Hi all, I had been in Tomcat User Group not too long. I realized that many questions and discussion regarding the look of URI, mostly like
"xxx.xxx.xxx/welcome" not "xxx.xxx.xxx:8080/webapp/welcome" "https://xxx.xxx.xxx/secure-welcome"; not "xxx.xxx.xxx:8443/secure-welcome" There are plenty of ways to change the look. My question is: "WHY SHOULD WE CHANGE THE URI LOOK?" There some possible reasons: When we request a URI "http://yourdomain/";, this normally refers to as the content from webserver running on port 80. It could be Apache, IIS and something else. For tomcat, the default port that would be used for running deployed web applications is 8080 (SSL based is 8443), so when you use those web applications, the URI should look like: "http://youdomain:8080/yourwebapplication";. Reason #1 Now someone[1] (yourself, your boss, your customer, you girlfriend?) told you: http://youdomain:8080/yourwebapplication... "This looks so weired (to me)". Can you change? If it is just so ugly that the "someone[1]" can not stand any more, sure you can change for them, then you probably have to spend days or even weeks to find the resource about how to, during the time that you are looking for the resource, you realized that the "REAL" reason is not for its look but hiding something from someone[2]. The "something" here very obvious are port number and context path. And the someone[2] here is potential risk/harmfulness maker. I guess the major two sets of the someone[2] are: User Some users for no reason complained about URI with port number and context path name with some pretty lousy reasons "It is different from what I saw at other sites; so difficult to remember (is it?); screwed my daily mood ...), you dont wanna lose customer and you have to change for them. Hackers/Crackers There are good hackers and bad crackers. Good hacker will always find "What is running on which port". Some hacker can analysis your page flow and page source to get an idea of your web application structure (too complicated one would be almost impossible to get). If they really wanna hack your application, they will break into your system first. When you realized that you spend too much time on "Changing the UIR look" they may have entered your system already. What if they are not that good but just a cracker. Now tools everywhere that can be used for IP / port scan, network packet sniffer etc. They may not have good Linux / Windows system level knowledge but they can use tools and still they will find out your port info, maybe can not get your context path name but it is attractive to them at all. They can spend days to try thousands userid and password to break into your system. Maybe when the time you figure out how to change, they gain their luck to get right userid and password. Reason #2 Here is a reason not for the look. When you use mod_jk as connector from your web server to your tomcat. The port 8080 will be invisible and all requests will be filtered by apache first to decide where to go, if is servlet request, it forwards to tomcat port 8080, and if it is just http request, apache will process it. The change of port and change of context path is caused but not changed by the configuration. If you really have many http requests mixed with servlet request and your network bandwidth and or your machine RAM/ is really limited. You should consider about this. But based on what i had worked on, performancewise no big difference. So can the above 2 reasons can answer the question mentioned very early? At least do not change for just the "Good looking or you are trying to hide something". Spend more time on how to secure your whole system, how to write good quality codes and how to make your page flow better and more flexible. Thanks for your patient reading. Li --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
