The classic answer to this is to terminate at a load balancer, as has already been said, but that doesn't help you if you try to build defense in depth inside your application. The logic for defense in depth would suggest that you terminate TLS as close to your application as possible, working toward using TLS for all connections, including those internally.
Even though it's more difficult, it's safer to terminate on the Dropwizard edge, to reduce traffic arriving over HTTP, which is especially important to avoid if the payload contains personal data etc. -- You received this message because you are subscribed to the Google Groups "dropwizard-user" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
