-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Chuck,
On 4/17/13 11:34 PM, Caldarale, Charles R wrote:
>> From: Leo Donahue - RDSA IT [mailto:leodona...@mail.maricopa.gov]
>> Subject: RE: server.xml shutdown port command string
>
>> If I am the only person deploying
> From: Leo Donahue - RDSA IT [mailto:leodona...@mail.maricopa.gov]
> Subject: RE: server.xml shutdown port command string
> If I am the only person deploying web apps (that I have developed), should I
> still consider changing this command string value to something more compl
From: Caldarale, Charles R [chuck.caldar...@unisys.com]
Subject: RE: server.xml shutdown port command string
> From: Leo Donahue - RDSA IT [mailto:leodona...@mail.maricopa.gov]
> Subject: server.xml shutdown port command string
> Is the "
> From: Leo Donahue - RDSA IT [mailto:leodona...@mail.maricopa.gov]
> Subject: server.xml shutdown port command string
> Is the "command string" what is being called the password on the
> security-howto page?
Yes, they're the same thing; the text should be more
In the Tomcat docs pertaining to security considerations, in the server.xml
section, it talks about if the shutdown port is not disabled, a strong password
should be configured for shutdown
http://tomcat.apache.org/tomcat-7.0-doc/security-howto.html#Server
In the Tomcat docs for configuration, t
