chenk...@126.com wrote: > > > > > > hi:? ??? ? I'm using apache + tomcat to build my website。The tomcat ?provide > http service and apache provide both http/https。I tried two method to > implements: > by mod_proxy:ProxyPass "/" "balancer://mycluster/" stickysession=JSESSIONID > nofailover=On? > ProxyPassReverse "/" "balancer://mycluster/"? > <Proxy balancer://mycluster>? > BalancerMember http://127.0.0.1:8080 route=tomcat1? > BalancerMember http://127.0.0.1:8081 route=tomcat2? > </Proxy> > by mod_jk:I didn't know how to convet https to http like mod_proxy >
Hi. Your email format is a bit bizarre. Try to set up your email program to send emails to the list as "plain text". About your question, here are some semi-graphic explanations about how you can connect Apache httpd to Tomcat. There are many ways. <- xxx -> indicates the protocol used. configuration 1 : using mod_proxy_http and simple HTTP all the way : browser <- HTTP -> Apache httpd + mod_proxy_http <- HTTP -> Tomcat HTTP Connector <-> Tomcat webapp configuration 2 : using mod_proxy_http and HTTPS from browser : browser <- HTTPS -> Apache httpd + mod_proxy_http <- HTTP -> Tomcat HTTP Connector <-> Tomcat webapp configuration 3 : using mod_proxy_http and HTTPS all the way : browser <- HTTPS -> Apache httpd + mod_proxy_http <- HTTPS -> Tomcat HTTPS Connector <-> Tomcat webapp (Note : this is quite inefficient if Apache httpd and Tomcat are on the same host (or connected via a secure link), because all data gets encrypted/decrypted multiple times) configuration 4 : using mod_proxy_ajp : browser <- HTTP -> Apache httpd + mod_proxy_ajp <- AJP -> Tomcat AJP Connector <-> Tomcat webapp configuration 5 : HTTPS variant of using mod_proxy_ajp : browser <- HTTPS -> Apache httpd + mod_proxy_ajp <- AJP -> Tomcat AJP Connector <-> Tomcat webapp configuration 6 : using mod_jk : browser <- HTTP -> Apache httpd + mod_jk <- AJP -> Tomcat AJP Connector <-> Tomcat webapp configuration 7 : HTTPS variant of using mod_jk : browser <- HTTPS -> Apache httpd + mod_jk <- AJP -> Tomcat AJP Connector <-> Tomcat webapp AJP is a protocol that is not the same as HTTP/HTTPS. But it transports the same information as HTTP/HTTPS, and for the Tomcat webapp (and the browser) it is the same. The setups of mod_jk and mod_proxy_ajp are different, but they offer generally comparable options. Choosing one or the other is generally a question of personal preference, or of availability on any given OS platform. There is no "secure variant" of the AJP protocol (iow there is no AJPS e.g.). This does not really matter if the connection between Apache httpd and Tomcat in inside the same host, or (in many cases) if the connection between Apache httpd and Tomcat happens over your local LAN, and you are not concerned by "men-in-the-middle" there. In configurations 2, 5 and 7, only the part browser <--> Apache httpd is under HTTPS. That is generally called "terminating HTTPS at the Apache httpd level". But in all cases, if Tomcat needs to know some details about the browser HTTPS connection, it can get them, because the connector modules can forward that information via HTTP headers (or AJP "attributes"). --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
