ApacheCon NA 2010 Session

Securing and managing your Tomcat installations

Using Apache Tomcat as production application server requires some basic knowledge of using multi-tier application servers to host business logic and data access services. This talk addresses each component and technology separately and shows you how to secure your application server in each case. It focuses on security measures that needs to be considered when securing the associated communication channels that connect Web server to the application server and the application server to the database server. It also gives a glimpse overview on the threats and countermeasures needed to secure the Tomcat in production environments.