Return-Path: 
 <users-return-255379-apmail-tomcat-users-archive=tomcat.apache.org@tomcat.apache.org>
X-Original-To: apmail-tomcat-users-archive@www.apache.org
Delivered-To: apmail-tomcat-users-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 1EEAD18192
	for <apmail-tomcat-users-archive@www.apache.org>;
 Tue, 10 Nov 2015 10:46:44 +0000 (UTC)
Received: (qmail 86662 invoked by uid 500); 10 Nov 2015 10:46:40 -0000
Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org
Received: (qmail 86602 invoked by uid 500); 10 Nov 2015 10:46:40 -0000
Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:users-help@tomcat.apache.org>
List-Unsubscribe: <mailto:users-unsubscribe@tomcat.apache.org>
List-Post: <mailto:users@tomcat.apache.org>
List-Id: <users.tomcat.apache.org>
Reply-To: "Tomcat Users List" <users@tomcat.apache.org>
Delivered-To: mailing list users@tomcat.apache.org
Received: (qmail 86591 invoked by uid 99); 10 Nov 2015 10:46:40 -0000
Received: from Unknown (HELO spamd2-us-west.apache.org) (209.188.14.142)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 10 Nov 2015 10:46:40 +0000
Received: from localhost (localhost [127.0.0.1])
	by spamd2-us-west.apache.org (ASF Mail Server at spamd2-us-west.apache.org)
 with ESMTP id 1BC871A0AA6
	for <users@tomcat.apache.org>; Tue, 10 Nov 2015 10:46:40 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at spamd2-us-west.apache.org
X-Spam-Flag: NO
X-Spam-Score: 2.88
X-Spam-Level: **
X-Spam-Status: No, score=2.88 tagged_above=-999 required=6.31
	tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1,
	HTML_MESSAGE=3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01,
	SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=disabled
Authentication-Results: spamd2-us-west.apache.org (amavisd-new);
	dkim=pass (2048-bit key) header.d=gmail.com
Received: from mx1-eu-west.apache.org ([10.40.0.8])
	by localhost (spamd2-us-west.apache.org [10.40.0.9]) (amavisd-new,
 port 10024)
	with ESMTP id L0UZzu-qjc4i for <users@tomcat.apache.org>;
	Tue, 10 Nov 2015 10:46:33 +0000 (UTC)
Received: from mail-wm0-f53.google.com (mail-wm0-f53.google.com
 [74.125.82.53])
	by mx1-eu-west.apache.org (ASF Mail Server at mx1-eu-west.apache.org) with
 ESMTPS id 6ACE020313
	for <users@tomcat.apache.org>; Tue, 10 Nov 2015 10:46:32 +0000 (UTC)
Received: by wmvv187 with SMTP id v187so1207610wmv.1
        for <users@tomcat.apache.org>; Tue, 10 Nov 2015 02:46:32 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:in-reply-to:references:from:date:message-id:subject:to
         :content-type;
        bh=hTx6LyDE+56fS4wE46j2ujd6hBDVtSeIdukUfHZWmj8=;
        b=PYGeW5Sb8RDPCarWtfUnBVYE4qr6U17RVjtP3gvf7j9gaGiPioeCKNFIUn3gwFmW/A
         YeYgPEZhd01KyORuA5/5fnnLUVkP8tf3VlPDhCWuCs5V3J/ATLxehkQRoTM0ACGks76/
         RGqaFX5VcjRVBtNpBbRyeYj9CY2Br6s3r1hsagHZjdKWHWP6bcC5st3gYR1r33SJINqZ
         LAOugpnkkBu9E2VxGAIB8dCkQ3Vk12ywILdoflYd/nQqW4CmboqjrGwizWdr+oNCiNu2
         xXQGcWB4uRQnNg/DYvjEiNRYZLxMpIU4eEesCUUYMaUm2ASb7RDG6/qCE0VtbVke+4ix
         ihug==
X-Received: by 10.28.88.205 with SMTP id m196mr4095053wmb.7.1447152392127;
 Tue, 10 Nov 2015 02:46:32 -0800 (PST)
MIME-Version: 1.0
Received: by 10.27.14.219 with HTTP; Tue, 10 Nov 2015 02:46:12 -0800 (PST)
In-Reply-To: <220372CA-4A47-48D8-9127-83ADFDC27ADD@me.com>
References: 
 <CAAuBgUVO9+NYrbpt1MvUMx29FK-uiDw6EKObiVzMYijfMvLrpA@mail.gmail.com>
 <220372CA-4A47-48D8-9127-83ADFDC27ADD@me.com>
From: Suleman Butt <suleman.butt@gmail.com>
Date: Tue, 10 Nov 2015 11:46:12 +0100
Message-ID: 
 <CAAuBgUWjDy0PkDN+SkPEVV0wGDHfUvq9cwcmK6Nww1XTwR9PZg@mail.gmail.com>
Subject: Re: No direct access to Tomcat as it is using AJP connector?
To: Tomcat Users List <users@tomcat.apache.org>
Content-Type: multipart/alternative; boundary=001a114444ae44cc9905242d6cd8

