mod_jk is dead. Long live mod_proxy_ajp

It appears that there is *yet another* change coming to the recommended way to connect Tomcat to Apache. I've tried mod_proxy, mod_webapp, mod_jk and mod_jk2 - well it appears that the new direction is mod_proxy_ajp.

mod_proxy allows Apache to proxy requests to other systems. Before Apache 2.2 it would only work with FTP and HTTP, but now it handles AJP too.

So before Apache 2.2 you could rule out mod_webapp (easy to configure, but obsolete) and mod_jk2 (unsupported and fallen behind mod_jk v1!) and your choice was mod_proxy (easy to get working but easy to create a security hole) or mod_jk (harder to configure but generally better).

If you can avoid the security hazards, it looks like mod_proxy_ajp may soon be a better option from Apache 2.2 and on. Either that or it’s just going to be another way to confuse everyone.

The next change I expect is that someone equipped with GCJ is going to come up with mod_tomcat - just compile the whole thing as an Apache module and forget all this connector nonsense!

Does anyone have experience of how mod_proxy_ajp performs?

Update: For more information on picking a connector you might want to consider:

• The Tomcat FAQ
• Confluence notes on the same