jakarta-general mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Robert Cooper" <rcoo...@outweb.com>
Subject RE: Tomcat and SSL support
Date Thu, 13 Jan 2000 19:06:14 GMT
If you are connecting to localhost there is no communication over the
physical layer, so there is not security to worry about. If your tomcat
server is on another machine from your web server then no, the communication
is not secure. This would be one of those times where you would throw down
for a new nic for your boxes and put a dedicated private network behind your


robert t cooper
applications developer
"The nice thing about standards is that here are so many to choose from. And
if you really don't like all the standards you just have to wait another
year until the one arises you are looking for."
--A. Tannenbaum, _Introduction to Computer Networks_

> -----Original Message-----
> From: GameCrazy@collegeclub.com [mailto:GameCrazy@collegeclub.com]
> Sent: Thursday, January 13, 2000 3:21 AM
> To: tomcat-dev@jakarta.apache.org
> Cc: general@jakarta.apache.org
> Subject: Tomcat and SSL support
> IS there any plans on getting SSL support into Tomcat.  I was looking
> around SUN's site and saw a early-access Secure Socket API
> package, but
> when it goes into full release, is there any plans on adding
> the support
> for it?
> I was also looking into the Servlet API that came with JSWDK and the
> version that I have is 1.0.1 and the Servlet API that came
> with tomcat and
> the API are different.  The one thing I saw was the isSecure
> method in the
> HttpServletRequest class, but in the JSWDK 1.0.1 that is not
> in there.  I
> tried to compile the SnoopServlet that came with tomcat under
> the JSWDK
> and it did not compile.  Can someone please enlighten me?
> The last thing I have to say/ask is, I got Apache 1.3.9, mod_ssl, and
> Jserv all running on and NT machine and it is all working,
> but my question
> is that if someone viewing my site over SSL and access a
> servlet, is the
> information that is passed to the servlet secure since it
> seems that the
> nformation is passed through to Tomcat via TCP/IP on port
> 8007( the Ajp12
> connector )?
> - Daniel D
> --------------------------------------------------------------
> ------------
>      Check out my web page at "http://home.collegeclub.com/GameCrazy/"
> --------------------------------------------------------------
> ------------
> Why is College Club the largest and fastest growing college
> student site?
> Find out for yourself at http://www.collegeclub.com
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: general-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: general-help@jakarta.apache.org

View raw message