-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Leo,
On 3/7/14, 10:44 AM, Leo Donahue wrote: > Who uses more than one Service in their server.xml and why? I get > that you can have multiple Connectors if you have multiple Service > components but why use multiple connectors? You can already have multiple <Connector>s per <Service> but the difference is that all Connectors in Service can access all web applications in that Service. > Are there any docs on the use cases for these features? Let's say that you wanted to deploy a non-secure webapp (/open) and a secure webapp (/secure). And let's say that you were terribly paranoid about proper setup: you want to make sure that nobody can access your /secure webapp without going through HTTPS. If you were to simply do this: <Service> <Connector port="80" /><!-- let's just be brief --> <Connector port="443" /> <Host appBase="webapps" /> </Service> ... then anyone could access either web application via http:// and https://. (Of course, you'd set "CONFIDENTIAL" in your web.xml, but remember, we're being paranoid, here). Instead, you can do this: <Service> <Connector port="80" /><!-- let's just be brief --> <Host appBase="insecure-webapps" /> </Service> <Service> <Connector port="443" /> <Host appBase="secure-webapps" /> </Service> This way, anyone requesting http:///secure would get a 404. I'm sure you could come up with a real-world use-case for the above, because it's obviously not a very good example I've laid out there. Perhaps a better use-case might be something like a server connected to several VPNs where services need to be separated by port number for isolation. (I'm not sure why you'd isolate the port numbers in that case and not also isolate the JVMs, but it's just a thought). - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQIcBAEBCAAGBQJTGfXBAAoJEBzwKT+lPKRYCNkP/RQGPUhkgiKzV3iaNPyC1JFL Mo3qSvGu3oAsDeTIeDKNacTZD7xfizdcP8xi3ejL5MlW/QuNhIqxg1G2FURheHMU 7WyNWVlZQOizzbxuhiCQAcJjo09fZO1Mb5EdbXsFEXnSUU87lWjLcL+N/tfb7BKS tV6Xyaal1quiPDkS1tzQ/qwCCfmwY1MjUlMrfswi0tyLhWujT9RCSrIUUXrdTw4D bPZep6Yt3bSP7qRDBBIsK3cJi+9mj4oubqZhoFKfikgPMNZhU/42Yz37iXsPhrKy /2GhanXQGffdsU7+dMppTcHVleD8028mTzR9C3kjvXfsBK48I3WF/GzIVcmfuIVs tPV1ww+1isGT87x5UygFa0PfiwYmVIQf1KlZSaKUIN9TiqaViD3p6gOKxWbRz7G3 wOumLEy2MwjOAKtkQ67wMhj8IDcQ3blcHTP2XPxGffrJGdj8s5bu5Z/XAd3V1faX w5Z6UlYahMlq5wLYFTUtkr/OMCtypDqEEbs+t/MTF8UglKDA9MrGO2qBEP96bi0W mtFyfGmn0iKbQz524+V1TgRxcHc5Yt7Rnm+fyjNtjU+yWpAmJ4btR7BIB0MnnYss T21nZSacou+69SlDteQvPC8uEBi77sIEdSOryYWJT9VlIpSEUgi/fJN4b61GLrvt V7Eik97M/yRtQhufMsIj =61K/ -----END PGP SIGNATURE----- --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
