Is web server in front of app server necessary?

We have apache 2 in front of Jboss. I am wondering what are the
benefits of having apache in front of Jboss. Why not just have jboss?
I am sure there are reasons why people design it this way and prefer
it this way.

In our configuration apache is pretty much the pass through to Jboss
using mod jk.

------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: Is web server in front of app server necessary?

if only a java/servlet website, apache httpd is not necessary.

Best regards,
Sharl.Jimh.Tsin

------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: Is web server in front of app server necessary?

Thanks Should we be concerned about security? Is httpd more secure
than jboss or tomcat?

On Sun, Mar 14, 2010 at 7:27 PM, 夏蒸é‘=AB imsoft.co.cc> wrote:
> if only a java/servlet website, apache httpd is not necessary.
>
> Best regards,
> Sharl.Jimh.Tsin
>
> ------------------------------------------------------------ ---------
> The official User-To-User support forum of the Apache HTTP Server Project=
..
> See for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>   "   from the digest: users-digest-unsubscribe@httpd.apache.or=
g
> For additional commands, e-mail: users-help@httpd.apache.org
>
>

------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: Is web server in front of app server necessary?

maybe,I don't know.
but there is one point that we must believe.
that is,tomcat's stable version is more secure than devel version of httpd.

Best regards,
Sharl.Jimh.Tsin

------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: Is web server in front of app server necessary?

On 3/15/2010 8:52 PM, 夏蒸鑫 wrote:
> maybe,I don't know.
> but there is one point that we must believe.
> that is,tomcat's stable version is more secure than devel version of httpd.

Really?

You have over a century, perhaps 2 centuries of security experience among the
experts who monitor httpd commits, and that is only the core developers who aren't
out to profit over httpd's flaws to become blips on the httpd radar. Hundreds of
researchers are watching httpd commits for the opportunity to say 'gotcha', and
hundreds more for the opportunity to quietly exploit a vulnerability.

It will be nice once the tomcat project grows to such proactive oversight.

All that said, neither is 'better'; the advantage of running httpd in front of
a tomcat server is that one is likely to avert an exploit in the other, due to the
fact that you have two sets of parsers in place, each rejecting bogus requests, so
the chances of a defect in one server showing up are significantly minimized.

------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: Is web server in front of app server necessary?

2010/3/16 William A. Rowe Jr. :
> All that said, neither is 'better'; the advantage of running httpd in front of
> a tomcat server is that one is likely to avert an exploit in the other, due to the
> fact that you have two sets of parsers in place, each rejecting bogus requests, so
> the chances of a defect in one server showing up are significantly minimized.

ok,William.you are RIGHT.
I agree with you.

Best regards,
Sharl.Jimh.Tsin

------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: Is web server in front of app server necessary?

--8w3uRX/HFJGApMzv
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Well, another possible advantage is that there are oodles of mod_this,
mod_that for HTTPD, which implement all manner of extensions and
modifications that people have found useful. You may want some of
those extensions or modifications. I haven't seen nearly as many such
add-ons for Tomcat. It may be easiest to get the behavior you need by
getting HTTPD to do some of it and Tomcat the rest.

So, there are cases in which it's better to put Tomcat behind HTTPD
and other cases in which you gain nothing but complexity by doing
that. Needless complexity is worse than no needless complexity. So
the best choice depends on what you need to accomplish.

--=20
Mark H. Wood, Lead System Programmer mwood@IUPUI.Edu
Friends don't let friends publish revisable-form documents.

--8w3uRX/HFJGApMzv
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)

iEYEAREDAAYFAkuiP5kACgkQs/NR4JuTKG+KHgCfbAu3/BtObPLMa0l1JS12 I04b
+4IAoKq9W6PXfnDhZ77bm3+aMFCTVxdZ
=Vi8E
-----END PGP SIGNATURE-----

--8w3uRX/HFJGApMzv--

Re: Is web server in front of app server necessary?

Thanks. We have our webservers only for the reason that we don't want
to have our application servers directly exposed to the internet
clients. William made a very good point of having 2 parsers makes it
more secure.

On Thu, Mar 18, 2010 at 7:58 AM, Mark H. Wood wrote:
> Well, another possible advantage is that there are oodles of mod_this,
> mod_that for HTTPD, which implement all manner of extensions and
> modifications that people have found useful. =A0You may want some of
> those extensions or modifications. =A0I haven't seen nearly as many such
> add-ons for Tomcat. =A0It may be easiest to get the behavior you need by
> getting HTTPD to do some of it and Tomcat the rest.
>
> So, there are cases in which it's better to put Tomcat behind HTTPD
> and other cases in which you gain nothing but complexity by doing
> that. =A0Needless complexity is worse than no needless complexity. =A0So
> the best choice depends on what you need to accomplish.
>
> --
> Mark H. Wood, Lead System Programmer =A0 mwood@IUPUI.Edu
> Friends don't let friends publish revisable-form documents.
>

------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org