Hi, I am in need of some advice. My current setup is a web application running on Jboss which serves static and dynamic content, jsp, servlets and xml on two non load balanced servers (hot spare using mysql replication). It currently uses Http Basic Authentication over SSL. This has been fine to date but since I dont use any of EJB or related features I think that it is overkill for my application, as well as being unflexible w.r.t. deployment and content management as the whole site is deployed as a single EAR. Initially it was fantastic as it was simple and easy to maintain but now every change requires a full build.
I am researching porting my site to Apache 2.2 and Tomcat, and hope to gain the following. 1. Serve the static content from apache e.g. images, clips sound, text files etc. 2. Install a CMS to offload content managment to others and also blog functionality, Wordpress seems to be the tool of choice for ease of usage and widespread usage, this seems to work fine in my test environment. 3. Maintain current servlet and jsp (including xml) functionality on tomcat. Instead of one super application I can deploy servlets as seperate applications and update them seperately. 4. Use connectors such as mod_jk to load balance and provide failover. I already have heartbeat and mod_jk installed on in high availabilty mode using workers in a test environment and this is working as expected. (Apache 2.2 and tomcat 6 running on centos 5.3). At this point I have hit a brick wall w.r.t. what to do next. I have been researching this for the past two weeks and the more I learn the more I seem to be confused. There is so much documentation on some things but almost none on others. I always fear that if there is nobody asking questions about a certain topic it either means that a) There are no problems using the technology or b) Nobody is using it at all. My main issue now is about how the authentication works between Tomcat and Apache. I would like to use both Form based and http basic authentication on protected resources running on both apache and tomcat. i.e. Form based for humans and httpbasic for XML requests over ssl. I have a user database in mysql containing username and password, roles are in another table but these could be merged if required. I also am confused by mod_jk and mod_proxy_ajp, they, seem to have much feature overlap. mod_proxy_ajp in my view suffers terribly from the missing "*.jsp" wildcard capability but has a much simpler configuration and better future prospects as it is bundled with apache 2.2. In terms of authentication, which should I use, mod_auth_mysql and mod_auth_dbm (or mod_auth_form in future or something else?) and why? In terms of single sign on how can I make the user experience seamless between static content-managed pages and jsp/servlets? Will mod_jk handle sso? This does not seem clear to me in all the pages I read. If I configure form based auth in a login.jsp page will this be relayed to apache after a redirect? What is best practise and what should I be doing? If there is some hard to find documentation out there with pointers and tips I would appreciate a few links. Expert advice is appreciated. Tony --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
