tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Aditya <adi...@mighty.grot.org>
Subject mod_webapp/SSL and <transport-guarantee>
Date Mon, 01 Apr 2002 06:41:59 GMT
I'm trying to use apache/mod_ssl as an SSL front-end to tomcat 4. I have a few
issues:

- Is there anyway to get apache to forward all requests to tomcat? Apache with
mod_ssl is quite a bit faster than the standalone SSL container...

- Can I use single-sign-on with FORMs? How is the hostname in the session
cookie constructed?

- Since only SSL access will be allowed, tomcat shouldn't try any redirects
and isSecure() calls should always return true. Likewise, security-constraints
like:

  <transport-guarantee>CONFIDENTIAL</transport-guarantee>

should be always true. Is there any special way of doing this?

If anyone has a better way of designing this or tips, I would really
appreciate the advice.

Thanks,
Adi

--
To unsubscribe:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands: <mailto:tomcat-user-help@jakarta.apache.org>
Troubles with the list: <mailto:tomcat-user-owner@jakarta.apache.org>


Mime
View raw message