SSL Performance
Paul Harrison
pharriso at eso.org
Thu Mar 15 06:25:59 EDT 2007
On 12.03.2007, at 14:52, Marvin S. Addison wrote:
>> From the folks I've talked to, many front Tomcat with Apache for
> superior SSL performance. This is the common Apache + Tomcat/mod_jk
> solution that Stephen described.
>
> We have an alternative that we are very happy with, that leverages the
> SSL performance of Apache with the simplicity of a Tomcat-only
> solution.
> As of (I believe) Tomcat 5.5.x, there is a "native" HTTP connector
> that
> is a JNI wrapper around the Apache Portable Runtime (APR), that
> underlies Apache. The beauty of this approach is that you get near
> native code performance for Tomcat connection handling, including SSL
> encryption. You simply install the APR native connector and configure
> Tomcat to use it via server.xml. If you're interested in this
> approach,
> you can read more at http://tomcat.apache.org/tomcat-5.5-doc/apr.html.
Does this solution allow you to do SSL client authentication and
obtain the details (e.g. the distinguished name) of the certificate
inside Tomcat code?
Paul Harrison
ESO Garching
www.eso.org
More information about the cas
mailing list