DX Unified Infrastructure Management

  • Private Community

  • 1.  Tomcat configuration files directory

    Posted Mar 20, 2017 05:03 AM

    Can anyone provide me the path of tomcat folder on Primary Hub & UMP. I cannot find it. 



  • 2.  Re: Tomcat configuration files directory

    Broadcom Employee
    Posted Mar 20, 2017 09:02 AM

    on the primary I believe what you are looking for you would the

    admin console configurations

    they are located here:

    Nimsoft\probes\service\wasp\webapps\adminconsoleapp

    on ump it would be

    Nimsoft\probes\service\wasp\webapps\root

     

    Is there a specific file you are looking for?



  • 3.  Re: Tomcat configuration files directory

    Posted Mar 21, 2017 01:48 AM

    Hi Gene,

    Thanks for the prompt reply. We want to perform hardening on UMP & Admin Console Portal. For this we are looking at CIS Apache Tomcat Hardening 

    Standard. I am looking for server.xml file to check the below settings :-

    1. Turn OFF Trace

    2. Disable X-Powered-By HTTP Header

    3. Ensure SSLEnabled is set to True for active Connectors

    4. Ensure SSL Protocol is set to TLS for active Connectors



  • 4.  Re: Tomcat configuration files directory

    Broadcom Employee
    Posted Mar 21, 2017 10:12 AM

    so these version of apache do not have a server.xml

    you will need to check the apache web site for information on settting these in the web.xml file that can be found in the

    Nimsoft\probes\service\wasp\webapps\adminconsoleapp\WEB-INF

    And

    Nimsoft\probes\service\wasp\webapps\root\WEB-INF

     

    As these have not been tested by dev and QA I can not tell you what this might cause a problem with.

    If you run into any unexpected behavior the first thing you will need to do is remove these and reproduce the issue without these in place.

     

    This may cause issue with support tracking down issues for you are well.



  • 5.  Re: Tomcat configuration files directory

    Broadcom Employee
    Posted Mar 21, 2017 10:40 AM

    As I was not familiar with the 4 bullet points you put in I did a little more research

    this is what I found

     

    1) Turn OFF Trace is controller in the httpconnector section of the Apache. This  can be set in the wasp.cfg setup\httpconnector section by adding a key allowTrace = false

    Apache Tomcat 7 Configuration Reference (7.0.76) - The HTTP Connector 

     

    2) the Disable X-Powered-By HTTP Header I could not find a good solution and seem to be difficult to do in Apache

     

    3) Ensure SSLEnabled is set to True for active Connectors. This is just setting up HTTPS and making sure HTTP is set to redirect to HTTPS:

    Configure HTTPS in Admin Console or UMP - CA Unified Infrastructure Management - 8.4.7 - CA Technologies Documentation 

     

    4) Ensure SSL Protocol is set to TLS for active Connectors this can be set on the https_ciphers = line in the wasp.cfg

    Configure HTTPS in Admin Console or UMP - CA Unified Infrastructure Management - 8.4.7 - CA Technologies Documentation 

     

    hope this helps



  • 6.  Re: Tomcat configuration files directory

    Posted Mar 22, 2017 04:51 AM

    Hi Gene,

    Thanks alot for the quick help !! Appreciated. We are new to CA UIM Deployment