OK thanks a lot for your answer about performance. I don't specify but my question is first about security of my server which is dedicated to Jasig CAS! What do you think about putting my server in front of Internet? I used to put my webserver behind my ISA Server and in this case, I have problem to put the same certificat on ISA Server and Tomcat.
-----Message d'origine----- De : Marvin Addison [mailto:marvin.addi...@gmail.com] Envoyé : jeudi 20 décembre 2012 16:02 À : cas-dev@lists.jasig.org Objet : Re: [cas-dev] CAS and Network Architecture > I would like to know what are the best practices or best network > architecture I have to build around my server which hosts Tomcat and CAS ? If you intend to build a HA CAS solution I have two high level recommendations: 1. Strive for simplicity 2. Use a real hardware load balancer/application switch I know lots of folks like to proxy Tomcat requests with Apache, but I think it increases complexity for arguably little benefit. One common justification is increased SSL performance, but with the option for Tomcat APR connectors to do that using the same underlying native code (libssl) as Apache, it is no longer a valid argument. Additionally, with the capability of modern application switches to do SSL offloading, it's even less of a justification. Send traffic through as few devices as needed to meet the requirements for throughput and availability. I would strongly recommend testing any candidate architecture for actual performance using your load testing tool of choice. We use JMeter and it's perfectly suitable for this task; see https://wiki.jasig.org/display/CASUM/Apache+JMeter for more info. Best of luck, M -- You are currently subscribed to cas-dev@lists.jasig.org as: e.kl...@cder.fr To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev -- You are currently subscribed to cas-dev@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
