tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Lizak, Ed" <...@MIKEALBERT.com>
Subject RE: tomcat performance on static content over SSL/non-SSL
Date Wed, 15 Aug 2007 15:18:38 GMT
We use httpd to sit in between firewalls and handle all incoming traffic.
Static content is served from there and dynamic content is proxied through
to the Tomcat server behind another firewall.  SSL is only needed from the
client to the httpd server.

The Tomcat server then handles the database access which passes through
another firewall to hit our internal network where the database lives.

I'm not a security expert but it seems like a good idea having your database
connections far removed from the Internet connection.  At the very least it
would seem you would have to have multiple layers of server compromised
before any data is exposed.

Is this not a good reason to use httpd in front of Tomcat?

-EJL

---------------------------------------------------------------


Matt,

Matthew Kerle wrote:
> Apart from integration into a larger site or static content, when would
> you put httpd in front of tomcat?

This might count as "integrating into a larger site", but I use Apache
httpd to front multiple instances of Tomcat through a single port number
(by mapping webapps individually through mod_jk). This allows me to
start and stop a single webapp, upgrade the JVM and/or Tomcat running
it, and then bring it back up again without disturbing the other
applications.

- -chris

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGww/r9CaO5/Lv0PARAihDAKCWoVVHxQF0hCTiIsgFLC0bjMrYyACaAvfr
sn1AKYvbLyk3Bbap+tyIrsE=
=Zlq+
-----END PGP SIGNATURE-----


IMPORTANT CONFIDENTIALITY NOTICE:    This document, and any documents
accompanying this transmission, contains confidential, legally protected
information and is intended only for the person or entity to which it is
addressed. If you are not the intended recipient, any disclosure, copying,
distribution or the taking of any action in reliance on the contents of this
transmission is strictly prohibited. If you receive this transmission in
error, please contact the sender and delete or destroy the
material/information.
Corporate Headquarters <> 10340 Evendale Dr. <> Cincinnati, OH 45241 <>
513.563.1400 

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message