Java Mailing List Archive

http://www.junlu.com/

Home » Home (12/2007) » Apache Tomcat »

Re: the best method to secure Apache/tomcat communication

Filip Hanik

2007-01-10

Replies:

take a look at autoSSH
http://www.harding.motd.ca/autossh/

Filip

Christopher Schultz wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Lmk,
>
> lmk wrote:
>  
>> I have a question concerning the use of Apache server in front of tomcat, at
>> the present time, we use tomcat 4, AJP, apache 2.2 and mod_jk to manage load
>> balancing. it work roughly fine; but new security rules require [encrypting] the
>> traffic between 2 web servers.
>> we cant use solution like IPSEC or VPN tunnel. so, i think to replace
>> mod_jk with mod_proxy ,but, how to replace mod_jk load balancer?
>>  
>
> What about using an ssh tunnel? The only problem with that is you will
> need to monitor the ssh connection for disconnects and reconnect if
> necessary.
>
> Are all your servers in the same data center? Often, server farms will
> have a primary network interface used for communicating with the
> Internet, and then a secondary network interface to a private network
> that includes nothing but your own servers. Often, you can use a faster
> network than is available to the outside (perhaps gigabit ethernet if
> the rest of the center runs on 100baseT, or even better if your data
> center will provide it). Then, your servers can communicate on their own
> private network. As long as you trust that network, you can avoid
> encryption and enjoy better performance.
>
> - -chris
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.6 (MingW32)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iD8DBQFFpPYU9CaO5/Lv0PARAuHTAKCOG98BuTnZNm8EUaxrX9lme51yowCfSxrj
> I7If0C50/V2oGz93LL79fa8=
> =gLAI
> -----END PGP SIGNATURE-----
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@(protected)
> To unsubscribe, e-mail: users-unsubscribe@(protected)
> For additional commands, e-mail: users-help@(protected)
>
>
>
>  


---------------------------------------------------------------------
To start a new topic, e-mail: users@(protected)
To unsubscribe, e-mail: users-unsubscribe@(protected)
For additional commands, e-mail: users-help@(protected)

©2008 junlu.com - Jax Systems, LLC, U.S.A.