IIS Server Security - iis tomcat question???

This is Interesting: Free IT Magazines  
Home > Archive > IIS Server Security > February 2004 > iis tomcat question???





You are viewing an archived Text-only version of the thread. To view this thread in it's original format and/or if you want to reply to this thread please [click here]

Author iis tomcat question???
John McClain

2004-02-27, 2:34 pm

What we want to do is have round trip, SSL encryption when our clients use
our webapps AND not have the port number as part of the URL. There are 3
scenarios:



1) Our client is using IIS to serve their current webapps - some of
these apps could be employing SSL. How do we insure that JSP's and Servlets
that are redirected to Tomcat are talking with IIS securely - encrypted? I
understand that typical redirection from IIS to tomcat is always decrypted,
cleartext.



2) Our client is using IIS to serve their current webapps - none of
their apps employ ssl. Can (and should) we setup IIS and Tomcat so that SSL
requests go directly to Tomcat (Tomcat talks to client directly when SSL
request issued) and standard HTTP requests goto IIS?



3) Our client does NOT want to use IIS - how do you setup tomcat to be
a secure webapp server? (this is not as big a problem as numbers 1 and 2)


Sponsored Links






Free braindumps | Software forum | Database administration forum

Copyright 2003 - 2008 webservertalk.com