Nix, I am fully aware of all of this (regarding security permissions
etc) ... I am not trying to solve a problem but rather open a discussion
with the community on how people prefer to structure their systems. Some
run only Tomcat, some run multiple servers with Apache and Tomcat, some
tier the Apache and Tomcat services.
I was trying to open a discussion as to what people do and why.
My approach is usually to run Apache and Tomcat in separate tiers as I
feel the ~50-100ms delay introduced by doing so is negligible to the
security gains. I also feel that aspects of data management etc are
easier and more secure under this approach. I use the Apache layer to
handle SSL termination, compression, URL rewriting and caching leaving
the application and Tomcat clean to perform the business logic. This is
just my opinion though.
However, I don't believe that there is any one right or wrong solution,
just thought an open discussion on what people do an why might be useful
for those thinking about how they are going to design their own deployment.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
