Another option would be to create your own proxies that do encryption/decryption on both ends (apache and tomcat). It should be quite straightforward if using JSSE. Or if simple encryption is sufficient (SSL is quite expensive in terms of performance), apply your own symmetric encryption algorithm.
Apache is in the process of extending the AJP 13 protocol to include security. Hopefully it will be available soon. http://tomcat.apache.org/connectors-doc/common/ajpv13ext.html ND -----Original Message----- From: Parsons Technical Services [mailto:[EMAIL PROTECTED] Sent: Sunday, February 12, 2006 11:29 PM To: Tomcat Users List Subject: Re: Encrypting ajp13 traffic Sasha, There are several ways to accomplish this, and I think it has been mentioned on the list before but I don't remember a "best way" if it was decided there is one. Options include: VPN IPSec (part of VPN) ssh isolated lan segment (if feasible, IE your side of network) There may already be something out there. If so, someone here will know. Doug ----- Original Message ----- From: "Akoulov, Alexandre" <[EMAIL PROTECTED]> To: "Tomcat Users List" <users@tomcat.apache.org> Sent: Sunday, February 12, 2006 11:01 PM Subject: Encrypting ajp13 traffic Hi all, I am wondering if there is a way encrypt the traffic between apache and tomcat when they talk to each other on ajp13. All suggestions are welcome. Kind regards, Sasha. -----Original Message----- From: Ian Buzer [mailto:[EMAIL PROTECTED] Sent: Saturday, 11 February 2006 2:44 AM To: 'Tomcat Users List' Subject: RE: Tomcat - blank page problem > Webpages seem to be loading then usually blank page > comes(totaly blank no error messages) on high traffic. I suspect this could either be your redirector cachesize is not large enough (the number of threads that the redirector will accept from IIS) or tomcat is not able to respond to all the threads that are being passed through to it. Both these will show up in the isapi redirector logs. Cache size is set in /conf/workers.properties Tomcat threads are set in /conf/server.xml (maxThreads etc. on the AJP connector) Ian --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
