Thanks Noel >>If the connector between the web server and tomcat is secure...
Are you referring to the apache connector for tomcat? What if I'm using tomcat as the web server, without Apache? -----Original Message----- From: Noel J. Bergman [mailto:[EMAIL PROTECTED] Sent: Wednesday, June 18, 2003 3:55 PM To: James Users List Subject: RE: SMTP > Only problem is that I wasn't planning on putting Tomcat on the server > with the ssl certificate - yet. I wanted to have java/james/tomcat on > a server & web server with ssl on dif machine. If the connector between the web server and tomcat is secure, then you are fine. Otherwise, an intruder could attempt connecting to tomcat directly on the second machine. Also, if you have the password conveyed over the connector, it is possible that it could be sniffed. The issue, at this point, is just a webapp security topic. Please note (http://jakarta.apache.org/tomcat/tomcat-4.1-doc/ssl-howto.html): "When running Tomcat primarily as a Servlet/JSP container behind another web server, such as Apache or Microsoft IIS, it is usually necessary to configure the primary web server to handle the SSL connections from users. Typically, this server will negotiate all SSL-related functionality, then pass on any requests destined for the Tomcat container only after decrypting those requests. Likewise, Tomcat will return cleartext responses, that will be encrypted before being returned to the user's browser. In this environment, Tomcat knows that communications between the primary web server and the client are taking place over a secure connection (because your application needs to be able to ask about this), but it does not participate in the encryption or decryption itself." --- Noel --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]