Hi, Thank you all for helping me in this regard. Can you please point me to documentation which helps me configure https between Apache and Tomcat. Also in AJPv13 extensions proposal (http://tomcat.apache.org/connectors-doc/ajp/ajpv13ext.html) one add on suggests "Basic authorisation system, where a shared secret key is present in web server and servlet engine" do we know if this is still under consideration.
Thanks, Asha -----Original Message----- From: André Warnier [mailto:a...@ice-sa.com] Sent: Wednesday, November 23, 2011 3:19 AM To: Tomcat Users List Subject: Re: tomcat http connector Christopher Schultz wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Asha, > > On 11/22/11 2:15 AM, Asha K S wrote: >> Is there any performance comparison document available already >> between http and AJP > > It should be easy to test in your own environment. > > If you are using AJP through another web server, the overhead of the > server itself is obviously non-zero. > > If you're asking about connecting httpd and Tomcat via HTTP or AJP, > then you'll have to do your own testing. I'm not sure there are any > current performance comparisons out there. > > If you are using HTTPS in to Tomcat (that is, terminating SSL at > httpd, then using HTTPS between httpd and Tomcat) then you definitely > want to use the APR (aka "native") connector as it's crypto > implementation is much faster than the Java one. > Addendum : but if you do the above, and you are looking for performance, then you should at least think of what it means : browser (1) <-- HTTPS A --> (2) Apache (3) <-- HTTPS B --> (4) Tomcat (1) encryption (by the browser) (2) decryption (by Apache) (3) encryption (by Apache) (4) decryption (by Tomcat) encryption/decryption is a CPU-intensive process, so you will want to do it only where it is necessary. If the link between Apache and Tomcat is "safe" (in other words, they are both on the same host, or the link is a safe internal network), then you probably do not want to use HTTPS there. Even if the link between Apache and Tomcat is unencrypted HTTP (or AJP), you can still pass information from Apache to Tomcat about the browser/Apache HTTPS connection, if you need to. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
