Allowing the user to request web app from different port

[Guest_imported]

Hi guys,

I was just wondering if you see a problem with this...

We have a customer coming into our WAS (Websphere App Server) through a VPN. Therefore, we could just close down the port 80 and allow whatever port the application server is listening on (9080, for example) to our customer. Do you see a problem with this? Is this bad practice? If we did this, the user would have to include the port number in the url, and would therefore bypass the IBM HTTP Server that we have running with Websphere.

Any thoughts on this?

Thanks!
Scott

 

[fearo]

Hi,

According to the release notes of WebShpere v4:

WebSphere V4.0 Advanced Edition Handbook

There is now an embedded HTTP server within the WebSphere Application
Server. *******This Web server is very useful for testing purposes but should not be
used in production environments. ******* You still need a file serving servlet to serve up static HTML pages. The change isthat you end up having both static and dynamic Web files on the same application server machine.To re-iterate, this embedded Web server does not preclude the use of an external Web server.

You should be using VirtualHosts in your HTTPServer, map these to VirtualHosts in WebSphere and then protect the resources associated with them.

Regards,

Fearo