This week's book giveaway is in the OCAJP 8 forum. We're giving away four copies of OCA Java SE 8 Programmer I Study Guide and have Edward Finegan & Robert Liguori on-line! See this thread for details.
Hi guys, I'm developing a system what consists of applet, servlet and servers. The aim is that the applet makes an encrypted connection to the servlet what further creates a socket-connection to the selected servers. The Apache-Tomcat is running on DMZ-area and only the port 80 is opened to out-direction. This should be ok, but the socket-connection requires also that the firewall is opened to in-direction. The question is that how huge security hole we are drilling? The servlet itself is / should be secure, but how about other issues (Tomcat configuration, operating system, etc.)? Used Apache-Tomcat version is 4.0.3 and operating system is Windows 2000 Pro . If assuming that the web-server itself is secure, should I build up a process "watchdog" what closes the firewall automatically in case of web-server fall-down. Further, is there any available software to do that? Thanks in advance. Regards, Jorma