Tomcat hardening

From TempusServa wiki
Revision as of 09:12, 7 February 2018 by old>Admin (Created page with " === CRSF filter === In the APPLICATION web.xml (webapps\<app>\WEB_INF\web.xml) add the following sections <filter> <filter-name>CsrfFilter</filter-name> <filter-c...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search


CRSF filter

In the APPLICATION web.xml (webapps\<app>\WEB_INF\web.xml) add the following sections

 <filter>
   <filter-name>CsrfFilter</filter-name>
   <filter-class>org.apache.catalina.filters.CsrfPreventionFilter</filter-class>
   <init-param>
     <param-name>entryPoints</param-name>
     <param-value>/login, /login.do</param-value>
   </init-param>
 </filter>
 <filter-mapping>
   <filter-name>CsrfFilter</filter-name>
   <url-pattern>/*</url-pattern>
 </filter-mapping>