>2 things: > >> The system is aimed to be simple, we don't want SSH/SSL >> here but just a basic 'protected' login. > >and that you can bind the socket to 127.0.0.1:<PORT> instead >of *:<PORT> >through a config change. In that case, you restrict to a web-sevlet/tomcat on the same machine, but yes we could do that (allready possible on TC 3.2/3.3) >>>This level of security would cover most of the installations >>>and when someone requires an additional level of security or >>>interface to other security mechanisms, that could be added >>>later. >> >> We can add native SSH tunneling for example using openssh. > >You could do that already with no modifications to the ajp by >using port >forwarded SSH tunneling. Heck, you could do it with STunnel if >you want to >use RSA/SSL instead of SSH also without modifications to ajp. I better use jonama (http://www.multimania.com/jonama/) to do SSL tunneling since I wrote this one ;)
- RE: [PROPOSAL AJP14] AJP13 Evolution GOMEZ Henri
- RE: [PROPOSAL AJP14] AJP13 Evolution GOMEZ Henri
- RE: [PROPOSAL AJP14] AJP13 Evolution Nick Bauman
- RE: [PROPOSAL AJP14] AJP13 Evolution GOMEZ Henri
- RE: [PROPOSAL AJP14] AJP13 Evolution cmanolache
- Re: [PROPOSAL AJP14] AJP13 Evolution Dan Milstein
- Re: [PROPOSAL AJP14] AJP13 Evolution cmanolache
- Re: [PROPOSAL AJP14] AJP13 Evolution jean-frederic clere
- RE: [PROPOSAL AJP14] AJP13 Evolution Mike Braden
- Re: [PROPOSAL AJP14] AJP13 Evolution Dan Milstein
- RE: [PROPOSAL AJP14] AJP13 Evolution GOMEZ Henri
- RE: [PROPOSAL AJP14] AJP13 Evolution GOMEZ Henri
- Re: [PROPOSAL AJP14] AJP13 Evolution Jon Stevens
- Re: [PROPOSAL AJP14] AJP13 Evolution jean-frederic clere
- RE: [PROPOSAL AJP14] AJP13 Evolution GOMEZ Henri
- RE: [PROPOSAL AJP14] AJP13 Evolution GOMEZ Henri
- RE: [PROPOSAL AJP14] AJP13 Evolution GOMEZ Henri
- RE: [PROPOSAL AJP14] AJP13 Evolution GOMEZ Henri
- RE: [PROPOSAL AJP14] AJP13 Evolution cmanolache
- RE: [PROPOSAL AJP14] AJP13 Evolution Craig R. McClanahan
- RE: [PROPOSAL AJP14] AJP13 Evolution GOMEZ Henri
