Hi!
I have a small web application running on
tomcat and i am using IIS for security reasons. If access my application through the port of IIS like
http://ip:iisport/index.html the request goes through IIS and the NT security is implemented. But if i use the tomcat port like
http://ip:tomcatport/index.html the request is by passing the IIS and directly accessing the application.
If some one knows the port of tomcat the real security problem arises.
I want to force the users to go through IIS.
Is there any way to implement this?