Change to the Tomcat configuration directory:
Linux: /opt/novell/nam/adminconsole/conf
Windows Server 2012: \Program Files (x86)\Novell\Tomcat\conf
Open the web.xml file and add httpHeaderSecurity filter definition.
<filter> <filter-name>httpHeaderSecurity</filter-name> <filter-class>org.apache.catalina.filters.HttpHeaderSecurityFilter</filter-class> <async-supported>true</async-supported> </filter>
Add an appropriate maximum age value:
<init-param> <param-name>hstsMaxAgeSeconds</param-name> <param-value>31536000</param-value> </init-param>
Add the filter mapping.
<filter-mapping> <filter-name>httpHeaderSecurity</filter-name> <url-pattern>/*</url-pattern> <dispatcher>REQUEST</dispatcher> </filter-mapping>
For more information, see Section 7.4, Adding HTTP Strict Transport Security.