You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Arjun C <ru...@yahoo.com> on 2000/10/09 20:50:23 UTC

Security question using mod_jk

Hey,

So, I'm looking for a way to authenticate
communication between apache(1.1.13) and tomcat(3.2),
using mod_jk and apj12.  Now, from what I could garner
from the docs, setting ApJServSecretKey = <filename>
seemed to be the necessary step to enable mod_jserv
security, but I could not seem to find the
corresponding connection-handling code in the
apj12connectionhandler.java.

So, I guess I have 2 questions:
a) Should I find the server (tomcat) side
authentication in the apj12connectionhandler.java? 
(Assuming, ofcourse, that it was implemented)
b) What is the preferred way of authenticating
communication to tomcat, short of actually coding in
the challenge/response into the client and tomcat's
connection handler?

Thanks in advance...

__________________________________________________
Do You Yahoo!?
Yahoo! Photos - 35mm Quality Prints, Now Get 15 Free!
http://photos.yahoo.com/