On 17/04/17 22:59, Mitch Claborn wrote: > I'm trying to think through the security implications of this > configuration: a single cloud server (Digital Ocean) with 2 Tomcat 8.5 > instances in a cluster, for session replication. > > I can bind the Receiver element to 127.0.0.1, which I think should > protect the actual session data from prying eyes. Is that accurate? > > The multicast-based Membership element seems to be more of a risk. I > really like the convenience of the mutlicast setup, but is that a > security risk? Should I go with static membership instead?
It depends how isolated the network used by your cloud provider is. With just two instances I'd probably go with static membership. > I found this discussion of static membership,but it is a bit old. Does > anyone know of a more recent doc? > https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2009794 > > > Are there other security considerations that I'm not thinking of? Not really. By far the most important consideration is the underlying assumption that Tomcat makes that the network used for clustering is secure/trusted. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org