Hi!
Two question, one problem.
I've an application running on tomcat 5.5. And before it apache is running.
The primer aim is to join tomcat application session with ssl session to
avoid session hijacking.
1.) Which mod should I use?
Configuration: Apache and Tomcat are running on same pc. I expect low
traffic, because it's an intranet application.
I've read about mod_jk, mod_jk2, mod_proxy [1], mod_proxy_ajp [2]
According to Apache FAQ [3] and JBoss FAQ [4] only mod_jk or
mod_proxy_ajp should be used.
What are the differences?
2.) How to join application and SSL session?
I've read in an old tomcat-apache-ssl documentation [5] that mod_jk is
able to forward SSL session information to tomcat. So I wonder, how
configure tomcat using ssl session as application session.
Perhaps you can help me.
Bye,
Michael
[1] http://httpd.apache.org/docs/2.0/mod/mod_proxy.html
[2] http://httpd.apache.org/docs/2.2/mod/mod_proxy_ajp.html
[3] http://tomcat.apache.org/faq/connectors.html#vs
[4] http://wiki.jboss.org/wiki/Wiki.jsp?page=ModJK_FAQ
[5] http://tomcat.apache.org/tomcat-3.3-doc/tomcat-ssl-howto.html
--
Michael Decker [EMAIL PROTECTED]
TESIS SYSware GmbH http://www.tesis.de
Baierbrunnerstr. 15 * 81379 Muenchen * Tel. +49 89 747377-0
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
