tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Markus Schönhaber <>
Subject Re: Securing Tomcat Article for Review
Date Tue, 09 Jan 2007 18:36:23 GMT
Did you read the article that is subject to this thread?

Gregor Schneider wrote:

> putting up apache in front of tomcat usually is not done due to
> security-reasons. however, doing so won't do any harm if you know what
> you're doing... ;)

Whatever you're doing, it's always a good idea to know what you're doing.
The question why someone "usually" puts httpd in front of Tomcat wasn't 
subject of this sub-thread.

> the only reason putting up apache in front usually is to serve static
> content when running a high-load-web-app. besides, you can do quite
> some tricky stuff regarding url-rewriting and so on which is quite
> difficult to accomplish when using tomcat only.

"Usually" "the only reason"? How do you know?
As I said before, what answers might be given to the question "why" wasn't 
what I was talking about.

> however, if somebody wants to run tomcat on port 80, on unix, this can
> easily be achieved with the jsvc-tool (see
>, on windows it's
> not an issue anyway.

Which is another among multiple ways the article presents as possibilities to 
make Tomcat accessible via port 80. Nobody doubted that.

I don't think I understand how your post relates to mine.


To start a new topic, e-mail:
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message