Set Up Tomcat Server Authentication

We support vulnerability and compliance scans for tomcat servers. Simply create a Tomcat Server record with details about your Tomcat installation and instance. The same record may include details for both Windows and Unix installations.

System created authentication records

Did you know? You can allow the system to create Tomcat Server authentication records for auto discovered instances and scan them. This is supported for Unix installations only.

Learn how to set this up >>

Which technologies are supported?

For the most current list of supported authentication technologies and the versions that have been certified for VM and PA by record type, please refer to the following article: 

Authentication Technologies Matrix

How do I get started?

- Go to Scans > Authentication.

- Check that you already have a record defined for each host running a tomcat server. For Windows hosts, a Windows record is required. For Unix hosts, a Unix record is required.

- Create a Tomcat Server record for the same host (IP). Go to New > Applications > Tomcat Server.

- Before launching a vulnerability scan, pick Windows, Unix and Tomcat Server authentication in your option profile. (All authentication options are used automatically for compliance scans.)

Note: If the Network Support feature is enabled, then the Windows/Unix record must have the same network selected as the Tomcat Server record.

Tell me about user permissionsTell me about user permissions

Windows Installation

When the installation directory and the instance directory are the same (typically the case), enter the path to the installation directory and leave the instance directory blank. When different, you'll also need to provide the path to the instance directory.

Enter the Windows service name if you plan to run compliance scans. This is required for certain controls.

Unix Installation

You'll need to tell us where the tomcat server is installed. You may also need to tell us where the tomcat server instance(s) are installed (applies to VMware vFabric and Pivotal).

I'm using Apache TomcatI'm using Apache Tomcat

I'm using VMware vFabric or PivotalI'm using VMware vFabric or Pivotal

I'm not sure which tomcat servers are installedI'm not sure which tomcat servers are installed

Do you have Tag Support enabled?

If your subscription has Tag Support for Authentication Records enabled, then you'll see additional options for specifying hosts using asset tags. Choose an asset type and then provide IPs or tags to the record. Your asset type options are: IPs/Ranges, IP Range in Tag Rule and Asset Tags.

For domain level authentication, you can only add assets when the domain type is NetBIOS, User-Selected IPs. The Assets section is disabled when the domain type is NetBIOS, Service-Selected IPs, or Active Directory.  

Asset Type: IPs/Ranges
Use this option to add IP addresses/ranges to the record. Enter the IP addresses/ranges in the field provided.

Asset Type: IP Range in Tag Rule
Use this option to add tags that have IP address ranges defined in the tag rule. All IP addresses defined in the tag rule will be associated with the record, including IPs that don’t already have the tag assigned. Click Add Tag to pick tags to include or exclude. Note that only tags with the dynamic tag rule “IP Address in Range(s)” will be available in the tag selector.

Asset Type: Asset Tags
Use this option to add tags to the record for the assets you want included. IP addresses with the selected tags already assigned will be associated with the record. Click Add Tag to pick tags to include or exclude.

Learn more about tag support for authentication records