• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
  • Mikalai Zaikin

How does Mod_JK connector work?

Posts: 1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I'm in the process of configuring Apache and Tomcat to run on separate servers and using mod_jk to connect the 2. The plan is to have the Apache server sit in the DMZ and have any servlet/JSP requests forwarede to Tomcat behind our inner firewall. I've never setup this type of configuration before, but I realize it is a standard security practice. I do however, have a few questions about how HTTP traffic will flow in this configuration.

My understanding:
HTTP requests coming in from clients on the Intenet will always hit the Apache Web server and never our application server (i.e. Tomcat). Any requests to Tomcat will be forwarded from Apache on port 8009 using the AJP13 protocol.

My question is, how does the HTTP response get back to the client? Does the client see the response as coming from the Apache server or the Tomcat server? When I browse the Apache Web server and hit a JSP or servlet, the URL location in my browser changes to the Tomcat server. To me, that implies that the response came from Tomcat directly. This would mean we would have to allow traffic from Tomcat server behind the inner firewall out to clients on the internet.

Would enabling load balancing in the mod_jk connector help? We only plan on running single Tomcat instance on the backend, but I could setup load balancing with a single worker.

Posts: 11604
Hibernate jQuery Eclipse IDE Spring MySQL Database AngularJS Tomcat Server Chrome Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
as far as i know:

your apache webserver is connected with mod_jk2 to the tomcat application server. when a client asks for a jsp on the internet, this request goes to the apache webserver. if you configured it well, it sees that's it is a jsp (or a servlet) and forward it to the tomcat application server. He does the processing and sent the response back to the apache webserver that returns it to the client, so no connection/traffic between client on the internet and your application server (e.g. tomcat).
Ranch Hand
Posts: 245
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
As Roel indicated the mod_jk or mod_jk2 shared library/dll sits on the Apache side and forwards any requests that it is configured for to Tomcat. This might be something like *.jsp or, perhaps, an entire web application like /mywebapp. Apache simple funnels the reponse from Tomcat back to the browser. At no time is the browser ever directly connected to Tomcat.

Virtual hosting works basically the same way. You can configure each virtual host in Apache and, optionally, have some of the virtual hosts have a Tomcat component and others not. Indeed, I have Apache forward different web apps for different virtual hosts. Not all of my virtual hosts have a need for Tomcat so I have fewer virtual hosts defined in Tomcat than in Apache.
Maybe he went home and went to bed. And took this tiny ad with him:
a bit of art, as a gift, that will fit in a stocking
    Bookmark Topic Watch Topic
  • New Topic