Hi Neil, Thanks for the comments, I really appreciate hearing from someone that has actual production experience using these technologies!
To answer your question below, I *could* have all my servlets in one webapp but that would not be my preference. For example I would like the capability be able to update a single servlet that serves XML without affecting any other user interations with the server, or, more realistically, to completely deploy a new application inluding jsp/servlets into Tomcat as a customer beta and keep current applications unaffected. (We have several new applications under development!) In addition Some servlets need http basic, some form based auth and others not even ssl at all! So from your mail I understand that you only use apache to serve static pages that are not protected, thereby needing no authentication and therefore you can contain all your Auth using Tomcat. This is good, how do you handle ssl? Does Apache terminate any SSL, all ssl or only static pages? Tony On Mon, 16 Nov 2009 12:24 -0600, "Neil Aggarwal" <n...@jammconsulting.com> wrote: > Anthony: > > > I am researching porting my site to Apache 2.2 and Tomcat, and hope to > > gain the following. > > 1. Serve the static content from apache e.g. images, clips sound, text > > files etc. > > I do that will all of my JSP apps. I set up Apache on the > front end and use mod_jk to push JSP/servlet stuff into Tomcat. > It works very well and scales nicely. > > > 2. Install a CMS to offload content managment to others and also blog > > functionality, Wordpress seems to be the tool of choice for ease of > > usage and widespread usage, this seems to work fine in my test > > environment. > > That should be no problem. Wordpress is just a php app in front > of MySQL. > > > 3. Maintain current servlet and jsp (including xml) functionality on > > tomcat. Instead of one super application I can deploy servlets as > > seperate applications and update them seperately. > > Are you talking about having multiple service in one webapp or > servlets in different webapps? > > > 4. Use connectors such as mod_jk to load balance and provide > > failover. > > Like you said, this works very well. > > > My main issue now is about how the authentication works between Tomcat > > and Apache. > > I would like to use both Form based and http basic authentication on > > protected resources running on both apache and tomcat. > > i.e. Form based for humans and httpbasic for XML requests over ssl. > > I have a user database in mysql containing username and > > password, roles > > are in another table but these could be merged if required. > > I put all protected info in Tomcat and only use Apache for > sending public content. If there is a static file that > needs protecting, I use a servlet that checks if they are > logged in and then opens and streams the file back to the > user. It works well. > > > In terms of single sign on how can I make the user experience seamless > > between static content-managed pages and jsp/servlets? > > If you use one webapp with multiple servlets and serve > your protected static content from Tomcat, SSO is very > easy. > > I hope this helps, > Neil > > -- > Neil Aggarwal, (281)846-8957, http://UnmeteredVPS.net > Host your tomcat app on a CentOS VPS for only $25/month! > Unmetered bandwidth, 7 day no risk trial, Google Checkout > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
