Deploying Django app in my company's network --- APACHE TOMCAT 9

Hi everyone,

I'm still at the embryonnary stage of a project, but already started discussing the feasability with IT teams of the company i work at.

So they told me that they're OK with deploying my Django app and the SQL database (SQL SERVER). They already deployed a Dash project so they're familiar with this apparently.

I thought deploying my Django app would be as simple as just uploading my package into a server that runs Python. But the things they told made me quite confused.

So they told me that my app could be deployed on an APACHE TOMCAT 9 server. To deploy the app i should give them a .WAR package file.

Isn't there any simplier solution for deployment i could propose to them?

πŸ‘︎ 8
πŸ’¬︎
πŸ‘€︎ u/testundeux
πŸ“…︎ Nov 02 2021
🚨︎ report
100%OFF | Apache Tomcat Basics udemycoupons.me/it-softwa…
πŸ‘︎ 2
πŸ’¬︎
πŸ‘€︎ u/UdemyCouponsMe
πŸ“…︎ Dec 29 2021
🚨︎ report
Apache Tomcat Basics idownloadcoupon.com/coupo…
πŸ‘︎ 2
πŸ’¬︎
πŸ‘€︎ u/smartybrome
πŸ“…︎ Dec 27 2021
🚨︎ report
Nginx proxy with Apache & Tomcat

Hey all,

I work at a small company where I inherited some existing infrastructure. They currently host some php and Java web app on a few apache & tomcat servers. The servers have static IPs that map directly outside, and use different ports for the servers that host multiple sites/apps. SSL is also setup for most apps as well with certbot.

Recently we stood up some new docker apps along with an nginx reverse proxy that has been working great so I figured we might as well use nginx for the other servers, mainly for security but also to cut down on all the firewall rules.

Would it be as simple as pointing nginx to the internal servers and then updating dns? Or am I re-writing/translating the exist rules to nginx and moving the certbot over as well? Is one better than the other? Some of these servers will eventually be decommissioned (I hope) which is why I don’t want to spend too much time with this but just looking to have a discussion about the best path forward.

I spoke with the previous msp who built the system, they suggested I go the re-write path but I’ve seen documentation that says running both are fine.

πŸ‘︎ 4
πŸ’¬︎
πŸ‘€︎ u/stefjay10
πŸ“…︎ Nov 24 2021
🚨︎ report
#6:How to Install Tomcat 10 on Amazon Linux 2 | Setup Apache Tomcat 10 o... youtube.com/watch?v=T8kh3…
πŸ‘︎ 2
πŸ’¬︎
πŸ‘€︎ u/fosstechnix
πŸ“…︎ Nov 10 2021
🚨︎ report
Apache Releases Security Advisory for Tomcat us-cert.cisa.gov/ncas/cur…
πŸ‘︎ 10
πŸ’¬︎
πŸ‘€︎ u/z3nch4n
πŸ“…︎ Oct 18 2021
🚨︎ report
Mutual TLS (mTLS) on Apache Tomcat Architectural Hurdle

Requirement: Leverage mTLS to protect REST calls from middleware to Tomcat.

Steps taken: Exchanged security certificates, configured server.xml with appropriate SSLHostConfig block.

Issue: Since this is a global setting, all traffic bound to that port requires mTLS. Both the end users (UI) and REST utilize the same secure port (different endpoints).

Question: I cannot rewrite the application (packaged software), but if I add a proxy server between Tomcat and the end users and that leverages mTLS with Tomcat… will that solve the problem of multiple end users not having mTLS with Tomcat? Is there a better way?

Many thanks in advance.

πŸ‘︎ 2
πŸ’¬︎
πŸ‘€︎ u/10inch45
πŸ“…︎ Aug 31 2021
🚨︎ report
Tommy is Apache Tomcat, bundled as a single executable jar github.com/xnbox/tommy
πŸ‘︎ 3
πŸ’¬︎
πŸ“…︎ Sep 13 2021
🚨︎ report
Fail2ban airsonic tomcat apache

Hello,

I'm trying to set up a fail2ban rule for airsonic running on tomcat9 in debian. I've tried to follow the instructions in this post.

