On Tue, Apr 22, 2014 at 8:48 AM, André Warnier <a...@ice-sa.com> wrote:
> Frédéric Poliquin wrote: > >> << What if you disable authentication entirely as a test... do things >> speed-up?>> Answer is YES >> << Do you have a problem only under load or also when you are testing a >> single-user?>> Single user >> >> What I did is to put Tomcat behind an Apache Server which solved my >> problem. Maybe it could be a good new feature to add in future releases... >> >> > Can you explain how this solved your problem ? > > If you are using Basic Authentication, without sessions, even httpd would > need to re-authenticate to AD/LDAP with every request, no ? > > > I'm somewhat more concerned for the OP if he is using Basic Authentication and LDAP. Passwords going over the network unprotected. Am I the only one seeing this? Leo
