Support AJP secret in Undertow

Description

The latest version of Undertow is supposed to have an AJP secret you can configure at Undertow to avoid the Ghostcat exploit that targets AJP ports open to the internet. Figure out how that works, if it's enabled by default, and what we need to do in Runwar to allow to to be configured.

Assignee

Unassigned

Reporter

Brad Wood

Labels

None

Affects versions

None

Fix versions

None

Priority

Major

Components

Configure