httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Henri Gomez <hgo...@apache.org>
Subject Re: Invitation to HTTPD commiters in tomcat-dev
Date Tue, 20 Jul 2004 15:35:45 GMT
Manni Wood wrote:

> One of the things I thought AJP did that HTTP proxying to Tomcat could
> not (but correct me here if I'm wrong) is let the servelt container know
> whether or not the connection is HTTP vs. HTTPS. This sort of
> information needs to get passed back to the servlet container to satisfy
> the servlet specification.

Of course HTTPS and SSL infos are forwarded from Apache to Tomcat.

> Typcially, in an Apache/Tomcat configuration, Apache deals with all of
> the https connections (because it's better at it), and requests for
> servlet/JSP stuff are passed back to Tomcat, with information on whether
> or not the connection Apache has with the browser is HTTP or HTTPS.

Exact, so Tomcat avoid crypto works workload.

> Anyway, for business sites, any servlet being able to know if the
> original connection was secure or not is a total deal-breaker on whether
> or not to use a particular technology (in this case, Apache/Tomcat) to
> host a web site.

Could you develop ?


Mime
View raw message