tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Gregor Schneider" <rc4...@googlemail.com>
Subject Re: Securing Tomcat Article for Review
Date Wed, 10 Jan 2007 11:14:21 GMT
Hi Leon,

On 1/10/07, Leon Rosenberg <rosenberg.leon@googlemail.com> wrote:
>
> Aehm,
> the original thread was about security, and now you wrote "performs"
> better, which I assumed referred to "performance". If not - my fault
> :-)
>
Well, we moved kinda of-topic here, sou you got me right.
What I actually wanted to say was:

- I absolutely agree to Markus who said
* don't use software if there's no need for it
* don't try to use Apache httpd to enhance Tomcat's security

However, I just wanted to emphesize that Apache/httpd / Tomcat is
quite a common real-world-scenario and due to this nobody should worry
that Apache httpd is BREAKING Tomcat's security AS LONG YOU KNOW YOUR
WAYS ROUND.
After that, I was asked why using Apache httpd anyways, and I tried to
explain why (because *here* it performs faster)
> >
>
> Do you hold the content of the pages in memory and stream them out
> from your servlet?
> Maybe I'm getting it completely wrong, but imo your servlet is a 3
> liner (simplified version):
> doGet(req,res){
>   res.setHeader(....);
>   res.getOutputStream().write(Cache.getFileContent(getFileName(req)));
>   res.getOutputStream().close();
> }
>
Due to the number of our html/js-files we cannot hold them completely
in memory. With the principle of the filter you're right.
We tested this version (Tomcat/HeaderFilter) against
Apache/mod_headers, and Apache simply performed faster
>
> That's an argument I'm buying :-)
>
I know, this is a Tomcat mailing-list here, and I shouted "Jehova",
but guys, believe me, sometimes it's quite enlightening taking a look
over the fence ;)

Cheers

greg
-- 
what's puzzlin' you, is the nature of my game
gpgp-fp: 79A84FA526807026795E4209D3B3FE028B3170B2
gpgp-key available @ http://pgpkeys.pca.dfn.de:11371

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message