Java-monitor, JVM monitoring made easy <- right here on Java Ranch
The secret of how to be miserable is to constantly expect things are going to happen the way that they are "supposed" to happen.
You can have faith, which carries the understanding that you may be disappointed. Then there's being a willfully-blind idiot, which virtually guarantees it.
The secret of how to be miserable is to constantly expect things are going to happen the way that they are "supposed" to happen.
You can have faith, which carries the understanding that you may be disappointed. Then there's being a willfully-blind idiot, which virtually guarantees it.
Marco Ehrentreich wrote:
@Tim McGuire: What exactly do you mean? Tomat 6 doesn't even provide this script, if I know it correctly. Do you want to enable SSL or setup SSL? Enable - maybe. To setup there are definitely more things to do like generating a key store / X.509 certificate.
Marco
The secret of how to be miserable is to constantly expect things are going to happen the way that they are "supposed" to happen.
You can have faith, which carries the understanding that you may be disappointed. Then there's being a willfully-blind idiot, which virtually guarantees it.
If you simply want to SSL-protect all webapp access, set the transport mechanism in web.xml. I normally have "public" URLs and private ones, since I like to have my app's home page visible to all, but then again, I'm soliciting public access. You can set the URL pattern to "*" and require all URLs for that app to be secure.
Server.xml defines what and where, but as I understand it, the webapp definition (web.xml) determines what protocols are bound to what URLs and not the container.
chances are, any requests coming from a DHCP-assigned source are going through NAT, so the source IP address(es) for that particular network are likely to be limited.
The secret of how to be miserable is to constantly expect things are going to happen the way that they are "supposed" to happen.
You can have faith, which carries the understanding that you may be disappointed. Then there's being a willfully-blind idiot, which virtually guarantees it.
Tomcat's web.xml is the default webapp's web.xml, so it doesn't apply to user-supplied apps.
It definitely sounds like you should be fronting external access with Apache HTTPS ( or maybe squid) and firewalling port 8080. That way you don't have to change anything in Tomcat or the webapps. It's about the simplest way to get things done.
If you want to be really paranoid, yet allow yourself dialin from anywhere in the world, try a port-knocking setup. It will allow to to send a "secret message" that will open up the firewall for whatever source IP you're coming from.
I haven't run Apache on Windows in a while, so I don't know how easy it is these days.
Did you see how Paul cut 87% off of his electric heat bill with 82 watts of micro heaters? |