This KB includes instructions on how to verify the version of Apache Tomcat running on the Siteminder Access Gateway Server.

PRODUCT: Siteminder

COMPONENT: Access Gateway Server

VERSION: Any

OS: Linux and Windows

Siteminder Access Gateway ships bundled with with an instance of Apache Tomcat.  Periodically, Common Vulnerabilities and Exposures (CVE's) are published which address various web server and application servers, such as Tomcat.  You will need to be able to compare the visions published in the CVE's with the version installed on the Siteminder Access Gateway Server.

Here are steps to determine which version of Apache Tomcat is running on a Siteminder Access Gateway Server

WINDOWS

1) Open a command-prompt (cmd.exe) with elevated privileges (Run As Administrator)

2) Change to the following directory

<Install_Dir>\CA\secure-proxy\Tomcat\lib

<Install_Dir> = Root drive and path to the Siteminder Access Gateway installation

Default: C:\Program Files\CA\secure-proxy\

3) Run the following command:

java -cp catalina.jar org.apache.catalina.util.ServerInfo

LINUX

1) Change to the following directory

<Install_Dir>/CA/secure-proxy/Tomcat/lib

<Install_Dir> = Root drive and path to the Siteminder Access Gateway installation

Default: opt/CA/secure-proxy/

2) Run the following command:

java -cp catalina.jar org.apache.catalina.util.ServerInfo

You should get output similar to the following: 

Server version: Apache Tomcat/9.0.86
Server built:   Feb 14 2024 08:15:12 UTC
Server number:  9.0.86.0
OS Name:        Linux
OS Version:     4.18.0-372.19.1.el8_6.x86_64
Architecture:   amd64
JVM Version:    1.8.0_345-b01
JVM Vendor:     Red Hat, Inc.