All, Thanks for the thoughtful advice and replies.
To answer a few questions, belatedly, yes it would be an option to move the
admin tools to another instance of TC, as Leo suggested -- in a way a
better one, since it wouldn't need session replication, could exist on a
single server since the
On Fri, Aug 01, 2014 at 07:54:03PM -0400, David Kerber wrote:
On 8/1/2014 6:06 PM, James H. H. Lampert wrote:
Why would you want to do that? Other than a few extra server CPU
cycles,
what's the harm in allowing SSL anywhere at the client's discretion?
I'm with Chuck on that one.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Mark,
On 8/4/14, 11:34 AM, Mark H. Wood wrote:
On Fri, Aug 01, 2014 at 07:54:03PM -0400, David Kerber wrote:
On 8/1/2014 6:06 PM, James H. H. Lampert wrote:
Why would you want to do that? Other than a few extra
server CPU cycles, what's the
Chris,
On 4.8.2014 22:47, Christopher Schultz wrote:
Encryption is more expensive than /not/ encrypting, but it's much
harder on the server (many connections) than it is on the client
(single-digit). Since these days, everyone is disabling compression
for SSL, the biggest problem for a dial-up
Hi,
-Original Message-
From: John Smith [mailto:tomcat.ran...@gmail.com]
Sent: Friday, August 1, 2014 11:43 PM
To: Tomcat Users List
Subject: Re: Restricting SSL access within webapp
On Fri, Aug 1, 2014 at 4:34 PM, Caldarale, Charles R
chuck.caldar...@unisys.com wrote:
From
From: John Smith [mailto:tomcat.ran...@gmail.com]
Subject: Restricting SSL access within webapp
What's the correct way to selectively restrict https to only one area of a
webapp?
Why would you want to do that? Other than a few extra server CPU cycles,
what's the harm in allowing SSL
On Fri, Aug 1, 2014 at 4:34 PM, Caldarale, Charles R
chuck.caldar...@unisys.com wrote:
From: John Smith [mailto:tomcat.ran...@gmail.com]
Subject: Restricting SSL access within webapp
What's the correct way to selectively restrict https to only one area of
a webapp?
Why would you want
Why would you want to do that? Other than a few extra server CPU cycles,
what's the harm in allowing SSL anywhere at the client's discretion?
I'm with Chuck on that one.
From the docs:
Also, while the SSL protocol was designed to be as efficient as securely
possible, encryption/decryption
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
John,
On 8/1/14, 5:43 PM, John Smith wrote:
On Fri, Aug 1, 2014 at 4:34 PM, Caldarale, Charles R
chuck.caldar...@unisys.com wrote:
From: John Smith [mailto:tomcat.ran...@gmail.com] Subject:
Restricting SSL access within webapp
What's the
On Fri, Aug 1, 2014 at 1:55 PM, John Smith tomcat.ran...@gmail.com wrote:
In my webapp there's a directory '/admin' that's protected under SSL. Users
are forced to use SSL via a security constraint in web.xml. It works great.
I would also agree with Chuck and James.
Can you not move this
On 8/1/2014 6:06 PM, James H. H. Lampert wrote:
Why would you want to do that? Other than a few extra server CPU
cycles,
what's the harm in allowing SSL anywhere at the client's discretion?
I'm with Chuck on that one.
From the docs:
Also, while the SSL protocol was designed to be as
On 8/1/14 4:54 PM, David Kerber wrote:
I don't think the problem is so much bandwidth as it is server CPU.
Encryption and decryption are very cpu-intensive tasks.
Not to mention client CPU. (Let's face it, if somebody's on dial-up,
they're probably on an old, slow box, too. Like my G4 bionic
12 matches
Mail list logo