--001a114444ae44cc9905242d6cd8
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

Thanks, Bj=C3=B6rn for your reply.

* Load balancing
is not the case.

* Routing many services within a single website
The same Apache Web server is serving other applications running on other
Tomcats

* SSL issues
The application endpoint URL is HTTPS.

* SLA or corporate policies
Not sure, but the layout Apache Webserver and Tomcat Application is very
common here for other applications as well

* Trust
Not sure what exactly does the term Trust reflect here.


But on a separate note, if application is not directly accessible (pointing
to Tomcat) then what if Apache Web server is down then that could be the
only point of failure for the entire application or set of applications?
Don't you think an alternate solution should need to be in place in
parallel?

Thanks.


On Tue, Nov 10, 2015 at 11:32 AM, Bj=C3=B6rn Raupach <raupach@me.com> wrote=
:

> Hello Suleman,
>
> > On 10 Nov 2015, at 11:18, Suleman Butt <suleman.butt@gmail.com> wrote:
> >
> > Hi All,
> >
> > I have the following configuration.
> >
> > Standalone Apache web server is talking to Tomcat AS using AJP connecto=
r.
> > Both Apache and Tomcat are running on seperate server machines. All my
> > application components are deployed on the Tomcat AS and Apache is just
> > used to redirect the user requests to Tomcat.
> >
> > Now I have the following requirement, I have been asked by my operation
> > team member that he needs to " replace Battery and install McAfee" on t=
he
> > Apache web server and the activity would require approx. 1 hour. He als=
o
> > told me that during this period of time, the entire application would n=
ot
> > be accessible!
> >
> > My question to him was that why can't users access the application by
> > directly putting the IP of the Tomcat server in the browser during the
> time
> > Apache web server is under maintenance? Why can't we access the Tomcat =
AS
> > directly? Once the Apache is up, users can then use the actual URL and
> > access the application again via Apache web server.
> >
> > But the short answer I got from the team member was that *there is no
> > alternate URL as Tomcat is using AJP connector which cannot be accessed
> via
> > browser. *
> >
> > So my question is if it really true and there is no alternate way (quic=
k
> > solution/workaround) we can avoid the complete outage of the applicatio=
n?
>
> Yes, your colleague is correct. If only the AJP connector is configured y=
ou
> can=E2=80=99t access Apache Tomcat with your Browser. Your Browser speaks=
 HTTP
> and not AJP. Thinks would be different if there is an HTTP-Connector
> configured.
>
> >
> > I am not technically aware of this AJP configuration and constraint, so
> > that's why I want to make sure if the above condition stated by the tea=
m
> > member is indeed correct. May be he lacks or unaware of any other
> alternate.
>
> Not judging your colleague here and what is reasoning is. Sysadmins usual=
ly
> place Tomcat behind an Apache because:
>
> * Load balancing
> * Routing many services within a single website
> * SSL issues
> * SLA or corporate policies
> * Trust
>
> We have been running standalone Apache Tomcat since version 6. It is
> stable and has not caused any troubles in all these years. It is worth
> trying out.
>
>
> >
> > So any help/clarification would be really appreciated.
> >
> > Many thanks.
> >
> >
> >
> > --
> > Regards Suleman
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>


--=20
Regards Suleman

--001a114444ae44cc9905242d6cd8--