"QM" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > : Here's the scenario. Apache server sits outside our firewall/LAN. It needs to take secure requests from users, forward them onto Tomcat (Which sits behind the firewall) via the JK connector. Is there some configuration option in Tomcat and/or the workers2.properties config file that will handle this? Most of the documentation I've read seems to describe setups where Apache is not calling a remote Tomcat server. Only other option would be to use kernel encryption at the OS level. Thanks in advance. > > This depends on your goal: do you want to > > 1/ make sure the traffic between the webserver / tomcat is encrypted to > discourage snooping > Some people have reported success using ssh-tunnelling. Never tried it myself (since I can be reasonably confident that any men-in-the-middle of the Apache-Tomcat connection are supposed to be there :). There is nothing (currently) in mod_jk(2) to send the socket traffic encrypted.
> 2/ let Tomcat see some of the SSL-related req info to satisfy security > constraints in web.xml, e.g. the one to require SSL comms (I forget > the tag name at the moment) > > For #1, I'm not much help. > > For #2, this doc: > > http://jakarta.apache.org/tomcat/tomcat-4.1-doc/jk2/jk/workershowto.html > > may help. If you scroll to the "Ajp13 Worker properties" header, > mentions that this protocol passes the info to Tomcat. > > -QM > > -- > > software -- http://www.brandxdev.net (C++ / Java / SSL) > tech news -- http://www.RoarNetworX.com --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
