tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From GOMEZ Henri <hgo...@slib.fr>
Subject RE: [PROPOSAL AJP14] AJP13 Evolution
Date Mon, 07 May 2001 22:21:18 GMT
>2 things:
> 
>> The system is aimed to be simple, we don't want SSH/SSL
>> here but just a basic 'protected' login.
>
>and that you can bind the socket to 127.0.0.1:<PORT> instead 
>of *:<PORT>
>through a config change.

In that case, you restrict to a web-sevlet/tomcat on the same
machine, but yes we could do that (allready possible on TC 3.2/3.3)

>>>This level of security would cover most of the installations
>>>and when someone requires an additional level of security or
>>>interface to other security mechanisms, that could be added
>>>later.
>> 
>> We can add native SSH tunneling for example using openssh.
>
>You could do that already with no modifications to the ajp by 
>using port
>forwarded SSH tunneling. Heck, you could do it with STunnel if 
>you want to
>use RSA/SSL instead of SSH also without modifications to ajp.

I better use jonama (http://www.multimania.com/jonama/) to
do SSL tunneling since I wrote this one ;)

Mime
View raw message