Hello, I am being pinged by our security folks on scans stating that we still use 3DES ciphers. This system is running on a Windows Server. I have tried several different ways to add ciphers and lists of weak ciphers but when I run a scan I still show them being weak. Trying to set up a Single Sign-on Tomcat 7 server? Here's how to do so, complete with a look at what SPNEGO is, authentication vs. Authorization, and Single Sign-on basics. Hi Donna, What version of Java, Tomcat, and the TDS are you running? And have you upgraded Tomcat recently? The reason I ask is that the last few lines you gave from your catalina.out file look more like a Tomcat problem than a TDS problem. The following bullets describe the main elements and attributes in the default tomcat-server.xml file; for details about updating this file to further configure the embedded Apache Tomcat server, see the Apache Tomcat Configuration Reference. However, once you have figured out what the actual java binary file is, setcap (a Linux command to set file capabilities) can be used, to allow a non-root process to listen on a privileged port.

Apache Guacamole … What is it about? It’s a client-less remote gateway for Telnet, SSH, RDP and VNC. Client-less, because there is no need to install any plugin or additional software for users (clients). The client will use just the browser (also without any plugin). In this tutorial we will create a very simple environment via Vagrant and use Guacamole. Why the tutorial? Because I know a lot of testers for example – who work with Windows, who are not allowed to install any software (eq Putty) but still need access to environments. … Next point are for example public security groups on cloud providers. Here only one port would be needed to support different protocols on different hosts (incl. file transfer).

What we need?

  • VirtualBox installed (latest)
  • Vagrant installed (latest)

Threadlocal Leak Prevention Listener

Project preparation

Tomcat threadlocalleakpreventionlistener

Okay, via your favorite editor you now add the content of all files. All files inside directory “src” are configuration files (installed on Guacamole host).


This file (user-mapping.xml) is the configuration for all your connections.

Threadlocal leak prevention listener

The includes all installation and configuration for Guacamole All examples are provided but for Debian RDP is currently not working and I commented out.


First start-up the environment (via simple Vagrant command) and next start the VNC inside the box. You can do via vagrant ssh or you start the VNC via Browser (SSH).

Now login with “USERNAME/PASSWORD” (see src/user-mapping.xml) on http://localhost:55555/guacamole. If everything works it should look like this:

Tomcat Threadlocalleakpreventionlistener

Please have a look here to learn more about configuration and authentication. All files which we used in this tutorial are available via

Threadlocal leak prevention listener
    • Field Summary

      Modifier and TypeField and Description
      protected static StringManagersm
      • Fields inherited from class org.apache.catalina.core.FrameworkListener

    • Constructor Summary

      Constructor and Description
    • Method Summary

      All MethodsInstance MethodsConcrete Methods
      Modifier and TypeMethod and Description
      voidcontainerEvent(ContainerEvent event)
      Acknowledge the occurrence of the specified event.
      protected LifecycleListenercreateLifecycleListener(Context context)
      Create a lifecycle listener which will then be added to the specified context.
      voidlifecycleEvent(LifecycleEvent event)
      Listens for LifecycleEvent for the start of the Server to initialize itself and then for after_stop events of each Context.
      • Methods inherited from class org.apache.catalina.core.FrameworkListener

        processContainerAddChild, processContainerRemoveChild, registerContextListener, registerListenersForEngine, registerListenersForHost, registerListenersForServer
      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait