You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by lmk <lo...@casden.banquepopulaire.fr> on 2006/04/18 12:08:25 UTC

AJP13 and Mod jk security

Hi;
how to  secure communication  between apache web server and servlet
engine..??

thanks 
--
View this message in context: http://www.nabble.com/AJP13-and-Mod-jk-security-t1467202.html#a3965323
Sent from the Tomcat - User forum at Nabble.com.


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org

Re: AJP13 and Mod jk security

Posted by Tim Funk <fu...@joedog.org>.

The easiest way is to rely on you network admins to ensure no one is 
eavesdropping. But sometimes that isn't possible.

The next easiest way to use an ssh tunnel between tomcat and apache. You need 
google for the specifics. But from your apache servers - if you have one 
tomcat - you'd probably do this:

ssh -N -L 8009:tomcat1.joedog.org:8009 -C -f ssh.joedog.org
Or if you have ssh installed on tomcat1.joedog.org - you can save yourself an 
extra hop:
ssh -N -L 8009:localhost:8009 -C -f tomcat1.joedog.org

Of course - there will be a performance tradeoff by using this trick but the 
security tradeoff can be worth it.

See google for more details on ssh tunneling.

-Tim

lmk wrote:

> Hi;
> how to  secure communication  between apache web server and servlet
> engine..??
>  

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org

RE: AJP13 and Mod jk security

Posted by Tim Lucia <ti...@yahoo.com>.

http://marc.theaimsgroup.com/?l=tomcat-user&m=113980330229468&w=2

(the short answer is basically you don't use Tomcat -- you use networking
infrastructure)

Tim

-----Original Message-----
From: lmk [mailto:lotfi.mellouk@casden.banquepopulaire.fr] 
Sent: Tuesday, April 18, 2006 6:08 AM
To: users@tomcat.apache.org
Subject: AJP13 and Mod jk security


Hi;
how to  secure communication  between apache web server and servlet
engine..??

thanks 
--
View this message in context:
http://www.nabble.com/AJP13-and-Mod-jk-security-t1467202.html#a3965323
Sent from the Tomcat - User forum at Nabble.com.


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org