I have modified the user's line to make it correspond to my apache setup, so changing the line "logpath = /config/log/nginx/access.log" to "logpath = /var/log/apache2/access.log"

In Apache2's log I see my testing IP is showing up in errors like this:

IP.XXX.XXX.XXX - - [13/Jan/2021:21:23:46 +0100] "GET /airsonic/login?error=1 HTTP/1.1" 200 1620 "https://myserver.com/airsonic/login" "Mozilla/5.0 (iPhone; CPU iPhone OS 14_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.0.2 Mobile/15E148 Safari/604.1"

Could anyone advise how to arrange the original's post's airsonic-auth.conf to make it work with the login error I found in my apache log ? The solution offered was like this:

[Definition]

failregex = ^<HOST> \- \S+ \[\] \"GET \/login\?error.*$

datepattern = {^LN-BEG}%%ExY(?P<_sep>[-/.])%%m(?P=_sep)%%d[T ]%%H:%%M:%%S(?:[.,]%%f)?(?:\s*%%z)?

^[^\[]*\[({DATE})

{^LN-BEG}

Thank you very much

πŸ‘︎ 10
πŸ’¬︎
πŸ“…︎ Jan 13 2021
🚨︎ report
Experimenting with Project Loom, Apache Tomcat, Postgres, and Spring Boot paluch.biz/blog/182-exper…
πŸ‘︎ 68
πŸ’¬︎
πŸ‘€︎ u/mp911de
πŸ“…︎ Sep 25 2020
🚨︎ report
Analysing the WebSocket Vulnerability in Apache Tomcat (CVE-2020-13935) blog.redteam-pentesting.d…
πŸ‘︎ 11
πŸ’¬︎
πŸ‘€︎ u/RedTeamPentesting
πŸ“…︎ Nov 02 2020
🚨︎ report
HackTheBox Feline | Exploiting Apache Tomcat CVE-2020–9484 youtube.com/watch?v=g1ylt…
πŸ‘︎ 21
πŸ’¬︎
πŸ‘€︎ u/MotasemHa
πŸ“…︎ Feb 21 2021
🚨︎ report
Exploiting Apache Tomcat CVE-2020–9484 | HackTheBox Feline youtube.com/watch?v=g1ylt…
πŸ‘︎ 5
πŸ’¬︎
πŸ‘€︎ u/MotasemHa
πŸ“…︎ Feb 21 2021
🚨︎ report
Cannot get Apache Tomcat server 9 or 10 to appear in my server list.

I'm using Eclipse version 2020-12. When I add a new server and expand "Apache" in the list, I see only up to Apache 8.0

I have gone to the Marketplace and installed "Eclipse JST Server Adapters" but that only gave me up to Apache version 8. Am I missing something?

Any help would be appreciated, thanks!

πŸ‘︎ 2
πŸ’¬︎
πŸ‘€︎ u/Ndemco
πŸ“…︎ Feb 18 2021
🚨︎ report
Exploiting Apache Tomcat CVE-2020–9484 | HackTheBox Feline youtube.com/watch?v=g1ylt…
πŸ‘︎ 5
πŸ’¬︎
πŸ‘€︎ u/MotasemHa
πŸ“…︎ Feb 21 2021
🚨︎ report
Apache Tomcat and Microsoft SQL Server encryption?

Anyone get Apache Tomcat and Microsoft SQL Server encryption working?

Looking for any links and tips.

Thanks for the replies.

πŸ‘︎ 20
πŸ’¬︎
πŸ‘€︎ u/dancerjx
πŸ“…︎ Sep 14 2020
🚨︎ report
The Apache Tomcat Native library which allows using OpenSSL was not found

Upon startup of Tomcat I am getting the following message in catalina.out -

 org.apache.catalina.core.AprLifecycleListener.lifecycleEvent The Apache Tomcat Native library which allows using OpenSSL was not found on the java.library.path: [/usr/java/packages/lib:/usr/lib64:/lib64:/lib:/usr/lib]

My website comes up and functions fine so this is not any kind of critical issue that I know of.

I did some searching but could really not find out what it does and how to remedy it.

Any help as to why I get this and how to resolve it?

