tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Gregor Schneider" <rc4...@googlemail.com>
Subject Re: Securing Tomcat Article for Review
Date Tue, 09 Jan 2007 17:55:47 GMT
well,

putting up apache in front of tomcat usually is not done due to
security-reasons. however, doing so won't do any harm if you know what
you're doing... ;)

the only reason putting up apache in front usually is to serve static
content when running a high-load-web-app. besides, you can do quite
some tricky stuff regarding url-rewriting and so on which is quite
difficult to accomplish when using tomcat only.

however, if somebody wants to run tomcat on port 80, on unix, this can
easily be achieved with the jsvc-tool (see
http://tomcat.apache.org/tomcat-5.5-doc/setup.html), on windows it's
not an issue anyway.

btw., a word to andrew:

> and mod_jk
>     blindly forward all traffic towards the backend tomcat.

you know about apache httpd and you read and understood the options
about how to configure mod_jk
(http://tomcat.apache.org/connectors-doc/reference/apache.html)?

cheers

greg
-- 
what's puzzlin' you, is the nature of my game
gpgp-fp: 79A84FA526807026795E4209D3B3FE028B3170B2
gpgp-key available @ http://pgpkeys.pca.dfn.de:11371

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message