tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Brian Adams <bad...@AEM-TX.com>
Subject RE: apache + mod_SSL + tomcat
Date Wed, 06 Feb 2002 13:34:14 GMT
my guess is yes, if you do not check in jsp/servlets are on https
(request.isSecure())  and if you are allowing users to port 8080 (block it).
my guess...
:)



-----Original Message-----
From: Dean Hiller [mailto:dhiller@avaya.com]
Sent: Wednesday, February 06, 2002 7:33 AM
To: Tomcat Users List
Subject: Re: apache + mod_SSL + tomcat


I never saw an answer go by to the below question and was curious what it
would be. Does no one now the answer????
Dean

"Cressatti, Dominique" wrote:

> Hi,
>
> I've got apache + mod_SSL + tomcat working
> (I don't deserve that much credit as mod_ssl worked
> right out the box) but I wonder couldn't the security bypassed,
> like for example accessing the page on port 8080 instead of port
> 443 ?
>
> Dom


--
To unsubscribe:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands: <mailto:tomcat-user-help@jakarta.apache.org>
Troubles with the list: <mailto:tomcat-user-owner@jakarta.apache.org>

--
To unsubscribe:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands: <mailto:tomcat-user-help@jakarta.apache.org>
Troubles with the list: <mailto:tomcat-user-owner@jakarta.apache.org>


Mime
View raw message