>Will this be the next step to combining mod_webapp with
>mod_jk?
Discussion is open and Pier is my guess, even if he loose
an occasion to eat splendid 'pasta fresca'.
>Maybe this could be the first step to merging the two.
>ajp14 could offer some automatic configuration similar
>to mod_webapp, as you suggested in the proposal.
>I also think that a security mechanism is important.
>There should be some form of login for the connector to
>make sure that communication with the server is allowed.
>I think we should be careful with the security side,
>however. This could lead into a complex discussion
>over what is appropriate. My suggestion would be to
>go with something simple, as suggested in the proposal.
The system is aimed to be simple, we don't want SSH/SSL
here but just a basic 'protected' login.
>This level of security would cover most of the installations
>and when someone requires an additional level of security or
>interface to other security mechanisms, that could be added
>later.
We can add native SSH tunneling for example using openssh.
>This proposal hits on the most important issues with mod_jk
>at this point.
>
>+1
>
>As for the security key, would it be possible to generate
>a unique key when mod_jk is first installed? Maybe we could
>create some basic mechanism, similar to the way ssh generates
>a key when it is installed. This would avoid the possibility
>of having many TC servers out there that can be logged into
>with the default key or no key. It could avoid the problem
>that the admin webapp has with the password needing to be changed
>and trust being turned on.
mod_jk could serve many tomcats on different systems. Each Tomcat
could need a different secret key, but worker concept help here.
Cf my previous mail about it....
>Just a thought.
>
>Mike.
>--
>Mike Braden
>[EMAIL PROTECTED]
>[EMAIL PROTECTED]
>
>-----Original Message-----
>From: GOMEZ Henri [mailto:[EMAIL PROTECTED]]
>Sent: Monday, May 07, 2001 8:40 AM
>To: [EMAIL PROTECTED]
>Subject: [PROPOSAL AJP14] AJP13 Evolution
>
>
>Hi to all,
>
>You could find attached a proposal of evolution to
>the current Apache JServ Protocol version 1.3,
>also known as ajp13.
>
>Let start the comments, questions, remarks cycle.....
>
>PS : I've not cover here the full protocol but only the add-on
> from ajp13.
>
>-
>Henri Gomez ___[_]____
>EMAIL : [EMAIL PROTECTED] (. .)
>PGP KEY : 697ECEDD ...oOOo..(_)..oOOo...
>PGP Fingerprint : 9DF8 1EA8 ED53 2F39 DC9B 904A 364F 80E6
>
>
