Brent McArthur wrote:
> Hi There,
>
> What is everyone's opinion on whether or not you should an apache web server
> sitting in front of tomcat magnolia in a production environment? Are there
> any performance benefits?
>
> I'm just curious.
>
> A large proportion of my IT experience has been in developing custom java web
> applications. As a default architecture, we pretty much always went with an
> apache web server, tomcat app server approach so that apache web server could
> effectively serve up all static content while leaving the dynamic stuff to
> tomcat. This is also good from a scalability perspective.
>
> But with Magnolia, a large proportion of what I would normally consider
> "static" is managed by the CMS through the DMS (images, style sheets, etc.).
> This means, Apache will really be doing nothing but passing all requests
> through to Tomcat (mod_jk).
>
> So I put the question out there, what benefits does one get by using an
> apache web server if magnolia is only hosting a single magnolia site?
>
> I did a search on the wiki
> http://wiki.magnolia-cms.com/dosearchsite.action?queryString=apache which
> tells you how to configure apache but doesn't necessarily explain the
> benefits unless you're hosting multiple sites with the one magnolia instance.
>
> Cheers,
>
> Brent
>
>
The official tomcat user list answer is get rid of httpd and just use
tomcat. Apache httpd adds complexity to the environment and overhead on
the requests. If using apache httpd, it should be there to provide
something tomcat alone doesn't (like python, perl, php, cgi, etc.,
...). In my environment, there happens to be some static hosting knit
into the fabric of the site which is why I have httpd in front of tomcat.
To achieve what others have suggested (using SSL on the author
instance), just set up a connector to use SSL (see the tomcat docs on
that subject) and then add something like this in the web.xml of the
author instance, customizing as needed:
<security-constriant>
<web-resource-collection>
<web-resource-name>ssl_protected_area</web-resource-name> <!--
name isn't important -->
<url-pattern>/*</url-pattern> <!--This is protecting the entire
webapp, customize as needed -->
<http-method>GET</http-method> <!-- maybe this isn't needed if
just protecting login POST -->
<http-method>POST</http-method>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee> <!-- SSL
is required w/ this -->
</user-data-constraint>
</security-constraint>
--David
----------------------------------------------------------------
For list details see
http://www.magnolia-cms.com/home/community/mailing-lists.html
To unsubscribe, E-mail to: <[email protected]>
----------------------------------------------------------------
