-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
André,
On 12/9/2010 1:50 PM, André Warnier wrote:
> Assume that the upload URL in question is handled by an application
> requiring HTTPS.
> And assume that the web application requires some form of user
> authentication.
Ok.
> Are you telling me th
Christopher,
Christopher Schultz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
André,
On 12/8/2010 5:58 PM, André Warnier wrote:
If we are talking about a standard web application using a standard html
interface and standard browsers, then such an upload would be triggered
by a POST fr
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
André,
On 12/8/2010 5:58 PM, André Warnier wrote:
> If we are talking about a standard web application using a standard html
> interface and standard browsers, then such an upload would be triggered
> by a POST from a html form with a in it, right ?
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Ajay,
On 12/9/2010 11:29 AM, Aggarwal, Ajay wrote:
> You are correct. I benchmarked in both directions and performance is
> pretty comparable (http vs https). BTW, my application uses Java and
> Apache HTTP Components library to perform these file tra
significantly more stress on my server for these large file transfers
were wrong.
-Original Message-
From: André Warnier [mailto:a...@ice-sa.com]
Sent: Wednesday, December 08, 2010 5:58 PM
To: Tomcat Users List
Subject: Re: enforcing SSL only for external clients
Aggarwal, Ajay wrote
Chris,
You are correct. I benchmarked in both directions and performance is pretty
comparable (http vs https). BTW, my application uses Java and Apache HTTP
Components library to perform these file transfers.
While downloading from the server, I saw very similar %CPU and the total time
taken f
Aggarwal, Ajay wrote:
Most of the application will be over SSL for external clients. There is one
part where the clients may upload or download a huge file over HTTP which I
don't want to go through SSL. I am thinking uploading/downloading these huge
files over SSL will create lot of stress on
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Ajay,
On 12/8/2010 5:24 PM, Aggarwal, Ajay wrote:
> Most of the application will be over SSL for external clients. There
> is one part where the clients may upload or download a huge file over
> HTTP which I don't want to go through SSL. I am thinking
erver.
-Original Message-
From: Christopher Schultz [mailto:ch...@christopherschultz.net]
Sent: Wednesday, December 08, 2010 5:14 PM
To: Tomcat Users List
Subject: Re: enforcing SSL only for external clients
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
André,
On 12/8/2010 5:01 PM, André Warnier
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
André,
On 12/8/2010 5:01 PM, André Warnier wrote:
> Aggarwal, Ajay wrote:
>> For external clients, I want to enforce SSL only on part of my
>> application (certain URLs) not all.
>>
>> I will look into URL Rewrite as suggested by Nicholas.
>
> Mixing
Aggarwal, Ajay wrote:
Thanks to all who have given different suggestions.
Binding HTTP (port 80) to 127.0.0.1 and HTTPS (port 443) to external/public IP will not work for me. My situation is slightly more complicated.
Now why did I guess that already ?
Probably the experience of customer-writ
Thanks to all who have given different suggestions.
Binding HTTP (port 80) to 127.0.0.1 and HTTPS (port 443) to external/public IP
will not work for me. My situation is slightly more complicated. For external
clients, I want to enforce SSL only on part of my application (certain URLs)
not all.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Chuck,
On 12/7/2010 6:02 PM, Caldarale, Charles R wrote:
>> From: André Warnier [mailto:a...@ice-sa.com]
>> Subject: Re: enforcing SSL only for external clients
>
>> You will probably need 2 separate , one for HTTP and
&
On Tuesday, December 07, 2010 14:34:55 Aggarwal, Ajay wrote:
> Aggarwal, Ajay wrote:
> > My tomcat application (running on a linux host) has 2 types of clients.
> > Local clients coming on localhost (127.0.0.1)
> and external clients
>
> > coming on external interfaces. I want to enforce use of
> From: André Warnier [mailto:a...@ice-sa.com]
> Subject: Re: enforcing SSL only for external clients
> And, while we are at it, how about IP-based VHosts ?
> Are they described anywhere in the docs ?
Not that I can find, other than the attribute description for the
elemen
> From: André Warnier [mailto:a...@ice-sa.com]
> Subject: Re: enforcing SSL only for external clients
> You will probably need 2 separate , one for HTTP and
> the other for HTTPS.
I think that's true.
> You probably need to set the "useIPVHosts" attribute
IP-based V-hosts are mentioned in the online documentation.
But I found some links which may be helpful in Google when searching for :
tomcat "useIPVHosts"
-Original Message-
From: André Warnier [mailto:a...@ice-sa.com]
Sent: Tuesday, December 07, 2010 2:27 PM
To: Tomcat Us
to the internet
with an interface having a "public" IP.
-Original Message-
From: André Warnier [mailto:a...@ice-sa.com]
Sent: Tuesday, December 07, 2010 2:27 PM
To: Tomcat Users List
Subject: Re: enforcing SSL only for external clients
Aggarwal, Ajay wrote:
> My tomca
Aggarwal, Ajay wrote:
My tomcat application (running on a linux host) has 2 types of clients.
Local clients coming on localhost (127.0.0.1)
that sounds strange, unless the clients are really programs running on the same machine as
the server.
and external clients
coming on external interfa
My tomcat application (running on a linux host) has 2 types of clients.
Local clients coming on localhost (127.0.0.1) and external clients
coming on external interfaces. I want to enforce use of SSL only for
external clients. How do I do that? If I use I am
assuming it will apply to both local as
20 matches
Mail list logo
