tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Will Hartung" <>
Subject Re: Servlet Mapping Strategy w/ user-specific URLs
Date Wed, 08 Jan 2003 22:39:01 GMT
> From: "Jeffrey Winter" <>
> Sent: Wednesday, January 08, 2003 1:48 PM
> Subject: Re: Servlet Mapping Strategy w/ user-specific URLs

> There certainly is some overlap between those services as outlined in the
> Servlet spec, and the functionality provided by Apache itself.  Are there
> any general rules of thumb for when to use
> the services of Apache vs. Tomcat in these areas? Or at least some good
> resources that go into these issues?

For me, the way to distinguish between Apache and Tomcat should really only
focus on things like access to static content, but this sort of depends on
a) which connector you are using, and b) how that connector works.

First off, though, this experience is from Tomcat 3, we're just getting into
Tomcat 4 and this may be completely irrelevant.

Anyway, the way that we have mod_jk configured for Apache 1.3 against Tomcat
3.x (and I didn't actually do this configuration), Apache has direct maps
into the exploded WAR for Tomcat for static content.

What this seems to mean is that if I request, Apache is going to serve it straight up
and Tomcat would never even see the request.

This is wonderful for performance. However, if you are using declarative
security within the webapp, then, in theory, this static HTML file IS a
resource that could be controlled by Tomcat for access.

What THAT means is that it's really no longer a static resource, but a
dynamic resource no different from a JSP, and Tomcat itself gets the
pleasure of serving up the file. As soon as Tomcat gets into the picture of
delivering the resource, then the performance benefits of Apache start to
drift away.

What this basically means, is that the more that you use and leverage the
capability of the Servlet container, then less performance benefit that
Apache will give you. (there are, of course, other benefits to Apache, like
virtual hosting and even things like mod_gzip).

As far as access control and things like that, there is a big issue in that
Apache and Tomcat just aren't as integrated as one would like in this
regard. For example, Apache can't use Tomcat to authenticate resources that
Apache directly controls (such as static content or CGIs say), and Tomcat
can't use Apache's authentication (actually, I think it can use Basic and
Digest authentication as the usernames are kept in the Authorization header
which should be included within the request and forwarded to Tomcat, though
I have not tried this). (I don't like to use the word 'can't' in these
contexts because all of these problems can be resolved with just the proper
application of tmie and money...)

Another example is if you use mod_rewrite, for example, Tomcat has no idea
what the original request was, only Apache does.

The point is (as I ramble into a black hole) is that Apache and Tomcat are
loosely coupled, and for most folks, this is just fine and presents no
issues. But it is something to consider when you start relying on Apache
functionality for your Tomcat based app, and vice-a-versa.

So, anyway, focus on each component on what they have to deliver. Apache for
performance, flexibility, and integration and Tomcat for the dynamic aspects
of your application.


Will Hartung

To unsubscribe, e-mail:   <>
For additional commands, e-mail: <>

View raw message