-6571
-Original Message-
From: Mark A. Claassen [mailto:mclaas...@ocie.net]
Sent: Thursday, March 1, 2018 11:20 AM
To: Tomcat Users List
Subject: RE: Security of AJP
Thanks everyone for your feedback. I am the one who unknowingly opened
this can of worms. :)
It seems like there is a bit of mom
: Christopher Schultz [mailto:ch...@christopherschultz.net]
Sent: Thursday, March 1, 2018 11:54 AM
To: users@tomcat.apache.org
Subject: Re: Security of AJP
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Mark(s) and Terence,
On 3/1/18 11:20 AM, Mark A. Claassen wrote:
> Thanks everyone for y
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Mark(s) and Terence,
On 3/1/18 11:20 AM, Mark A. Claassen wrote:
> Thanks everyone for your feedback. I am the one who unknowingly
> opened this can of worms. :)
>
> It seems like there is a bit of momentum for altering the
> documentation, so I
and
assumes no legal liability or responsibility for the posting.
-Original Message-
From: Terence M. Bandoian [mailto:tere...@tmbsw.com]
Sent: Thursday, March 1, 2018 8:34 AM
To: Tomcat Users List
Subject: Re: Security of AJP
On 2/28/2018 10:16 AM, Mark H. Wood wrote:
> On Wed, Feb
On 2/28/2018 10:16 AM, Mark H. Wood wrote:
On Wed, Feb 28, 2018 at 09:25:53AM -0500, Christopher Schultz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Chris,
On 2/28/18 8:40 AM, Cheltenham, Chris wrote:
Since AJP is not really needed by Tomcat; If I comment out the AJP
startup line i
On Wed, Feb 28, 2018 at 09:25:53AM -0500, Christopher Schultz wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Chris,
>
> On 2/28/18 8:40 AM, Cheltenham, Chris wrote:
> > Since AJP is not really needed by Tomcat; If I comment out the AJP
> > startup line in server.xml will that affe
Chris and Chris
-Original Message-
> From: Cheltenham, Chris [mailto:ccheltenham-...@philasd.org]
> Sent: Wednesday, February 28, 2018 8:40 AM
> To: Tomcat Users List
> Subject: RE: Security of AJP
>
> Since AJP is not really needed by Tomcat; If I comment out the AJP
Schultz [mailto:ch...@christopherschultz.net]
Sent: Wednesday, February 28, 2018 9:26 AM
To: users@tomcat.apache.org
Subject: Re: Security of AJP
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Chris,
On 2/28/18 8:40 AM, Cheltenham, Chris wrote:
> Since AJP is not really needed by Tomcat; If I comm
and Tomcat or other
Java-based app servers.
If you don't understand any of these things, you generally don't have
to worry about them.
If you don't need a reverse-proxy, you don't need AJP or the connector
that speaks it.
- -chris
> -Original Message- From: Christoph
Stanchev [mailto:gstanc...@serena.com]
Sent: Wednesday, February 28, 2018 9:09 AM
To: Tomcat Users List
Subject: RE: Security of AJP
It is used, for example, if you want to front Tomcat by Apache Web Server or
by IIS (among others). In those cases the HTTP processing is done in the
front system and
TCPIP to Tomcat's
AJP connector.
Is it more clear now?
-Original Message-
From: Cheltenham, Chris [mailto:ccheltenham-...@philasd.org]
Sent: Wednesday, February 28, 2018 6:40 AM
To: Tomcat Users List
Subject: RE: Security of AJP
Since AJP is not really needed by Tomcat; If I commen
ultz [mailto:ch...@christopherschultz.net]
Sent: Tuesday, February 27, 2018 4:26 PM
To: users@tomcat.apache.org
Subject: Re: Security of AJP
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Mark,
On 2/27/18 3:54 PM, Mark A. Claassen wrote:
> From what I have read, it seems that the AJP connector is no
Mark,
On 27.02.2018 21:54, Mark A. Claassen wrote:
From what I have read, it seems that the AJP connector is not secure, and is meant to be
used in a protective environment. There are lots of things that imply this, like no SSL
settings and such, but I cannot find it directly stated anywher
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Mark,
On 2/27/18 3:54 PM, Mark A. Claassen wrote:
> From what I have read, it seems that the AJP connector is not
> secure, and is meant to be used in a protective environment.
> There are lots of things that imply this, like no SSL settings and
>
14 matches
Mail list logo
