tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joe Hansen <>
Subject Re: Help with security-constraint in web.xml
Date Mon, 04 Jan 2010 22:23:07 GMT

>> No, I said you could handle the SSL encryption/decryption in httpd; the redirection
still has to occur by Tomcat recognizing a reference to a confidential resource.

I did configure the SSL on the httpd end
(c:\Apache\conf\extra\httpd-ssl.conf) file.

>> As far as how to do so, you'll have to search the archives and the httpd docs.  You
will likely need two AJP <Connector> elements, one for secure traffic and one for normal.
 If ultimate performance is not an issue, leave what you've got alone.

Only a couple of pages need to be served on HTTPS on our website. All
the remaining pages could be accessed using just HTTP. Would you see
any performance implications with the way I have defined the Connector
elements in the conf/server.xml file?


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message