How to enable HSTS (HTTP Strict Transport Security) in Tomcat + JIRA -


it helpful if suggest me enable hsts(http strict transport security) header in tomcat

my jira application running on tomcat , there no apache or nginx @ front.

i set hsts response header jira application, kindly please suggest how can implement in tomcat.

thanks in advance.

i think you're looking for. took https://bz.apache.org/bugzilla/attachment.cgi?id=30003&action=edit

<filter>     <filter-name>hstsfilter</filter-name>     <filter-class>org.apache.catalina.filters.hstsfilter</filter-class>     <init-param>        <param-name>maxageseconds</param-name>        <param-value>31536000</param-value>     </init-param>     <init-param>        <param-name>includesubdomains</param-name>        <param-value>true</param-value>     </init-param> </filter> <filter-mapping>     <filter-name>hstsfilter</filter-name>     <url-pattern>/*</url-pattern> </filter-mapping>  package org.apache.catalina.filters;  import java.io.ioexception;  import javax.servlet.filterchain; import javax.servlet.filterconfig; import javax.servlet.servletexception; import javax.servlet.servletrequest; import javax.servlet.servletresponse; import javax.servlet.http.httpservletresponse;  import org.apache.juli.logging.log; import org.apache.juli.logging.logfactory;  public class hstsfilter extends filterbase {     private static final string header_name = "strict-transport-security";     private static final string max_age_directive = "max-age=%s";     private static final string include_sub_domains_directive = "includesubdomains";      private static final log log = logfactory.getlog(hstsfilter.class);      // default "0" recommended in section 11.2 of rfc 6797     private int maxageseconds = 0;     private boolean includesubdomains = false;      private string directives;      public void setmaxageseconds(int maxageseconds) {         this.maxageseconds = maxageseconds;     }      public void setincludesubdomains(boolean includesubdomains) {         this.includesubdomains = includesubdomains;     }      @override     public void dofilter(servletrequest request, servletresponse response,             filterchain chain) throws ioexception, servletexception {         chain.dofilter(request, response);          // note hsts header must not included in http responses         // conveyed on non-secure transport         if (request.issecure() && response instanceof httpservletresponse) {             httpservletresponse res = (httpservletresponse) response;             res.addheader(header_name, this.directives);         }     }      @suppresswarnings("boxing")     @override     public void init(filterconfig filterconfig) throws servletexception {         super.init(filterconfig);         if (this.maxageseconds < 0) {             throw new servletexception(sm.getstring(                     "hsts.invalidparametervalue", this.maxageseconds,                     "maxageseconds"));         }         this.directives = string.format(max_age_directive, this.maxageseconds);         if (this.includesubdomains) {             this.directives += (" ; " + include_sub_domains_directive);         }     }      @override     protected log getlogger() {         return log;     } }

check code on link i've attached.


Comments

Post a Comment

Popular posts from this blog

symfony - TEST environment only: The database schema is not in sync with the current mapping file -

there similar questions regarding issue haven't seen in particular test environment , sqlite. cannot validate schema test environment uses sqlite can validate schemas dev environment uses mysql. know reason , possible solution? whole application works fine in both dev , test environments though. phing , ci build broken. php app/console doctrine:schema:update --force --env=test updating database schema... database schema updated successfully! "9" queries executed php app/console doctrine:schema:validate --env=test [mapping] ok - mapping files correct. [database] fail - database schema not in sync current mapping file. update i'm adding sqldump result see if spots wrong it. thing can is, have 2 bundles. country below coming frontendbundle user entity missing defined in backendbundle . php app/console doctrine:schema:update --dump-sql --env=test drop index uniq_5373c9665e237e06; drop index uniq_5373c966d1f4eb9a; create temporary table __temp__country se...
Read more

twig - Using Twigbridge in a Laravel 5.1 Package -

i'm trying create laravel 5.1 package uses twigbridge instead of .php views. can normal .php views display fine, when try make use of .twig templates i'm met error. possible use twigbridge templates when creating views laravel package or pretty stuck blade , php ? edit 1: loading twig template without extending works. it's when start using {% extends 'file' %} error comes out. i error error loading /virtual/laravel/packages/username/mypackage/src/views/sample.twig: template "templates.master" not defined () in "/virtual/laravel/packages/username/mypackage/src/views/sample.twig" @ line 1. my folders username |_ mypackage |_ src |_ controllers - samplecontroller.php |_ views |_ templates - master.twig - sample.twig twig template sample.twig {% extends 'templates.master' %} {% block content %} {{ parent() ...
Read more

jdbc - Not able to establish database connection in eclipse -

i want make new database connection (db2) in eclipse purpose of using jpa. in jpa perspective, in data source explorer view, when try create new db connection, receive following logs when try ping server. org.eclipse.datatools.connectivity.exceptions.dbnotstartexception: no start database command issued. errorcode = -4499, sqlstate = 08001. @ org.eclipse.datatools.enablement.ibm.db2.internal.luw.jdbcluwjdbcconnection.getconnectexception(jdbcluwjdbcconnection.java:74) @ org.eclipse.datatools.connectivity.ui.pingjob.gettestconnectionexception(pingjob.java:81) @ org.eclipse.datatools.connectivity.ui.pingjob.run(pingjob.java:63) @ org.eclipse.core.internal.jobs.worker.run(worker.java:54) caused by: com.ibm.db2.jcc.am.ro: [jcc][t4][2043][11550][4.8.87] exception java.net.connectexception: error opening socket server example.example.com/51.37.93.117 on port 50,000 message: connection timed out: connect. errorcode=-4499, sqlstate=08001 @ com.ibm.db2.jcc.am.gd.a(gd.j...
Read more