2 things: > The system is aimed to be simple, we don't want SSH/SSL > here but just a basic 'protected' login. and that you can bind the socket to 127.0.0.1:<PORT> instead of *:<PORT> through a config change. >>This level of security would cover most of the installations >>and when someone requires an additional level of security or >>interface to other security mechanisms, that could be added >>later. > > We can add native SSH tunneling for example using openssh. You could do that already with no modifications to the ajp by using port forwarded SSH tunneling. Heck, you could do it with STunnel if you want to use RSA/SSL instead of SSH also without modifications to ajp. -- Nick Bauman Software Developer 3023 Lynn #22 Minneapolis, MN 55416 Mobile Phone: (612) 810-7406
- Re: [PROPOSAL AJP14] AJP13 Evolution cmanolache
- RE: [PROPOSAL AJP14] AJP13 Evolution Mike Braden
- RE: [PROPOSAL AJP14] AJP13 Evolution cmanolache
- Re: [PROPOSAL AJP14] AJP13 Evolution jean-frederic clere
- Re: [PROPOSAL AJP14] AJP13 Evolution kevin seguin
- Re: [PROPOSAL AJP14] AJP13 Evolution cmanolache
- RE: [PROPOSAL AJP14] AJP13 Evolution GOMEZ Henri
- Re: [PROPOSAL AJP14] AJP13 Evolution jean-frederic clere
- RE: [PROPOSAL AJP14] AJP13 Evolution GOMEZ Henri
- RE: [PROPOSAL AJP14] AJP13 Evolution GOMEZ Henri
- RE: [PROPOSAL AJP14] AJP13 Evolution Nick Bauman
- RE: [PROPOSAL AJP14] AJP13 Evolution GOMEZ Henri
- RE: [PROPOSAL AJP14] AJP13 Evolution cmanolache
- Re: [PROPOSAL AJP14] AJP13 Evolution Dan Milstein
- Re: [PROPOSAL AJP14] AJP13 Evolution cmanolache
- Re: [PROPOSAL AJP14] AJP13 Evolution jean-frederic clere
- RE: [PROPOSAL AJP14] AJP13 Evolution Mike Braden
- Re: [PROPOSAL AJP14] AJP13 Evolution Dan Milstein
- RE: [PROPOSAL AJP14] AJP13 Evolution GOMEZ Henri
- RE: [PROPOSAL AJP14] AJP13 Evolution GOMEZ Henri
- Re: [PROPOSAL AJP14] AJP13 Evolution Jon Stevens