>
> I know how to bind a connector to a specific IP address, but I know nothing
> about this. Neither do I know what would happen if, once Tomcat is up, we
> were to attempt to send a shutdown message in the usual way: would we shut
> Tomcat down, or would we shut whatever owns 127.0.0.1:8005?
> Anyone who considers AJP a secure protocol is clearly clueless when it comes
> to security.
>
Anyone that thinks he can judge security without knowing any of the
requirements is plain wrong. As I wrote in a previous answer. It all depends on
requirements and what you want to accomplish.
Jo
> What is the typical setup in the enterprise apps? Do they just SSL
> terminate at the reverse proxy OR do they setup SSL at both apache and
> tomcat? In the former case, obviously the link is insecure between apache
> and tomcat.
>
The most common setup I've seen is to terminate the SSL connect
On May 28, 2012, at 12:11 AM, al so wrote:
> Well, AJP is not SSL. So, the link is insecure between rev proxy and tomcat
> if you don't use SSL.
It all depends on what your requirements are. If a binary protocol will you,
you can use AJP. If you don't consider it secure, you can choose to go fo
> How about the security concerns in having HTTP between reverse proxy and
> Tomcat?
>
You don't you can use AJP between HTTP and Tomcat.
John
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional comma
>
> Now, I am trying to front Tomcat with apache reverse proxy+SSL.
> 1. Is it not redundant to configure the SSL in the Tomcat as well when the
> fronting reverse proxy is already configured to handle SSL.
>I see lot of posts on the internet which configure SSL at both Tomcat
> and Reverse pr
> The user I bind cannot check user's passwords but it can browse the
> LDAP tree and see all the available users. I have used ldap.exe with
> the same connection/bind and can traverse the LDAP tree.
> As far as after the initial connection is made, no I don't see any
> packets or new connections
> I do know that I am successfully binding to the LDAP server when
> Tomcat starts. If I change "mypassword" to an invalid password then I
> get a ConnectException due to the connection being refused. I also see
> this connection using a network monitoring tool - it is initiated at
> startup and th
>
> asadmin> create-http-listener --listenerport 8009 --listeneraddress 0.0.0.0
> --defaultvs server jk-connector --port 4850
>
So you're creating a listener called jk-connector (why do you add the -port
4850 btw?
>
>
> asadmin> create-network-listener --protocol http-listener-1 --listenerp
On Feb 7, 2012, at 6:14 PM, Ole Ersoy wrote:
> Hi,
>
> In the past I have been able to run tomcat on port 80 under a "tomcat" user.
> It seems like the latest versions of Fedora require that tomcat either be run
> as root or requests to 8080 have to be redirected using iptables. Can
> anyo
I've done this before but always used the apache in front of tomcat to serve
the logfiles.
If you're sure you want to let tomcat do the fileserving, I'ld suggest making a
symlink in one of the application folders to the logsdirectory. That should do
the trick.
John
On Feb 3, 2012, at 2:53 P
On Jan 29, 2012, at 1:27 PM, André Warnier wrote:
>
> Sorry to appear to pounce on you, but putting a element in
> server.xml is discouraged, see here :
> http://tomcat.apache.org/tomcat-6.0-doc/config/context.html#Introduction
>
No offense taken
> I am not myself an expert, so treat this wi
On Jan 29, 2012, at 4:35 AM, Dean Del Ponte wrote:
> I'm running tomcat 6 behind apache.
>
> I currently have an application deployed as "myApplication" and it is
> available at "http://www.mydomain.com/myApplication";.
>
> How can I make this application available at "http://www.mydomain.com";
13 matches
Mail list logo
