Craig R. McClanahan wrote:
That's what I meant by my option 1. After skimming http://jakarta.apache.org/tomcat/tomcat-4.1-doc/config/jk.html, I now see that Apache->Tomcat does in fact work remotely. Right? Are there problems pushing JK through firewalls?On Sat, 14 Dec 2002, David Graham wrote:Date: Sat, 14 Dec 2002 13:23:40 -0700 From: David Graham <[EMAIL PROTECTED]> Reply-To: Struts Users Mailing List <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: Re: Struts application & infrastructure choices It should be fairly easy to implement this and do some performance testing. Your DAOs will be the only piece that changes to use RMI. You might try just using straight sockets because RMI is another layer on top of sockets which may slow you down.A completely different approach to consider would be running something like Apache in the DMZ, and put Tomcat behind the firewall as well. Then, you could continue to use your existing DAOs without exposing them on the DMZ machine.
If this works, it is probably the easiest way to go, requiring the least application change, most likely the best performance and also the best security, since there's not much "exposed" on the Apache server.
DavidCraigFrom: "Aymeric Alibert" <[EMAIL PROTECTED]> Reply-To: "Struts Users Mailing List" <[EMAIL PROTECTED]> To: "<\"Struts Users Mailing List\"" <[EMAIL PROTECTED]> Subject: Struts application & infrastructure choices Date: Sat, 14 Dec 2002 10:38:19 -0600 Hello, We are successfully running a large struts application. We designed it using a 'classic' architecture: - A Tomcat server running the application in our DMZ. - Use of Struts for our front-end and implementation of the DAO pattern to isolate our Data Access layer. Even if everything runs on the same server. - Use of DBCP pooling from Tomcat to access our Oracle database. Looking ahead, I can see needs for JMS connectivity or connection to various type of data sources within our company and to communicate with our partners. Also, our security team does not like having a Tomcat server in the DMZ accessing more and more internal information systems. We would like to take our infrastructure to the next level. I was thinking of introducing an Application Server within our firewall. It will implement our Data Access connectivity and the DAO on the Web Server will use RMI to access it. I am a little afraid of performance degradation by introducing RMI between the Web Server and Application Server. Also deployment will probably be more complex. Another solution would be to have both Web Server and App Server running on the same box in the DMZ. But that does not solve my security concerns. I don't have much experience with application servers and would not need the full features of a J2EE app server (at least not right now). Am I on the right path? Does someone have advices or best practices to follow? Aymeric._________________________________________________________________ The new MSN 8: advanced junk mail protection and 2 months FREE* http://join.msn.com/?page=features/junkmail -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>-- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
-- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
