I have not tested this, but wanted to make sure before I do all the necesary changes.
I have apache in front of tomcat, apache handles the ssl communication... I need to make sure that some stuff happens only via ssl, and i had a filter for that. But i was recommended to use a security constranint in tomcat instead. Will this work having apache on top of tomcat? Also. I only have apache + tomcat becouse when I enabled SSL to tomcat stand alone, whenever switching to ssl, i would not be able to access all my session objects created before the switch. Is there a way to avoid that? If is i would just remove apache from the picture. Al my static content needs to come from tomcat anyway. Also, is there a way to read the ip address of the requesting user if apache is the front to tomcat? I realize some of this are different topics, but have to do with the same stuff... Thanks to all in advance! -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
