Accessing a non-existing page or providing wrong credentials on a protected page throws an HTTP 401 error with Tomcat version. This issue happens on the Windows platform in the following scenarios:
When the Identity Server is the only component installed on the Windows server.
The Access Gateway Service on Windows.
To prevent the error pages to display the Tomcat version:
Go to C:\Program Files\Novell\Tomcat\lib and run "C:\Program Files\Java\jdk1.7.0_03\bin\jar" -xf catalina.jar
Move catalina.jar to some other folder.
Go to C:\Program Files\Novell\Tomcat\lib\org\apache\catalina\util and edit the serverInfo.properties file:
Remove Apache Tomcat/7.0.23 from the line server.info=.
Remove 7.0.23.0 from the lineserver.number=.
Remove Nov 20 2011 07:36:25 from the line server.built=.
Go to C:\Program Files\Novell\Tomcat\lib and run jar -cf catalina.jar META-INF org.