This content has been marked as final.
Show 3 replies
-
1. Re: Layer 7 LB + SSL question
jfclere Jun 25, 2009 2:36 AM (in response to viniciuscarvalho)What is a " layer 7 switch"? - Please explain -
You have to use AJP to forwarding the ssl information to JBoss.
Or configure the " layer 7 switch" so that is behaves like httpd as described in http://www.jboss.org/community/wiki/SSLModproxyForwarding.
Or tell the http port is secure in the connector by having secure="true" in the connector (in server.xml) but that is only if you don't use client certificates to make the authentication. -
2. Re: Layer 7 LB + SSL question
viniciuscarvalho Jun 25, 2009 2:49 PM (in response to viniciuscarvalho)"jfrederic.clere@jboss.com" wrote:
What is a " layer 7 switch"? - Please explain -
You have to use AJP to forwarding the ssl information to JBoss.
Or configure the " layer 7 switch" so that is behaves like httpd as described in http://www.jboss.org/community/wiki/SSLModproxyForwarding.
Or tell the http port is secure in the connector by having secure="true" in the connector (in server.xml) but that is only if you don't use client certificates to make the authentication.
http://en.wikipedia.org/wiki/Multilayer_switch. Its a ordinary router with a ssl accelerator. We got it working by using the secure=true, but that was not the desired since now, even with the user accessing a confidential context through http he can access it with no problems.
We are still trying different approaches (like having an Apache in front of jboss in order to forward traffic through AJP)
Regards -
3. Re: Layer 7 LB + SSL question
jfclere Jun 26, 2009 7:31 AM (in response to viniciuscarvalho)Apache httpd fronting JBoss is probably what you need. We will be happy to help :-)