Win a copy of Functional Reactive Programming this week in the Other Languages forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

inside inner firewall

 
Andrew Brodie
Greenhorn
Posts: 15
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I posted this question direct do here is the question and answer:
Any further comments and discussion is appreciated.
AB> I want to design a site that uses JSP's on the front (in the web tier, inside internet firewall for Http), but I want the front(controller) to dispatch requests to other servlets/jsp/beans inside the application server (inside 2nd firewall) to provide added security to my business logic which will inevitably access our database.
Answer #1:
The solution to this all depends on how you have your second level firewall configured. Fairly obviously you can only talk through it using ports and protocols which it allows, from hosts it allows to do so. I don't know how you have it set up, or indeed how much flexibility you have to configure it.
The simplest solution is if the second firewall allows basic HTTP
traffic from the servers in the web tier. If so you can just use HTTP on port 80 - open a URL from your outer servlet and send a HTTP request to the inner ones, then gather up the reply and present it to the user.
If basic HTTP is a no-no, the you will have to use some connection which is allowed. if you can open a direct socket connection through a particular port on the inner firewall, then you can either run your inner servlet container listening to that port or redirect it to 80 in the firewall and still use HTTP. Otherwise use what you can, even if it means knoocking together a custom server which listens on some port and spawns threads which in turn talk to the inner servlet container from inside the inner firewall. A server like that should be less
than 50 lines or so of Java.

 
Andrew Brodie
Greenhorn
Posts: 15
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Also,
if anybody could provide a link or some sample code for these approaches!
I would like to see a real simple application of how this would work assuming the inner firewall allows the HTTP request.
>open a URL from your outer servlet and send a HTTP
>request to the inner ones, then gather up the reply and present
>it to the user.
Assuming no HTTP, how would I accomplish this?
>If basic HTTP is a no-no, the you will have to use some
>connection which is allowed. if you can open a direct socket
>connection through a particular port on the inner firewall, >then you can either run your inner servlet container listening
>to that port or redirect it to 80 in the firewall and still use
>HTTP.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic