tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Leon Rosenberg" <>
Subject Re: Securing Tomcat Article for Review
Date Wed, 10 Jan 2007 10:36:30 GMT
On 1/10/07, Gregor Schneider <> wrote:
> > > OTOH, i'd rather have apache in
> > > front than running tomcat on port 80 via jsvc or as a service.
> >
> > I'd like to repeat Chuck's question: why?
> >
> Plain and simple:
> You also can misconfigure jsvc (ok, chances are pretty small...)
> In *our* scenario I rather have Apache http in front because
> - it performs better

You can argue that httpd doesn't decrease security, but talking about
it being fast??? Come'on you're kidding :-)

> - I got a lot of handy tools which either don't exists in Vanilla
> Tomcat (like URL-rewriting, Header-modification etc.)
> Sure, I could write my own filters and pass the static content through
> them first, but that'd slow down the whole app (tested).

Could you explain this a little more? How can it be that if you write
out something from memory it's slower than ask the filesystem which
could eventually have it in cache and be comparable fast in _best_
Or do you use DefaultServlet???

Also, if you care about static performance so much, why don't you use
something fast? lighttpd? squid? I mean it's not a secret that apache
httpd is NOT fast.

> Cheers
> Greg
> --

To start a new topic, e-mail:
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message