Hi all, I know this topic, or at least bits and pieces of it, has been covered in various posts, but just for clarification in my mind I would like the opinions of experienced Tomcat and Unix/Linux experts about optimizing performance and security configuration for Tomcat.
As a starting point our configuration is currently this: - Debian based Linux - JSVC with Tomcat 6 running Tomcat under a less privileged account - Apache 2.x front to Tomcat, Tomcat remains on the secure port 8080 - mod_proxy with mod_rewrite for legacy integration and reverse proxy We use the reverse proxy to integrate our name space, it also enables us to perform cross site authentication via HTTP headers... please feel free to comment here, but I see this configuration as not being optimal, Our Java web applications are performing more and more asynchronous requests so sooner or later we will have to look at running comet services. From what I have read in other posts Running Apache in front would be a liability in this case. >From a security standpoint I don't see it as ideal either... two web servers make for two targets, but nevertheless many people believe that Tomcat is more secure behind Apache (I don't share this opinion), please share your thoughts. Thanks, Peter