Standalone or IIS-fronted Tomcat for the IdP on Windows?

Peter Schober peter.schober at
Thu Aug 2 11:38:53 EDT 2012

* Andrew Webb <andrew.webb at> [2012-08-02 17:33]:
> Installing the IdP using the IdPQuickInstall method (.msi installer), Tomcat
> is installed in standalone mode.
> Is your recommendation to keep it this way, or to front it by IIS

If you /need/ something else other than the servlet container (as
webserver) on that machine you have your answer.

> I would expect that our servers would be running other websites
> other than the Shib IdP.

Since an IdP is security software it might not be indicated to put
completely unrelated stuff onto the same box. That would just open up
more potential attack vectors,

More information about the users mailing list