tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michael Decker <>
Subject Tomcat 5.5 / Apache 2 / Join (Tomcat-) Session with SSL-Session / Which mod should be used?
Date Fri, 19 May 2006 09:36:00 GMT

Two question, one problem.

I've an application running on tomcat 5.5. And before it apache is running.

The primer aim is to join tomcat application session with ssl session to
avoid session hijacking.

1.) Which mod should I use?
Configuration: Apache and Tomcat are running on same pc. I expect low
traffic, because it's an intranet application.

I've read about mod_jk, mod_jk2, mod_proxy [1], mod_proxy_ajp [2]

According to Apache FAQ [3] and JBoss FAQ [4] only mod_jk or
mod_proxy_ajp should be used.

What are the differences?

2.) How to join application and SSL session?
I've read in an old tomcat-apache-ssl documentation [5] that mod_jk is
able to forward SSL session information to tomcat. So I wonder, how
configure tomcat using ssl session as application session.

Perhaps you can help me.


Michael Decker            
TESIS SYSware GmbH            
Baierbrunnerstr. 15 * 81379 Muenchen * Tel. +49 89 747377-0

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message