On Mon, 11 Nov 2002, Lloyd Meinholz wrote:
> Date: Mon, 11 Nov 2002 15:33:16 -0500 > From: Lloyd Meinholz <[EMAIL PROTECTED]> > Reply-To: Tomcat Users List <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] > Subject: SSL in tomcat vs. apache > > Does anyone have any comparison facts or opinions on the difference in > running SSL in apache vs. SSL in tomcat (Java)? We're running on Sun boxes > and using JDK 1.4.1 if that matters (other than JSSE is built-in). > > Most of our sites are dynamic, but we are currently using a web server for > authentication and SSL encryption (the whole site, not just part of it) and > a few static pages. We are required to password protect and encrypt the > entire site. I am tempted to do away with our web server, but am a little > nervous about doing computationally intensive stuff with Java and what the > performance would be. > > I will have to use JNDI Realms to authenticate to our LDAP server also, but > I do quite a bit with JNDI already and am a bit more comfortable with that > issue. > > Thanks for any insight. > In theory, doing the SSL decryption in the web server (typically in highly optimized C or C++ code) should run faster. The gap is probably smaller with recent JVMs (where the code that does this will get JIT'd by HotSpot fairly soon if it gets used a lot). (The same argument applies to things like HTTP header parsing in C versus Java, but the gaps are probably smaller there.) In practice, the only way to know for sure is to try it both ways and see if there is a difference that matters in *your* environment. > Lloyd > Craig -- To unsubscribe, e-mail: <mailto:tomcat-user-unsubscribe@;jakarta.apache.org> For additional commands, e-mail: <mailto:tomcat-user-help@;jakarta.apache.org>
