Tomcat Securing Tips
Many times (highly recommended) you might want to bind secure port at your tomcat installation, so you only have to include just before the </web-app> closing TAG at your web.xml file under $CATALINA_HOME/conf/ :
<welcome-file>index.htm</welcome-file>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list>
<security-constraint>
<web-resource-collection>
<web-resource-name>Protected Context</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<!-- auth-constraint goes here if you requre authentication -->
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
</web-app>
tomcat@achtung:~/logs$
page revision: 1, last edited: 16 Jan 2012 11:41