I am running Apache Tomcat/9.0.41

Here is a snippet of the connector part of my server.xml:

 <Connector port="80" protocol="HTTP/1.1"
               redirectPort="443" />
    <!-- A "Connector" using the shared thread pool-->
    <!--
    <Connector executor="tomcatThreadPool"
               port="8080" protocol="HTTP/1.1"
               connectionTimeout="20000"
               redirectPort="8443" />
    -->
    <!-- Define a SSL HTTP/1.1 Connector on port 8443
         This connector uses the NIO implementation that requires the JSSE
         style configuration. When using the APR/native implementation, the
         OpenSSL style configuration is required as described in the APR/native
         documentation -->

             <Connector port="443" protocol="org.apache.coyote.http11.Http11NioProtocol"
               maxThreads="2000" SSLEnabled="true" scheme="https" secure="true"
               clientAuth="false" sslProtocol="TLSv1.2"
               compression="off"
               compressionMinSize="2048"
               noCompressionUserAgents="gozilla, traviata"
               compressableMimeType="text/html,text/xml,application/xml,text/javascript,text/css"
               useSendfile="false"
               keystoreFile="/usr/local/tomcat/conf/my-keystore.jks"
               keystorePass="xxxxxxx" />

             <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
               maxThreads="2000" SSLEnabled="true" scheme="https" secure="true"
               clientAuth="false" sslProtocol="TLSv1.2"
               compression="off"
               compressionMinSize="2048"
               noCompressionUserAgents="gozilla, traviata"
               compressableMimeType="text/html,text/xml,application/xml,text/javascript,text/css"
... keep reading on reddit ➑

πŸ‘︎ 2
πŸ’¬︎
πŸ‘€︎ u/ernievd
πŸ“…︎ Feb 22 2021
🚨︎ report
What was that site that gave Apache/Tomcat configuration starting points

There used to be a site that suggested secure starting points for apache/tomcat and I think even IIS configs. It was moved around to a few different providers and was unavailable for a while.

In particular it gave sample configs, particularly of ciphers

πŸ‘︎ 15
πŸ’¬︎
πŸ‘€︎ u/GoodSpaghetti
πŸ“…︎ Aug 22 2020
🚨︎ report
Ghostcat bug impacts all Apache Tomcat versions released in the last 13 years zdnet.com/article/ghostca…
πŸ‘︎ 120
πŸ’¬︎
πŸ‘€︎ u/ben_a_adams
πŸ“…︎ Feb 28 2020
🚨︎ report
Detecting Apache Tomcat in your corporate network

Anyone know a quick and easy way for detect any instances of Apache Tomcat on a corporate network? We often see Tomcat vulnerabilities published as CVEs. For example, we just got word of this one.

http://mail-archives.us.apache.org/mod_mbox/www-announce/202101.mbox/%3Cf3765f21-969d-7f21-e34a-efc106175373%40apache.org%3E

While we primarily run Windows Server and IIS for our web servers, we know there are instances of Tomcat in our servers that we didn't explicitly install but did get installed when we installed other third party software. For example, Visual SVN Server uses Tomcat as its web server according to the documentation. When we install visual svn on windows, it shows up as an installed application. But Tomcat doesn't appear as installed as a separate application on that same server. If I drill down into the svn folder, I do see a Tomcat folder and I can see processes running out of that Tomcat folder. So it's there but we had to look for it. I'm wondering if there is an easy to scan all servers and clients and find either running active Tomcat servers or find evidence of Tomcat. So we know which third party vendors to follow up with when we hear about Tomcat vulnerabilities.

Thanks in advance .

πŸ‘︎ 2
πŸ’¬︎
πŸ‘€︎ u/jwckauman
πŸ“…︎ Jan 17 2021
🚨︎ report
Apache.Tomcat.HTTP2.DoS - with SSL Insp/Flow/6.2-6.4 (mostly spotify)

Hi, Folks!

I have several small F-Series out in the field now. I'm generally deploying them with Full-SSL-Inspection/IPS/AV/WebFilter, in flow mode. Mix of 6.2.x and 6.4.x still.

