Campbell, Lance wrote:
I have a web server and an application server. I use mod_jk to
communicate between apache2.0 and tomcat 6. I don't believe the
communication between apache and tomcat is secured by default. Is there
a way to have it send the information in a secure way.
I do not presume to know the sensitivity of the data passing between
your webserver and your application server, not the physical topology of
your network, nor the real possibility of the data being compromised,
nor the real capabilities of your servers.
But if you were to make an SSL connection between the front-end and the
back-end, you would more than double the encryption overhead.
Supposedly, the clients already connect to Apache via HTTPS, and Apache
has to decrypt the data on the way in, and encrypt it on the way out
to/from the client. That will remain the case anyway. But if Apache has
to communicate with the Tomcat back-end via SSL, it will need to do the
same encryption/decryption for all the data a second time, and Tomcat at
its end also.
That is true no matter which method you would use, tunnel or HTTPS proxy.
It may be a necessity, and it may be affordable, but it should not be a
decision taken lightly thinking it is free of consequences.
A crossover cable is less exciting, but may be much cheaper.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
