Speakers -> Securing Apache Tomcat for your Environment

SpringOne Europe 2009 Speakers Schedule Tracks Social Events Exhibition Sponsors Registration Venue Travel Hotels About SpringOne Contact	Presentation: "Securing Apache Tomcat for your Environment" Track: Enterprise Production Systems Time: Wednesday 09:00 - 10:15 Location: Foyer Room Abstract: A default Apache Tomcat installation is secure but each installation environment is different and may have additional security requirements. This presentation will examine the security configuration options available in Apache Tomcat, when to use them (and when not to use them) and the threats they might help mitigate. The rationale behind having resource passwords (eg for database access) in clear text in server.xml will also be discussed.		Senior Software Engineer Mark Thomas, SpringSource Mark Thomas is a Senior Software Engineer with SpringSource. At SpringSource Mark leads the integration of Tomcat with tc Server and has also had a hand in the development and integration of the additional serviceability functionality. Mark has been using and developing Apache Tomcat for more than five years. He first got involved in the development of Tomcat when he needed better control over the SSL configuration than was available at the time. After fixing that first bug, he started working his way through the remaining Tomcat bugs and is still going. Along the way, Mark has become a Tomcat committer and PMC member, volunteered to be the Tomcat 4 release manager, created the Tomcat security pages, became a member of the ASF and joined the Apache Security Committee. He also helps maintain the ASF's Bugzilla instances. Mark has a MEng in Electronic and Electrical Engineering from the University of Birmingham, United Kingdom.

Presentation: "Securing Apache Tomcat for your Environment"

Senior Software Engineer Mark Thomas, SpringSource