to pollute this hijacked thread.)
> When tomcat sta
: Thursday, November 2, 2017 9:36 AM
To: users@tomcat.apache.org
Subject: Re: security headers
You seem to be responding on the wrong thread, but here are some answers
anyway (will save Christopher some typing)
On 02.11.2017 13:55, Cheltenham, Chris wrote:
> Mr. Shultz,
>
> I really apprec
nham
Technology Services
The School District of Philadelphia
Work # 215-400-5025
Cell # 215-301-6571
-Original Message-
From: Christopher Schultz [mailto:ch...@christopherschultz.net]
Sent: Wednesday, November 1, 2017 4:04 PM
To: users@tomcat.apache.org
Subject: Re: security headers
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Chris,
On 11/2/17 8:55 AM, Cheltenham, Chris wrote:
> Mr. Shultz,
>
> I really appreciate your detailed answers. Helps me out a lot.
>
> I am now thinking big picture because my application does not
> require APR.
Wrong thread?
- -chris
-BEG
: users@tomcat.apache.org
Subject: Re: security headers
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Alejandro,
On 11/1/17 3:37 PM, Alejandro Vargas M. wrote:
> Hello,
>
> I recently used on web.xml
>
> httpHeaderSecurity
> org.apache.catalina.filters.HttpHeaderSecuri
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Alejandro,
On 11/1/17 3:37 PM, Alejandro Vargas M. wrote:
> Hello,
>
> I recently used on web.xml
>
> httpHeaderSecurity
> org.apache.catalina.filters.HttpHeaderSecurityFilter
>
> true
>
> httpHeaderSecurity
> /*
>
> to enable some securi
On Thu, Sep 07, 2017 at 04:07:25PM +0530, Mohammad Nayeem wrote:
> We have installed apace and configured mod_jk connector along with a
> load-balancer for 2 tomcat servers.
>
> We were able to successfully start apache and we got the login page of our
> application hosted on it, but the functiona
e the exact same
functionality that we had without apache in the front?
Regards,
Mohammad Nayeem
-Original Message-
From: Olaf Kock [mailto:tom...@olafkock.de]
Sent: 31 May 2017 16:38
To: Tomcat Users List
Subject: [External] Re: Security Headers Implementation in Tomcat 6.x
version
plus the JAR file that has a few (unique) classes from Tomcat
7 in there.
Remember: Upgrade ASAP.
- -chris
> -Original Message- From: Christopher Schultz
> [mailto:ch...@christopherschultz.net ]
Sent: 31 May 2017 23:52 To:
> users@tomcat.apache.org Subject: [Externa
Ghgfhch
Dygugjfbjg
Envoyé de mon smartphone BlackBerry 10.
Message d'origine
De: Christopher Schultz
Envoyé: jeudi 8 juin 2017 18:43
À: users@tomcat.apache.org
Répondre à: Tomcat Users List
Objet: Re: [External] Re: Security Headers Implementation in Tomcat 6.x version
-BEGIN PGP S
tence that way.
- -chris
> -Original Message- From: Olaf Kock
> [mailto:tom...@olafkock.de] Sent: 31 May 2017 16:38 To: Tomcat
> Users List Subject: [External] Re:
> Security Headers Implementation in Tomcat 6.x version
>
> Am 29.05.2017 um 13:34 schrieb Shaik, Mohammad N
mcat Users List
Subject: [External] Re: Security Headers Implementation in Tomcat 6.x version
Am 29.05.2017 um 13:34 schrieb Shaik, Mohammad N.:
> Hello Olaf,
>
> Thanks for your response!
>
> Based on your inputs, we are thinking to put Apache httpd in front of Tomcat
> 6 se
Am 02.06.2017 um 07:43 schrieb Shaik, Mohammad N.:
> Hi Chris, > > My actual requirement was to implement 7 HTTP headers, out of
> which
4 are implemented in "HttpHeaderSecurityFilter". The remaining 3 headers
(Content-Security-Policy, Public-Key-Pins, X-Robots-Tag) are not
addressed in any of t
versions.
Is there any way that we implement these 3 headers in Tomcat?
