tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Leon Rosenberg" <rosenberg.l...@googlemail.com>
Subject Re: Securing Tomcat Article for Review
Date Wed, 10 Jan 2007 10:36:30 GMT
On 1/10/07, Gregor Schneider <rc46fi@googlemail.com> wrote:
> > > OTOH, i'd rather have apache in
> > > front than running tomcat on port 80 via jsvc or as a service.
> >
> > I'd like to repeat Chuck's question: why?
> >
> Plain and simple:
>
> You also can misconfigure jsvc (ok, chances are pretty small...)
>
> In *our* scenario I rather have Apache http in front because
>
> - it performs better

What?
You can argue that httpd doesn't decrease security, but talking about
it being fast??? Come'on you're kidding :-)

> - I got a lot of handy tools which either don't exists in Vanilla
> Tomcat (like URL-rewriting, Header-modification etc.)
> Sure, I could write my own filters and pass the static content through
> them first, but that'd slow down the whole app (tested).

Could you explain this a little more? How can it be that if you write
out something from memory it's slower than ask the filesystem which
could eventually have it in cache and be comparable fast in _best_
case?
Or do you use DefaultServlet???

Also, if you care about static performance so much, why don't you use
something fast? lighttpd? squid? I mean it's not a secret that apache
httpd is NOT fast.

regards
Leon
>
> Cheers
>
> Greg
> --

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message