aspose file tools*
The moose likes Architect Certification (SCEA/OCMJEA) and the fly likes Part 2 : Security between Web Server and Application Server Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Certification » Architect Certification (SCEA/OCMJEA)
Bookmark "Part 2 : Security between Web Server and Application Server" Watch "Part 2 : Security between Web Server and Application Server" New topic
Author

Part 2 : Security between Web Server and Application Server

Benoît de Chateauvieux
Ranch Hand

Joined: Aug 10, 2007
Posts: 183
Hi All,

I'm working on my Part 2 assignment and I choose a distributed architecture.
I have a Web Server located in a DMZ and an Application Server located in the company's intranet.

I have the following questions:
1/ Do I need to secure the RMI communications between the Web Server and the Application Server ? or can I assume that the firewall will do the job ?
2/ Do I need to establish a "trust domain" between my two servers ? How can I do it ?
3/ Do I need to secure my EJB ? Do I need to login in the application server ?

Thanks a lot for your help.

Benoît


SCJP5 | SCBCD5 | SCEA5 Part 1
J Gupta
Ranch Hand

Joined: Jul 16, 2008
Posts: 30
1. Usually in a real world enviornment you do not need to, your webserver is in DMZ and app server is in inner firewall. I believe it is fair to assume that whoever is in your company network is not trying to break in
2. In my opinion declarative J2EE roles based security is practical, since your app server is in inner firewall you do not worry about requests coming from internet directly to your app server
3. Security context can be propagated to you app server from web server
vikram kumar
Ranch Hand

Joined: Aug 01, 2005
Posts: 58

Hi Benoît,

Do you plan to mention all the above in your assemptions section or in deployment archicture?

Regards,
Kumar
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Part 2 : Security between Web Server and Application Server