Regards,
Mohammad
-Original Message-
From: Christopher Schultz [mailto:ch...@christopherschultz.net]
Sent: 01 June 2017 19:59
To: users@tomcat.apache.org
Subject: Re: [External] Re: Security Headers Implementation
e.
Remember: Upgrade ASAP.
- -chris
> -Original Message- From: Christopher Schultz
> [mailto:ch...@christopherschultz.net] Sent: 31 May 2017 23:52 To:
> users@tomcat.apache.org Subject: [External] Re: Security Headers
> Implementation in Tomcat 6.x version
>
> Mohammad,
&g
7 23:52
To: users@tomcat.apache.org
Subject: [External] Re: Security Headers Implementation in Tomcat 6.x version
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Mohammad,
On 5/31/17 6:37 AM, Shaik, Mohammad N. wrote:
> Can I simply use the JAR files from Tomcat 7 that contains executable
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Mohammad,
On 5/31/17 6:37 AM, Shaik, Mohammad N. wrote:
> Can I simply use the JAR files from Tomcat 7 that contains
> executable code of filter classes (security headers), and put them
> into corresponding location in Tomcat 6?
Definitely don't
Am 29.05.2017 um 13:34 schrieb Shaik, Mohammad N.:
> Hello Olaf,
>
> Thanks for your response!
>
> Based on your inputs, we are thinking to put Apache httpd in front of Tomcat
> 6 server, since our header configuration is going to be static.
>
> Can you please help us in identifying which version
gt; Sent: 30 May 2017 21:06
> To: users@tomcat.apache.org
> Subject: Re: Security Headers Implementation in Tomcat 6.x version
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Mohammad,
>
> On 5/30/17 2:13 AM, Shaik, Mohammad N. wrote:
> > Thanks for the valu
istopher Schultz [mailto:ch...@christopherschultz.net]
> Sent: 30 May 2017 21:06
> To: users@tomcat.apache.org
> Subject: Re: Security Headers Implementation in Tomcat 6.x version
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Mohammad,
>
> On 5/30/17 2:13
: 30 May 2017 21:06
To: users@tomcat.apache.org
Subject: Re: Security Headers Implementation in Tomcat 6.x version
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Mohammad,
On 5/30/17 2:13 AM, Shaik, Mohammad N. wrote:
> Thanks for the valuable input, that helps!! We shall go with getting
&g
folder or under "WEB-INF" folder of my application?
Regards,
Mohammad
-Original Message-
From: Christopher Schultz [mailto:ch...@christopherschultz.net]
Sent: 30 May 2017 21:06
To: users@tomcat.apache.org
Subject: Re: Security Headers Implementation in Tomcat 6.x versio
hristopher Schultz
> [mailto:ch...@christopherschultz.net] Sent: 29 May 2017 20:57 To:
> users@tomcat.apache.org Subject: Re: Security Headers
> Implementation in Tomcat 6.x version
>
> Mohammad,
>
> On 5/29/17 7:34 AM, Shaik, Mohammad N. wrote:
>> Based on your inputs, we are
share the location of the source package in
Tomcat 6 so that we can replace it with the one from Tomcat 7?
Regards,
Mohammad
-Original Message-
From: Christopher Schultz [mailto:ch...@christopherschultz.net]
Sent: 29 May 2017 20:57
To: users@tomcat.apache.org
Subject: Re: Security Headers
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Mohammad,
On 5/29/17 7:34 AM, Shaik, Mohammad N. wrote:
> Based on your inputs, we are thinking to put Apache httpd in front
> of Tomcat 6 server, since our header configuration is going to be
> static.
This might not be a bad idea for a number of
, it will be great if you can share some
guidelines on how to implement Apache in front of Tomcat.
Regards,
Mohammad Nayeem
-Original Message-
From: Olaf Kock [mailto:tom...@olafkock.de]
Sent: 29 May 2017 13:53
To: users@tomcat.apache.org
Subject: Re: Security Headers Implementation in
Am 29.05.2017 um 07:59 schrieb Shaik, Mohammad N.:
> We are using Tomcat 6.x version and we need to implement the following
> headers in our environment.
>
> Headers:
> 1) Strict-Transport-Security
> 2) Content-Security-Policy
>
> 7) X-Robots-Tag
>
> When I checked the Tomcat 6 version webpa
29 matches
Mail list logo
