NetWorker: How to enable HSTS configuration in NetWorker Apache Tomcat server

Summary: This article provides instructions for enabling HTTP Strict Transport Security (HSTS) on NetWorker web-based applications.

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Instructions

By default, all NetWorker web applications use HTTPS for all the communication; however, HSTS is not enforced. See RFC 6797 This hyperlink is taking you to a website outside of Dell Technologies.

NOTE: HSTS is an optional response header that can be configured on the server to instruct the browser to only communicate using HTTPS. The lack of HSTS allows downgrade attacks, SSL-stripping man-in-the-middle attacks, and weakens cookie-hijacking protections.

To enable HSTS in Tomcat, follow these steps:
 

  1. Open the NetWorker server web.xml file in a text editor.
  • Linux: /opt/nsr/authc-server/tomcat/conf/web.xml
  • Windows (Default): C:\Program Files\EMC NetWorker\nsr\authc-server\tomcat\conf\web.xml
  1. Uncomment the httpHeaderSecurity filter definition and the <filter-mapping> section, and then add the hstsMaxAgeSeconds parameter, as shown below.
<filter>
<filter-name>httpHeaderSecurity</filter-name>
<filter-class>org.apache.catalina.filters.HttpHeaderSecurityFilter</filter-class>
<init-param>
<param-name>hstsMaxAgeSeconds</param-name>
<param-value>31536000</param-value>
</init-param>
<async-supported>true</async-supported>
</filter>

<filter-mapping>
<filter-name>httpHeaderSecurity</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
</filter-mapping>
  1. Save the file.
  2. Restart the NW server from an elevated prompt:
  • Linux: systemctl restart networker
  • Windows (Command Prompt): net stop nsrd && net start nsrd
  • Windows (PowerShell): net stop nsrd ; net start nsrd

Affected Products

NetWorker

Products

NetWorker Family
Article Properties
Article Number: 000456395
Article Type: How To
Last Modified: 23 أبريل 2026
Version:  1
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.