Across all of them, I'm getting a fair amount of IPS hits, as "Apache.Tomcat.HTTP2.DoS" - often to spotify. (Please see image for a sample..)

Last run I took at the TAC about this was unsuccessful in coming to any kind of resolution; I understand that whatever the traffic is, it's matching the IPS filter, but this much -- seems to be a false positive to me. I've doubled down on checking that the workstations generating the traffic are free of infection with multiple A/V products.

Anyone else seeing this? Am I the lone, special FortiAdmin out here with this issue at multiple small clients?

I could omit Spotify from the SSL-Inspection, obviously.. that'll make the alerts go away. :)

https://preview.redd.it/oth95c9asl161.jpg?width=1013&format=pjpg&auto=webp&s=e59bee1c838dd4724360971608dc785ebb327b35

πŸ‘︎ 2
πŸ’¬︎
πŸ“…︎ Nov 26 2020
🚨︎ report
Ghostcat bug impacts all Apache Tomcat versions released in the last 13 years zdnet.com/article/ghostca…
πŸ‘︎ 71
πŸ’¬︎
πŸ‘€︎ u/ben_a_adams
πŸ“…︎ Feb 28 2020
🚨︎ report
Help: Cannot get Apache Tomcat to run on Ubuntu

Hello,

This is a deployment of Apache Tomcat as an application server on Ubuntu 10. This has previously been running without much issue for years. I've inherited this issue today and do not know the version of Apache Tomcat running.

When trying to start up the Apache Tomcat service with command:

root@localhost:~# usr/local/tomcat# ./startup.sh

the service fails to start. Here is a screenshot of the response.

I am extremely new to Linux and any advice or things to try would be greatly appreciated!

πŸ‘︎ 4
πŸ’¬︎
πŸ‘€︎ u/ohmthugsnharmony
πŸ“…︎ Aug 12 2020
🚨︎ report
Connecting Apache to Tomcat installed on a different server within local network

Hi there, I am configuring an Apache front end that will host multiple websites.

One of this website will have a java web application.

I have installed tomcat on a separate machine within the same local network as Apache(Reason: my Java web app is resource intensive)

When am configuring ajp13_worker.host=localhost, I want this to point to the local LAN address.

I searched around the web and all examples point to a host with a web address like www.x.com

Can I use LAN IP here? Or is there a syntax am missing?

Right now, with LAN IP, am getting 404 not found error.

πŸ‘︎ 2
πŸ’¬︎
πŸ‘€︎ u/vijayrex
πŸ“…︎ Jul 11 2020
🚨︎ report
Deploying Django app in my company's network --- APACHE TOMCAT 9

Hi everyone,

I'm still at the embryonnary stage of a project, but already started discussing the feasability with IT teams of the company i work at.

So they told me that they're OK with deploying my Django app and the SQL database (SQL SERVER). They already deployed a Dash project so they're familiar with this apparently.

I thought deploying my Django app would be as simple as just uploading my package into a server that runs Python. But the things they told made me quite confused.

So they told me that my app could be deployed on an APACHE TOMCAT 9 server. To deploy the app i should give them a .WAR package file.

Isn't there any simplier solution for deployment i could propose to them?

πŸ‘︎ 6
πŸ’¬︎
πŸ‘€︎ u/testundeux
πŸ“…︎ Nov 02 2021
🚨︎ report
Deploying Django app in my company's network --- APACHE TOMCAT 9

Hi everyone,

I'm still at the embryonnary stage of a project, but already started discussing the feasability with IT teams of the company i work at.

So they told me that they're OK with deploying my Django app and the SQL database (SQL SERVER). They already deployed a Dash project so they're familiar with this apparently.

I thought deploying my Django app would be as simple as just uploading my package into a server that runs Python. But the things they told made me quite confused.

So they told me that my app could be deployed on an APACHE TOMCAT 9 server. To deploy the app i should give them a .WAR package file.

Isn't there any simplier solution for deployment i could propose to them?

πŸ‘︎ 2
πŸ’¬︎
πŸ‘€︎ u/testundeux
πŸ“…︎ Nov 02 2021
🚨︎ report

Please note that this site uses cookies to personalise content and adverts, to provide social media features, and to analyse web traffic. Click here for more information.