tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From rf <rufoo2...@yahoo.com>
Subject RE: mod_jk
Date Mon, 03 Feb 2003 12:20:34 GMT
Hello John
Thanks for your email.
1. What are the advantages of using Apache on top of
Tomcat (with regards to security and otherwise)? If
there is a document already, please point me to that.
2. Where can I know more about the AJP protocol? 

~rf

 --- "Turner, John" <JTurner@AAS.com> wrote: > 
> In production, you only want the connectors used for
> actual connections to
> be enabled.  If you're leaving port 8080 open,
> there's really no purpose for
> Apache, as one of the primary purposes of using
> Apache on port 80 instead of
> Tomcat is security.  Leaving Tomcat available on
> 8080 undermines this goal.
> So, if you are using a connector at all, there's no
> reason to have any port
> open except the connector port.
> 
> The protocol used by the JK/JK2 connectors is not
> HTTP.  It is called "AJP",
> which, I believe, stands for "Apache JServ
> Protocol".  JServ was the
> "original" Apache + Tomcat connector.
> 
> John
> 
> -----Original Message-----
> From: rf [mailto:rufoo2001@yahoo.com] 
> Sent: Monday, February 03, 2003 2:29 AM
> To: Tomcat Users List
> Subject: Re: mod_jk
> 
> 
> Thank you Lajos and Oscar.
> Btw, what is the interface Apache uses to
> communicate
> to Tomcat at 8009? I guess it wont be HTTP. For
> security reasons, I assume it would be safer to run
> all tomcat processes on the lo interface. Is this
> correct, and recommended?
> 
> ~rf.
> 
> 
> --- Lajos <lmocz@galatea.com> wrote:
> > Rf -
> > 
> > When you use mod_jk, Apache communicates to Tomcat
> > on (default) port
> > 8009. Port 8080 is for direct HTTP connections to
> > Tomcat which, by 
> > default is enabled. So, the answer is yes: you can
> > expose web 
> > applications to Apache via mod_jk, and access them
> > on the Apache port, 
> > but also access them by point your browser
> directly
> > to the Tomcat port.
> > 
> > Regards,
> > 
> > Lajos
> > 
> > 
> > rf wrote:
> > > When I use a tomcat-apache connector to redirect
> > http
> > > requests to port 80 to port 8080, can I still
> use
> > port
> > > 8080 to connect to tomcat directly bypassing
> > apache?
> > > If yes, how do I not allow this? By running
> tomcat
> > on
> > > lo's 8080? What about on Windows?
> > > 
> > > Thank you
> > > Rf
> > > 
> > >
> __________________________________________________
> > > Do you Yahoo!?
> > > Yahoo! Mail Plus - Powerful. Affordable. Sign up
> > now.
> > > http://mailplus.yahoo.com
> > > 
> > >
> >
>
---------------------------------------------------------------------
> > > To unsubscribe, e-mail:
> > tomcat-user-unsubscribe@jakarta.apache.org
> > > For additional commands, e-mail:
> > tomcat-user-help@jakarta.apache.org
> > > 
> > > 
> > 
> > 
> > --
> > 
> > 
> > 
> >                     Lajos Moczar
> >        ----------------------------------------
> >      Open Source Support, Consulting and Training
> >        ----------------------------------------
> >              Cocoon Developer's Handbook
> >  
> >
> (www.amazon.com/exec/obidos/tg/detail/-/0672322579)
> > 
> >                     _      _____
> >                    / \         /
> >                   /___\      /
> >                  /     \   /____
> > 
> >       http://www.galatea.com -- powered by AzSSL
> > 
> > 
> >
>
---------------------------------------------------------------------
> > To unsubscribe, e-mail:
> tomcat-user-unsubscribe@jakarta.apache.org
> > For additional commands, e-mail:
> > tomcat-user-help@jakarta.apache.org
> > 
> 
> 
> __________________________________________________
> Do you Yahoo!?
> Yahoo! Mail Plus - Powerful. Affordable. Sign up
> now.
> http://mailplus.yahoo.com
> 
>
---------------------------------------------------------------------
> To unsubscribe, e-mail:
> tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail:
> tomcat-user-help@jakarta.apache.org
> 
> ---
> 
> Checked by AVG anti-virus system
> (http://www.grisoft.com).
> Version: 6.0.449 / Virus Database: 251 - Release
> Date: 1/27/2003
>  
> 
> ---
> 
> Checked by AVG anti-virus system
> (http://www.grisoft.com).
> Version: 6.0.449 / Virus Database: 251 - Release
> Date: 1/27/2003
>  
> 
>
---------------------------------------------------------------------
> To unsubscribe, e-mail:
> tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail:
> tomcat-user-help@jakarta.apache.org
>  

________________________________________________________________________
Missed your favourite TV serial last night? Try the new, Yahoo! TV.
       visit http://in.tv.yahoo.com

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message