• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

inside inner firewall

 
Greenhorn
Posts: 15
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I posted this question direct do here is the question and answer:
Any further comments and discussion is appreciated.
AB> I want to design a site that uses JSP's on the front (in the web tier, inside internet firewall for Http), but I want the front(controller) to dispatch requests to other servlets/jsp/beans inside the application server (inside 2nd firewall) to provide added security to my business logic which will inevitably access our database.
Answer #1:
The solution to this all depends on how you have your second level firewall configured. Fairly obviously you can only talk through it using ports and protocols which it allows, from hosts it allows to do so. I don't know how you have it set up, or indeed how much flexibility you have to configure it.
The simplest solution is if the second firewall allows basic HTTP
traffic from the servers in the web tier. If so you can just use HTTP on port 80 - open a URL from your outer servlet and send a HTTP request to the inner ones, then gather up the reply and present it to the user.
If basic HTTP is a no-no, the you will have to use some connection which is allowed. if you can open a direct socket connection through a particular port on the inner firewall, then you can either run your inner servlet container listening to that port or redirect it to 80 in the firewall and still use HTTP. Otherwise use what you can, even if it means knoocking together a custom server which listens on some port and spawns threads which in turn talk to the inner servlet container from inside the inner firewall. A server like that should be less
than 50 lines or so of Java.

 
Andrew Brodie
Greenhorn
Posts: 15
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Also,
if anybody could provide a link or some sample code for these approaches!
I would like to see a real simple application of how this would work assuming the inner firewall allows the HTTP request.
>open a URL from your outer servlet and send a HTTP
>request to the inner ones, then gather up the reply and present
>it to the user.
Assuming no HTTP, how would I accomplish this?
>If basic HTTP is a no-no, the you will have to use some
>connection which is allowed. if you can open a direct socket
>connection through a particular port on the inner firewall, >then you can either run your inner servlet container listening
>to that port or redirect it to 80 in the firewall and still use
>HTTP.
 
Try 100 things. 2 will work out, but you will never know in advance which 2. This tiny ad might be one:
a bit of art, as a gift, that will fit in a stocking
https://gardener-gift.com
reply
    Bookmark Topic Watch Topic
  • New Topic