Hitachi Vantara Pentaho Customer Portal

Best Practices - Pentaho and Tomcat Security

Your feedback is important to us!  Email us how we can improve these documents.

Software Version
Pentaho  6.x, 7.x
Apache Tomcat 7.0, 8.0


We have collected a set of best practice recommendations for you to leverage when using Tomcat as your web application server.

Keep these Pentaho Architecture principles in mind while you are working through this document:

  1. Architecture is important, above all else.
  2. Platforms are always evolving: sometimes you will have to think creatively.

Some of the things discussed here include securing Tomcat by removing unused connectors and default applications, securing cookies, changing the default shutdown command and port, setting up access logging, as well as performance tuning Tomcat.

The intention of this document is to speak about topics generally; however, these are the specific versions covered here:


   -  Best Practices - Pentaho and Tomcat Security

Have more questions? Submit a request


Powered by Zendesk