John Renne <j...@gniffelnieuws.net> wrote: >Can I ask you what you consider insecure about AJP by the way?
AJP is, apart from some simple encoding of a few headers which are easily decoded, a plain text protocol. There is zero encryption. Hence it is not secure. I suggest you read the AJP protocol definition in the docs. Anyone who considers AJP a secure protocol is clearly clueless when it comes to security. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
