tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 20473] - ajp13 connection between apache and tomcat is not encrypted
Date Wed, 04 Jun 2003 12:16:09 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=20473>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=20473

ajp13 connection between apache and tomcat is not encrypted

hgomez@apache.org changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|REOPENED                    |RESOLVED
         Resolution|                            |INVALID



------- Additional Comments From hgomez@apache.org  2003-06-04 12:16 -------
Using a ssh tunnel consume less resource SINCE you do crypto with
native code on both side, whereas in you're solution, we're doing crypto on
Apache (native) and Tomcat (java).

In many configuration, Apache and Tomcat are on the same box, so the packet are 
local and when tomcats are remotes, which is the case for large deployment, the 
security SHOULD BE HANDLED for each configuration/requirement.

I found a little crasy to see HTTP SSL requests, decryped by Apache, then 
reencrypted by Apache for Tomcat (in ajp13) and then redecrypted by Tomcat.

Also you shoudn't use bugzilla for such reports.

It's not an error but a missing feature so the request should be
sent on tomcat-dev where developpers could respond to you.

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org


Mime
View raw message