Christopher Schultz wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
André,
On 2/23/2011 2:56 PM, André Warnier wrote:
Personally, in such a case I would see the solution with an SSH or VPN
tunnel as much simpler to put in place, and requiring much less "opening
of ports".
There's nothing that says that port 8009 has to be used for AJP: you can
use HTTPS over port 8009 just as well. So, the congressional approval
necessary will only need to cover the switch from mod_proxy_ajp to
mod_proxy_http.
I would think you'd have to get approval for any of these actions... why
not just pick the one that makes the most sense and request permission
to do that?
My mistake. I thought, incorrectly, that the OP was using mod_jk as a connector right
now, and the tunnel solution then looked simpler with respect to the (lack of)
configuration changes required in that case.
But if he is using mod_proxy_ajp now, then the situation is reversed.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
