tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michael Decker <MDec...@tesis.de>
Subject Tomcat 5.5 / Apache 2 / Join (Tomcat-) Session with SSL-Session / Which mod should be used?
Date Fri, 19 May 2006 09:36:00 GMT
	Hi!

Two question, one problem.

I've an application running on tomcat 5.5. And before it apache is running.

The primer aim is to join tomcat application session with ssl session to
avoid session hijacking.


1.) Which mod should I use?
Configuration: Apache and Tomcat are running on same pc. I expect low
traffic, because it's an intranet application.

I've read about mod_jk, mod_jk2, mod_proxy [1], mod_proxy_ajp [2]

According to Apache FAQ [3] and JBoss FAQ [4] only mod_jk or
mod_proxy_ajp should be used.

What are the differences?

2.) How to join application and SSL session?
I've read in an old tomcat-apache-ssl documentation [5] that mod_jk is
able to forward SSL session information to tomcat. So I wonder, how
configure tomcat using ssl session as application session.

Perhaps you can help me.

Bye,
	Michael


[1] http://httpd.apache.org/docs/2.0/mod/mod_proxy.html
[2] http://httpd.apache.org/docs/2.2/mod/mod_proxy_ajp.html
[3] http://tomcat.apache.org/faq/connectors.html#vs
[4] http://wiki.jboss.org/wiki/Wiki.jsp?page=ModJK_FAQ
[5] http://tomcat.apache.org/tomcat-3.3-doc/tomcat-ssl-howto.html
-- 
Michael Decker                      Michael.Decker@tesis.de
TESIS SYSware GmbH                      http://www.tesis.de
Baierbrunnerstr. 15 * 81379 Muenchen * Tel. +49 89 747377-0


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message