Steffen Heil wrote:
Hi
That's the way You should go:
http://www.linux.org.mt/article/tomcat-ports
I totally disagree.
First, it would surely be best to update to 6.0 and run it using jsvc....
However, let's look at the solution in the link above.
1. "The Apache solution". (Which should be called the "httpd" solution.)
This will work, and might be okay, if you are already running apache on that
system.
BUT tomcat itself can be faster (at least newer ones, I don't know about
3.x) without httpd.
2. The IP tables solution
You webapplication will not know about the different port and encode urls
incorrecly. Bad Idea and impossible if SSL is required.
Dunno whether there are flaws in the particular solution
which Stefan referred to, but your assertions about
iptables solutions are not generally true.
Using well documented iptables port mapping techniques
you can run Tomcat 5.5 as non-privileged user, with SSL
on port 443 on several address-based virtual hosts, each
with their own certificates. No jsvc (or any other s/ware
or processes) required. URL encoding works as intended
(indeed, we rely on it exclusively, configuring Tomcat to
never send cookies). This solution in production > 1 year.
What's the basis for your claims?
3. The rinetd solution
Good for development and tests. Adds a little overhead AND destroy a lot of
logging and security, as tomcat will always see ONE client ip.
4. IPchains alternative
see 2.
UPGRADE.
Otherwise get jsvc to work for you.
Regards,
Steffen
Paul Singleton
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
