squid - apache - tomcat
Hallo:
I want to create a squid - apache - tomcat installation:
- Squid: Reverse proxy for authentication/authorization.
- Apache: Static data.
- Tomcat: jsp, servlets.
What I try:
users ---> squid
and
squid ---(static)-------> Apache
squid ---(jsp,servlet)--> Tomcat
User connects to squid and squid connect to Apache for static data and Tomcat for jsp.asp.
Questions:
1 - How can I say to squid to send .jsp and servelets to Tomcat and static data to Apache?
2 - Users have access to all servers. So If I put Apache/Tomcat listening on 127.0.0.1 of squid server, there is no problem of security.
But,if Apache or Tomcat were in a different server than squid. Is there another way that IP filtering for protecting Apache/Tomcat from users directly access?
For example: squid connects to Apache/tomcat with a password or certificate, ...
Any different way to IP filter access?
Thanks
|