Hi Leon,
On 1/10/07, Leon Rosenberg <[EMAIL PROTECTED]> wrote:
Aehm,
the original thread was about security, and now you wrote "performs"
better, which I assumed referred to "performance". If not - my fault
:-)
Well, we moved kinda of-topic here, sou you got me right.
What I actually wanted to say was:
- I absolutely agree to Markus who said
* don't use software if there's no need for it
* don't try to use Apache httpd to enhance Tomcat's security
However, I just wanted to emphesize that Apache/httpd / Tomcat is
quite a common real-world-scenario and due to this nobody should worry
that Apache httpd is BREAKING Tomcat's security AS LONG YOU KNOW YOUR
WAYS ROUND.
After that, I was asked why using Apache httpd anyways, and I tried to
explain why (because *here* it performs faster)
>
Do you hold the content of the pages in memory and stream them out
from your servlet?
Maybe I'm getting it completely wrong, but imo your servlet is a 3
liner (simplified version):
doGet(req,res){
res.setHeader(....);
res.getOutputStream().write(Cache.getFileContent(getFileName(req)));
res.getOutputStream().close();
}
Due to the number of our html/js-files we cannot hold them completely
in memory. With the principle of the filter you're right.
We tested this version (Tomcat/HeaderFilter) against
Apache/mod_headers, and Apache simply performed faster
That's an argument I'm buying :-)
I know, this is a Tomcat mailing-list here, and I shouted "Jehova",
but guys, believe me, sometimes it's quite enlightening taking a look
over the fence ;)
Cheers
greg
--
what's puzzlin' you, is the nature of my game
gpgp-fp: 79A84FA526807026795E4209D3B3FE028B3170B2
gpgp-key available @ http://pgpkeys.pca.dfn.de:11371
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
