Re: Alternatives for AJP

2020-04-15 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Frank, On 4/15/20 03:05, Frank Tornack wrote: > Chris, > > Am Dienstag, den 14.04.2020, 10:56 -0400 schrieb Christopher > Schultz: >> Frank, >> >> On 4/12/20 10:20, Frank Tornack wrote: >>> It is possible to replace AJP with normal HTTP or HTTPs. >>

Re: Alternatives for AJP

2020-04-15 Thread Frank Tornack
Chris, Am Dienstag, den 14.04.2020, 10:56 -0400 schrieb Christopher Schultz: > Frank, > > On 4/12/20 10:20, Frank Tornack wrote: > > It is possible to replace AJP with normal HTTP or HTTPs. > > > > AJP has an advantage, it needs less bandwidth. > > Reference? https://marc.info/?l=tomcat-user&m=

Re: Alternatives for AJP

2020-04-14 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Frank, On 4/12/20 10:20, Frank Tornack wrote: > It is possible to replace AJP with normal HTTP or HTTPs. > > AJP has an advantage, it needs less bandwidth. Reference? > But it shouldn't make too much difference with today's computer > networks. If

RE: Alternatives for AJP

2020-04-13 Thread David Cleary
https://nvd.nist.gov/vuln/detail/CVE-2020-1938 -Original Message- From: stephane passignat Sent: Sunday, April 12, 2020 4:00 AM To: Tomcat Users List Subject: Re: Alternatives for AJP Hi Which vulnerability are you mentioning ? Thanks ⁣Envoyé par BlueMail ​ Le 10 avr. 2020 à 17:45

Re: Alternatives for AJP

2020-04-12 Thread Frank Tornack
It is possible to replace AJP with normal HTTP or HTTPs. AJP has an advantage, it needs less bandwidth. But it shouldn't make too much difference with today's computer networks. If you need the bandwidth advantage, you can certainly use the module ModSecurity for Apache HTTPD to protect your applic

Re: Alternatives for AJP

2020-04-12 Thread stephane passignat
Hi Which vulnerability are you mentioning ? Thanks ⁣Envoyé par BlueMail ​ Le 10 avr. 2020 à 17:45, à 17:45, David Cleary a écrit: >Some of our customers are currently using the AJP connector. Given the >vulnerability and breaking change to address it, now may be a good time >to prompt them look

Re: Alternatives for AJP

2020-04-10 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 David, On 4/10/20 11:45, David Cleary wrote: > Some of our customers are currently using the AJP connector. Given > the vulnerability and breaking change to address it, now may be a > good time to prompt them look at alternatives. One requirement is

Alternatives for AJP

2020-04-10 Thread David Cleary
Some of our customers are currently using the AJP connector. Given the vulnerability and breaking change to address it, now may be a good time to prompt them look at alternatives. One requirement is HTTPS support. What are the alternatives when hosting Tomcat behind Apache httpd, nginx, or IIS?