You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Massimiliano Berruti <ma...@gmail.com> on 2006/09/21 11:15:11 UTC
Tomcat Clustering SSH
Hello,
we set up a simple web cluster with the following configuration: a
Apache ssl server acts as a load balancer towards two tomcat workers
in order the support failover and high availability.
We used the built-in mechanism available from tomcat 5.x to implement
clustering. From what we have understood from the docs, the
communications between each cluster member is obtained through the
SimpleTcpCluster class and is not encrypted.
We'd like to make the communications between cluster's members
encrypted to prevent sniffing the session's messages.
We have no idea how to implemet this, we're looking for tips and suggestions.
Thank you
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Tomcat Clustering SSH
Posted by Massimiliano Berruti <ma...@gmail.com>.
could please point me to some refs describing ssh tunnels integration
on tomcat's cluster members?
Thanx
2006/9/21, Peter Rossbach <pr...@objektpark.de>:
> Use ssh tunnels!
>
> but better use an isolate network...
>
> Regards
> Peter
>
>
>
> Am 21.09.2006 um 11:15 schrieb Massimiliano Berruti:
>
> > Hello,
> >
> > we set up a simple web cluster with the following configuration: a
> > Apache ssl server acts as a load balancer towards two tomcat workers
> > in order the support failover and high availability.
> >
> > We used the built-in mechanism available from tomcat 5.x to implement
> > clustering. From what we have understood from the docs, the
> > communications between each cluster member is obtained through the
> > SimpleTcpCluster class and is not encrypted.
> >
> > We'd like to make the communications between cluster's members
> > encrypted to prevent sniffing the session's messages.
> >
> > We have no idea how to implemet this, we're looking for tips and
> > suggestions.
> >
> > Thank you
> >
> > ---------------------------------------------------------------------
> > To start a new topic, e-mail: users@tomcat.apache.org
> > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> > For additional commands, e-mail: users-help@tomcat.apache.org
> >
> >
>
>
>
--
Massimiliano Berruti
Email: massimiliano.berruti@gmail.com
Fax: (+39)02-700432720
Novara - Italy
"Lavora come se non avessi bisogno dei soldi.
Ama come se nessuno ti abbia mai fatto soffrire.
Balla come se nessuno ti stesse guardando.
Canta come se nessuno ti stesse sentendo.
Vivi come se il Paradiso fosse sulla Terra."
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Tomcat Clustering SSH
Posted by Peter Rossbach <pr...@objektpark.de>.
Use ssh tunnels!
but better use an isolate network...
Regards
Peter
Am 21.09.2006 um 11:15 schrieb Massimiliano Berruti:
> Hello,
>
> we set up a simple web cluster with the following configuration: a
> Apache ssl server acts as a load balancer towards two tomcat workers
> in order the support failover and high availability.
>
> We used the built-in mechanism available from tomcat 5.x to implement
> clustering. From what we have understood from the docs, the
> communications between each cluster member is obtained through the
> SimpleTcpCluster class and is not encrypted.
>
> We'd like to make the communications between cluster's members
> encrypted to prevent sniffing the session's messages.
>
> We have no idea how to implemet this, we're looking for tips and
> suggestions.
>
> Thank you
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
Re: Tomcat Clustering SSH
Posted by Mikolaj Rydzewski <mi...@ceti.pl>.
Massimiliano Berruti wrote:
> You're perfectly right...the problem is we must do this because this
> is a sample application we're developping for our university and they
> asked to use ssh tunnel or something else to secure connection in the
> cluster... Thanx for help!
So use VPN to create separate and secure network.
--
Mikolaj Rydzewski <mi...@ceti.pl>
Re: Tomcat Clustering SSH
Posted by Massimiliano Berruti <ma...@gmail.com>.
You're perfectly right...the problem is we must do this because this
is a sample application we're developping for our university and they
asked to use ssh tunnel or something else to secure connection in the
cluster... Thanx for help!
2006/9/21, Mikolaj Rydzewski <mi...@ceti.pl>:
> Massimiliano Berruti wrote:
> > We'd like to make the communications between cluster's members
> > encrypted to prevent sniffing the session's messages.
> Why? This would slow down operations. Put cluster's nodes in a separate
> network segment.
>
> --
> Mikolaj Rydzewski <mi...@ceti.pl>
>
>
>
>
--
Massimiliano Berruti
Email: massimiliano.berruti@gmail.com
Fax: (+39)02-700432720
Novara - Italy
"Lavora come se non avessi bisogno dei soldi.
Ama come se nessuno ti abbia mai fatto soffrire.
Balla come se nessuno ti stesse guardando.
Canta come se nessuno ti stesse sentendo.
Vivi come se il Paradiso fosse sulla Terra."
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Tomcat Clustering SSH
Posted by Mikolaj Rydzewski <mi...@ceti.pl>.
Massimiliano Berruti wrote:
> We'd like to make the communications between cluster's members
> encrypted to prevent sniffing the session's messages.
Why? This would slow down operations. Put cluster's nodes in a separate
network segment.
--
Mikolaj Rydzewski <mi...@ceti.pl>