All, Thanks for the thoughtful advice and replies.
To answer a few questions, belatedly, yes it would be an option to move the
admin tools to another instance of TC, as Leo suggested -- in a way a
better one, since it wouldn't need session replication, could exist on a
single server since the traf
Chris,
On 4.8.2014 22:47, Christopher Schultz wrote:
Encryption is more expensive than /not/ encrypting, but it's much
harder on the server (many connections) than it is on the client
(single-digit). Since these days, everyone is disabling compression
for SSL, the biggest problem for a dial-up c
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Mark,
On 8/4/14, 11:34 AM, Mark H. Wood wrote:
> On Fri, Aug 01, 2014 at 07:54:03PM -0400, David Kerber wrote:
>> On 8/1/2014 6:06 PM, James H. H. Lampert wrote:
> Why would you want to do that? Other than a few extra
> server CPU cycles, w
On Fri, Aug 01, 2014 at 07:54:03PM -0400, David Kerber wrote:
> On 8/1/2014 6:06 PM, James H. H. Lampert wrote:
> >>> Why would you want to do that? Other than a few extra server CPU
> >>> cycles,
> >>> what's the harm in allowing SSL anywhere at the client's discretion?
> >
> > I'm with Chuck on
Hi,
> -Original Message-
> From: John Smith [mailto:tomcat.ran...@gmail.com]
> Sent: Friday, August 1, 2014 11:43 PM
> To: Tomcat Users List
> Subject: Re: Restricting SSL access within webapp
>
> On Fri, Aug 1, 2014 at 4:34 PM, Caldarale, Charles R <
> chuck.
On 8/1/14 4:54 PM, David Kerber wrote:
I don't think the problem is so much bandwidth as it is server CPU.
Encryption and decryption are very cpu-intensive tasks.
Not to mention client CPU. (Let's face it, if somebody's on dial-up,
they're probably on an old, slow box, too. Like my G4 "bionic
On 8/1/2014 6:06 PM, James H. H. Lampert wrote:
Why would you want to do that? Other than a few extra server CPU
cycles,
what's the harm in allowing SSL anywhere at the client's discretion?
I'm with Chuck on that one.
From the docs:
Also, while the SSL protocol was designed to be as effici
On Fri, Aug 1, 2014 at 1:55 PM, John Smith wrote:
> In my webapp there's a directory '/admin' that's protected under SSL. Users
> are forced to use SSL via a security constraint in web.xml. It works great.
>
> I would also agree with Chuck and James.
Can you not move this admin app to another in
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
John,
On 8/1/14, 5:43 PM, John Smith wrote:
> On Fri, Aug 1, 2014 at 4:34 PM, Caldarale, Charles R <
> chuck.caldar...@unisys.com> wrote:
>
>>> From: John Smith [mailto:tomcat.ran...@gmail.com] Subject:
>>> Restricting SSL access within webapp
>>
Why would you want to do that? Other than a few extra server CPU cycles,
what's the harm in allowing SSL anywhere at the client's discretion?
I'm with Chuck on that one.
From the docs:
Also, while the SSL protocol was designed to be as efficient as securely
possible, encryption/decryption i
On Fri, Aug 1, 2014 at 4:34 PM, Caldarale, Charles R <
chuck.caldar...@unisys.com> wrote:
> > From: John Smith [mailto:tomcat.ran...@gmail.com]
> > Subject: Restricting SSL access within webapp
>
> > What's the correct way to selectively restrict https to only one area of
> a webapp?
>
> Why would
> From: John Smith [mailto:tomcat.ran...@gmail.com]
> Subject: Restricting SSL access within webapp
> What's the correct way to selectively restrict https to only one area of a
> webapp?
Why would you want to do that? Other than a few extra server CPU cycles,
what's the harm in allowing SSL a
12 matches
Mail list logo
