I posted this question direct do here is the question and answer:
Any further comments and discussion is appreciated.
AB> I want to design a site that uses
JSP's on the front (in the web tier, inside internet firewall for Http), but I want the front(controller) to dispatch requests to other servlets/jsp/beans inside the application server (inside 2nd firewall) to provide added security to my business logic which will inevitably access our database.
Answer #1:
The solution to this all depends on how you have your second level firewall configured. Fairly obviously you can only talk through it using ports and protocols which it allows, from hosts it allows to do so. I don't know how you have it set up, or indeed how much flexibility you have to configure it.
The simplest solution is if the second firewall allows basic HTTP
traffic from the servers in the web tier. If so you can just use HTTP on port 80 - open a URL from your outer
servlet and send a HTTP request to the inner ones, then gather up the reply and present it to the user.
If basic HTTP is a no-no, the you will have to use some connection which is allowed. if you can open a direct socket connection through a particular port on the inner firewall, then you can either run your inner servlet container listening to that port or redirect it to 80 in the firewall and still use HTTP. Otherwise use what you can, even if it means knoocking together a custom server which listens on some port and spawns threads which in turn talk to the inner servlet container from inside the inner firewall. A server like that should be less
than 50 lines or so of
Java.