> I would like to know what are the best practices or best network > architecture I have to build around my server which hosts Tomcat and CAS ?
If you intend to build a HA CAS solution I have two high level recommendations: 1. Strive for simplicity 2. Use a real hardware load balancer/application switch I know lots of folks like to proxy Tomcat requests with Apache, but I think it increases complexity for arguably little benefit. One common justification is increased SSL performance, but with the option for Tomcat APR connectors to do that using the same underlying native code (libssl) as Apache, it is no longer a valid argument. Additionally, with the capability of modern application switches to do SSL offloading, it's even less of a justification. Send traffic through as few devices as needed to meet the requirements for throughput and availability. I would strongly recommend testing any candidate architecture for actual performance using your load testing tool of choice. We use JMeter and it's perfectly suitable for this task; see https://wiki.jasig.org/display/CASUM/Apache+JMeter for more info. Best of luck, M -- You are currently subscribed to cas-dev@lists.jasig.org as: arch...@mail-archive.com To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-dev
