on Dec 5, 2016There has been a lot of questions and threads about how to configure Tomcat as a Windows Service when installing JasperSoft Server.See below a video "how-to":
**Note: Ensure you allocate the right memory to avoid performance issues or out of memory issues. Memory allocated will not be sufficient for any PROD environment. Setup is just for demo purposing.
That’s all . Thanks for watching / reading until here. Did you like it? Please, don’t be shy and share it.
Any idea how to configure the service to startup with a managed service account (and not Local System Account) to thwart hacking attempts on production internet exposed tomcat servers?
Tomcat security best practices - Atlassian Documentation
Tomcat network access using windows login credential - Server Fault
Securing Critical and Service Accounts
I googled "LSA tomcat Hack" and quickly discovered quite a few published tactics for compromising insecurely deployed default tomcat installs deployed on Windows. CIS has published hardening benchmarks for tomcat and clearly states not to have tomcat service startup as root or admin user, but this is not something covered by CA Security products which embed tomcat within their offerings?