OK, so I will admit that I am out of the loop with regards to #2. But I still have an issue with storing and passwords required to open key files in the clear. Is there some function that will handle this for me...
On 5/19/05, Peter Lin <[EMAIL PROTECTED]> wrote: > I don't know about others, but I prefer to run tomcat on port 8080 and > then setup the router to redirect port 80 to 8080. it's rather easy to > setup these days. > > peter > > > On 5/19/05, Remy Maucherat <[EMAIL PROTECTED]> wrote: > > On 5/19/05, Mark <[EMAIL PROTECTED]> wrote: > > > I was very interested in the discussion concerning Apache vs Tomcat > > > WRT Performance. While I cannot argue with the performance numbers, I > > > do like putting Apache in front of Tomcat for 2 reasons that I have > > > found so far. > > > > > > 1. SSL. If I am going to be serving pages whether they be dynamic or > > > static, I think Apache handles the SSL communications and key storage > > > better. In tests that I have run, the crypto that needs to be done to > > > support SSL is faster in C than Java. Also, Tomcat stores any key > > > information in a flat file, where Apache will prompt for a password on > > > startup. Now some administrators might like this better, because > > > Tomcat will then start automatically at boot time, I would not want > > > any password of mine sitting in the clear in a test file. > > > > The next Tomcat 5.5 release will include APR based connectors, where > > SSL will (predictably) use OpenSSL. > > > > > 2. If you are hosting your site using port 80 on Unix boxes this means > > > running Tomcat as root. I can think of very few reasons why Tomcat > > > needs to be run as root. Apache has the ability to 'downgrade' user > > > privileges once Apache is started. > > > > I think you should have googled for that. You can use either kernel > > level redirection (iptables, for example), or use jsvc. > > > > -- > > xxxxxxxxxxxxxxxxxxxxxxxxx > > R�my Maucherat > > Developer & Consultant > > JBoss Group (Europe) S�RL > > xxxxxxxxxxxxxxxxxxxxxxxxx > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
