Hi! Two question, one problem.
I've an application running on tomcat 5.5. And before it apache is running. The primer aim is to join tomcat application session with ssl session to avoid session hijacking. 1.) Which mod should I use? Configuration: Apache and Tomcat are running on same pc. I expect low traffic, because it's an intranet application. I've read about mod_jk, mod_jk2, mod_proxy [1], mod_proxy_ajp [2] According to Apache FAQ [3] and JBoss FAQ [4] only mod_jk or mod_proxy_ajp should be used. What are the differences? 2.) How to join application and SSL session? I've read in an old tomcat-apache-ssl documentation [5] that mod_jk is able to forward SSL session information to tomcat. So I wonder, how configure tomcat using ssl session as application session. Perhaps you can help me. Bye, Michael [1] http://httpd.apache.org/docs/2.0/mod/mod_proxy.html [2] http://httpd.apache.org/docs/2.2/mod/mod_proxy_ajp.html [3] http://tomcat.apache.org/faq/connectors.html#vs [4] http://wiki.jboss.org/wiki/Wiki.jsp?page=ModJK_FAQ [5] http://tomcat.apache.org/tomcat-3.3-doc/tomcat-ssl-howto.html -- Michael Decker [EMAIL PROTECTED] TESIS SYSware GmbH http://www.tesis.de Baierbrunnerstr. 15 * 81379 Muenchen * Tel. +49 89 747377-0 --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]