I have edited the web.xml to enable the HttpHeaderSecurityFilter, added a few params and restarted Tomcat. I\'m not seeing the strict-transport-security in the response header.
