pmkenna
asked on
9iAS FormsListener (6i) Servlet through Webcache on SSL
Hi,
I am tied to 9iAS R1 due to ERP app restriction - am using webcache 902 (on W2K AdvSrv) to balance 2 9iAS app servers (also on W2K AdvSrv) using Forms 6i Listener Servlet. I am setting up SSL on webcache and intend to connect webcache to app servers on non-ssl port 80.
I want users to be able to run forms from my webcache as:
https://webcache.domain.com/servlet/f60servlet........ and therefore hold the ssl connection from the webcache only.
I have configured the webcache to receive user requests on https, and configured the app servers to respond on port 80.
Two issues for me:
Where a user requests a form directly from either app server without going through the webcache, I want to deny access eg:
http://appsrv9iAS.domain.com/servlet/f60servlet........
Can I achieve this in httpd.conf (considering I'm using 6i forms servlet), or would ip filtering be a better way to go?
Also, am I correct in my thinking that when users are connected to the app servers via the webcache, that all communication is routed through the webcache connection, and not 'handed off' directly to the app server - and if the users are connected though webcache ssl, that the forms are effectively connected between webcache and the user browser over ssl, with the connection between webcache and the app servers running on non-ssl. I can secure the app server connections using ipsec.
Thanks in ernest.
Pat McKenna
I am tied to 9iAS R1 due to ERP app restriction - am using webcache 902 (on W2K AdvSrv) to balance 2 9iAS app servers (also on W2K AdvSrv) using Forms 6i Listener Servlet. I am setting up SSL on webcache and intend to connect webcache to app servers on non-ssl port 80.
I want users to be able to run forms from my webcache as:
https://webcache.domain.com/servlet/f60servlet........ and therefore hold the ssl connection from the webcache only.
I have configured the webcache to receive user requests on https, and configured the app servers to respond on port 80.
Two issues for me:
Where a user requests a form directly from either app server without going through the webcache, I want to deny access eg:
http://appsrv9iAS.domain.com/servlet/f60servlet........
Can I achieve this in httpd.conf (considering I'm using 6i forms servlet), or would ip filtering be a better way to go?
Also, am I correct in my thinking that when users are connected to the app servers via the webcache, that all communication is routed through the webcache connection, and not 'handed off' directly to the app server - and if the users are connected though webcache ssl, that the forms are effectively connected between webcache and the user browser over ssl, with the connection between webcache and the app servers running on non-ssl. I can secure the app server connections using ipsec.
Thanks in ernest.
Pat McKenna
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.