I'm trying to use apache/mod_ssl as an SSL front-end to tomcat 4. I have a few issues:
- Is there anyway to get apache to forward all requests to tomcat? Apache with mod_ssl is quite a bit faster than the standalone SSL container... - Can I use single-sign-on with FORMs? How is the hostname in the session cookie constructed? - Since only SSL access will be allowed, tomcat shouldn't try any redirects and isSecure() calls should always return true. Likewise, security-constraints like: <transport-guarantee>CONFIDENTIAL</transport-guarantee> should be always true. Is there any special way of doing this? If anyone has a better way of designing this or tips, I would really appreciate the advice. Thanks, Adi -- To unsubscribe: <mailto:[EMAIL PROTECTED]> For additional commands: <mailto:[EMAIL PROTECTED]> Troubles with the list: <mailto:[EMAIL PROTECTED]>
