tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jeff Tulley" <JTUL...@novell.com>
Subject Re: [OT] Apache and Tomcat together
Date Wed, 14 Jan 2004 17:02:27 GMT
I always think of the security of Apache not in terms of features
provided, but number of eyeballs scrutinizing.  Apache is SO widely used
that I would think it is safe to say that exploits would be found
sooner.  Not enough people using Tomcat use the built-in HTTP stack, and
so I wouldn't rely on it being completely exploit free (though our
confidence level is pretty high, of course).

>>> Nikola.Milutinovic@ev.co.yu 1/14/04 3:42:00 AM >>>

"achana" mentioned security. Well, Apache has more HTTP Authentication
modules 
than Tomcat does (although JDBC realm can go against any DB). We dons't
have 
Kerberos HTTP Auth (SPNEGO authentication method), which comes in handy
with the 
deployment of Microsoft's Active Directory.

Nix.


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org 
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org 


Jeff Tulley  (jtulley@novell.com)
(801)861-5322
Novell, Inc., The Leading Provider of Net Business Solutions
http://www.novell.com

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message