posted by 은이종 은이종 2016. 1. 28. 11:49
AJP
  • Not a binary protocol
    • Common headers and values encoded
    • Other values in plain text
    • Request and response bodies in plain text
  • Request headers must fit in a single AJP message
    • Default 8192
    • Max 65536
  • Supports passing of SSL termination information
  • Does not directly support encryption
    • IPSec, VPN, SSH tunnel, etc.
 
HTTP
  • Clear text protocol
    • Easy to read
  • No limit on request header size
  • Does not directly support providing SSL termination information
    • Can be added by httpd using custom headers
    • Can be processed by Tomcat using the SSLValve (undocumented)
  • Supports encryption via HTTPS
 
AJP vs. HTTP
  • If terminating SSL at httpd and you need the SSL information
    • Use AJP
  • If you need to encrypt the httpd to Tomcat channel
    • Use HTTP
  • If you need both
    • Use HTTP
    • It is (usually) easier to pass SSL information over HTTP than it is to encrypt AJP
  • If you need neither
    • Pick the one you are more familiar with – debugging problems will be easier
 
mod_jk
  • Only supports AJP
  • Developed by the Tomcat committers
  • Non-httpd style configuration
  • More complex URL mappings are simpler to write
  • Binaries only provided for Windows
 
 
mod_proxy
  • Supports AJP and HTTP
  • Included as standard with httpd
  • Uses httpd style configuration
  • More complex URL mappings are trickier to write
  • Binaries provided for most platforms

'Linux' 카테고리의 다른 글

리눅스 CPU Load Average의 위험 범위  (0) 2017.05.12
weblog expert  (0) 2016.04.22
AJP vs HTTP  (0) 2016.01.28
SSL 인증서 비밀번호 제거 확인  (0) 2015.12.30
SSL 인증서 알고리즘 정리  (0) 2015.12.16
Xshell 세션 생성 배치파일  (0) 2015.09.22

댓글을 달아 주세요