I am facing an issue which i have explained below.
I am working on an application,which interact with any external application as below.
External application ------> Apache1 ----------> JOnAS Server(On which application is running)
In application level we have managed a IP Filtering code ,to verify the request is coming from Apache1 for security reason.
Now we have to migrate the application request flow as per our client demand into new structure below.
External application ------> Apache1 ---------->Apache2 --------> JOnAS Server(On which application is running)
Here the basic flow is any external application request to the Apache1 then it forward to Apache2 which further redirect to JONAS. Now our IP filtering in code level fails as it does not get the request from Apache1 now but from Apache2. I just want to know is it possible to rediect the request as per above structure without modifying the code level filter.
How do i validate whether the request is coming from Apache1?.
Is there any Apache level filtering or URL rewriting possible?
I have resolved the previous problem by using "X-Forwarded-For" header in request object.
but i am facing a new issue now.
The call response.sendRedirect() is setting session attribute to null when request is forwarding between Client---> Apache1-->Apache2--->JOnAS. However it works when request flow is Client-->Apache1--->JOnAS.