OK, another newbie-ish question here.
I am using Tomcat 5.5.x with APR/native libraries on Windows 2003 x32 or
Windows 2008 x64 to serve applications from the US to Asia-based
clients.
We encrypt everything using SSL, from Login page onward, with
<transport-guarantee> of CONFIDENTIAL.
All URLs are configured as relative, i.e., "/images/picture.png",
"/APP1?param1=value....", etc.
We use Tomcat as the web server with no intervening proxies,
load-balancers, accelerators, etc.
Response time is noticeably slow (based on complaint level) and I am
looking for ways to improve it.
Will setting the HTTPS connector "compression=on" actually compress the
data for HTTPS?
Does it compress before or after applying the encryption?
And, in case it's relevant, here is the relevant excerpt from the
web.xml file we use:
<security-constraint>
<web-resource-collection>
<web-resource-name>Everything</web-resource-name>
<url-pattern>*.jsp</url-pattern>
<url-pattern>*.html</url-pattern>
<url-pattern>*.js</url-pattern>
<url-pattern>/APP1</url-pattern>
<url-pattern>/APP2</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
Any assistance would be much appreciated.
Jeff
******************************* NOTICE *********************************
This message is intended for the use of the individual or entity to which
it is addressed and may contain information that is privileged,
confidential, and exempt from disclosure under applicable law. If the
reader of this message is not the intended recipient or the employee or
agent responsible for delivering this message to the intended recipient,
you are hereby notified that any dissemination, distribution, or copying
of this communication is strictly prohibited. If you have received this
communication in error, please notify us immediately by reply or by
telephone (call us collect at 512-343-9100) and immediately delete this
message and all its attachments.
