Hi Gerald,
On Jan 26, 2006, at 1:22 PM, Gerald Schöffel wrote:
Hello Chris,
If you're using Tomcat (or another servlet container that supports
the JK protocol) this is quite easy to handle. First you need to
set up two virtual hosts in your Apache config, a regular host
listening on port 80 and an SSL host listening on port 443. Each
of those virtual hosts is set to use mod_jk to forward to your
Tomcat instance. By using mod_jk, all of the port stuff goes away
from your URLs. Apache handles all the SSL stuff so Tomcat
doesn't need to do it. And you should require no code changes,
the scheme binding will just work.
Hope that helps
Yes, I think this is very helpful !
Thank you for pointing this out. At this time, my Apache is only
using mod_proxy - I did not know how powerful mod_jk is in
combination with Tapestry :)
If you're fronting Tomcat with Apache mod_jk is very powerful.
So when using mod_jk the parasitic port ending mentioned in my
initial posting will be gone ? Cool !
Yes, those port numbers will go away completely. This is because
Apache won't even be talking to Tomcat on port 8080, it will be using
the JK port, 8009. Using mod_jk makes Tomcat work much more like
mod_php or mod_perl. All of the http/https stuff happens in Apache.
So when a request comes in Apache uses mod_jk to request the (X)HTML
(or whatever) document from Tomcat instead of retrieving a file from
the disk. Then Apache responds with whatever Tomcat sent. From
Tomcat's point of view, there is no http or https.
A nice side benefit is you get to use Apache's native SSL
implementation which is orders of magnitude faster then the terribly
slow Java SSL implementation.
Just remember, when you configure things this way, Tomcat really
isn't doing the https processing so you need to install your SSL
certificates on the Apache server, not on Tomcat.
--Chris
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
