?
Solved

Tomcat: Hide web server name

Posted on 2003-03-20
5
Medium Priority
?
792 Views
Last Modified: 2012-06-21
I've secured my web application using JDBC realms.   when a user fails to authenticate, tomcat shows an unauthorized page that displays the web server type (i.e Tomcat 4.1.18).     How do I customize the error page so that it is a generic "you don't have access to this resource" page that does not indicate what type of web server is being run?

0
Comment
Question by:mberumen
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
5 Comments
 

Expert Comment

by:cianid3
ID: 8185162
Include this in your .htaccess file

ErrorDocument 403 http://www.yoururl.com/errorpage.html

replace yoururl with the address of your server and create a new file called errorpage.html and include whatever you want for example "you don't have access to this resource". You could also try turning of your server signature in the apache config file.

0
 
LVL 4

Author Comment

by:mberumen
ID: 8185445
I should clarify that this is a standalone configuration, there is no apache server..

0
 
LVL 3

Accepted Solution

by:
NetWize earned 150 total points
ID: 8200558
you can specify the error-page in the web.xml right at the place where you configure the ressources to be protected.
0
 
LVL 4

Author Comment

by:mberumen
ID: 8204058
Thanks for all the leads, when my schedule clears I'll try your suggestions and let you know

mb
0
 
LVL 4

Author Comment

by:mberumen
ID: 8367583
Thanks for the lead.

mb
0

Featured Post

Building an interactive eFuture classroom

Watch and learn how ATEN provided a total control system solution including seamless switching matrix switch, HDBaseT extenders, PDU, lighting control to build an interactive eFuture classroom.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you don't have the right permissions set for your WordPress location in IIS, you won't be able to perform automatic updates. Here's how to fix the problem.
When it comes to security, close monitoring is a must. According to WhiteHat Security annual report, a substantial number of all web applications are vulnerable always. Monitis offers a new product - fully-featured Website security monitoring and pr…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
In this video, Percona Solution Engineer Dimitri Vanoverbeke discusses why you want to use at least three nodes in a database cluster. To discuss how Percona Consulting can help with your design and architecture needs for your database and infras…
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question