For the record, my answer was neither stupid or reflexive. I simply pointed out why someone might want 2 layers of servers (httpd and tomcat). And certainly, my rationale is both sound and arguable at the same time.
As for your assertion that 2 layers of security is just complexity and not more secure - you obviously haven't run many enterprise production systems. Security in an enterprise system is all about 'layers' of protection. And sure, if they hack one layer - they are probably good enough to hack the next layer. But that's where intrusion detection and a variety of other system come into play. It's all about slowing down the advance of the attack until you can do something about it. As for performance, have you run any load testing against tomcat vs. apache - especially on static files? Apache exceeds tomcat in performance by a large margin. When you are serving millions of pages a day, and tens of millions of static files (images, css, js, videos, audios, etc.), that makes a significant difference in the amount of hardware you have to throw at the problem. So you may be absolutely correct - it is not 'necessary' in a lot of cases. But in many production - enterprise - deployments, it can be useful to have a layer of web servers and a separately managed layer of application servers - and that same model works just fine with Apache and Tomcat. -- Robin D. Wilson Director of Web Development KingsIsle Entertainment, Inc. WORK: 512-623-5913 CELL: 512-426-3929 www.KingsIsle.com -----Original Message----- From: Leon Rosenberg [mailto:rosenberg.l...@googlemail.com] Sent: Monday, April 27, 2009 3:41 PM To: Tomcat Users List; a...@ice-sa.com Subject: Re: Why we need two servers (httpd and tomcat) On Mon, Apr 27, 2009 at 9:21 PM, André Warnier <a...@ice-sa.com> wrote: > Leon Rosenberg wrote: >> >> I'm sorry, I can't shut up my mouth on this, but you are telling myths :-) >> > And anyway, you just all forget this Java nonsense, and use Perl, as Real > Programmers do. > > That's just kidding of course, but let's keep a sense of perspective. Hello André, I don't want to start a new religious war, so I'll live most of the mail unanswered, however, one thing: > And that's also where the versatility of Apache httpd comes into play, a > versatility which Tomcat does not match and probably never will, because the > purpose of each is different. That's true, httpd is able to do everything (and nothing right:-)) but what I'm speaking up against is this stupid reflective answer "you need a httpd in front of your tomcat". You don't. There might by reasons, some of them stated by you, but also other, where its appropriate, but its not the rule, its an exception. The rule and therefore the standard answer should be: "you don't need an apache httpd in front of your tomcat unless, ..." and not "put an apache in front of your tomcat and stop thinking anyway" as it often is today. Having said that, lets close the thread anyway :-) regards Leon --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
