Recommended Tomcat Setup
Contents
Recommended Apache Tomcat Setup
Fusion Registry 11 is designed to run on a variety of web servers and platforms, although we recommend and support Fusion Registry running on Apache Tomcat.
There are a few things to consider when running Fusion Registry on Apache Tomcat.
Security
For enhanced security, we recommend the following:
server.xml file
To prevent Tomcat related stack traces from being displayed in certain circumstances, we recommend the following changes be made to the server.xml file. This file can be found in (Apache Tomcat Directory)/conf.
Open the file in a text editor, and just before the </Host> tag, insert
<Valve className="org.apache.catalina.valves.ErrorReportValve" showReport="false" showServerInfo="false"/>
and then save the file.
This prevents stack traces from being displayed to the user with HTTP error codes.
context.xml file
This is not a change you are required to make, but we present the following for informational purposes. To prevent potential vulnerabilities related to Cross-Site Request Forgery (CSRF), we have included a context.xml file, which is located in the META-INF directory in the Fusion Registry directory. This file overwrites Tomcat's cookie pre-processor settings and enforces a strict SameSite cookies policy. More information on SameSite cookie security policies can be found here.