Why IIS before Weblogic Server?

[henpat123]

Hi,
I heard that some of the application (Java Based) use IIS as the Web Server and then WebLogic as the application server..although Weblogic itself can act as webserver also(right?). One of the reason mentioned was that all the static pages, images etc can be kept in the IIS box, thereby if there a static page request then there is no need to go to the application server..that makes sense.

But is there any reason from the security stand point..if yes what exactly is the reason?

henry

 

[sedj]

There is little point from a security perspective IMO. IIS is probably more open to vulnerabilities than a servlet container is.

--------------------------------------------------
Free Database Connection Pooling Software

http://www.primrose.org.uk

 

[henpat123]

So that mean using IIS in between, from the Security Stand-Point,is not a good idea.

Is there any other good reason to have such an architecture?

henry

 

[sedj]

It depends on how you feel about MS insecurities, and their vulnerabilities in the past to exploits. I'd rather use Apache as a front end to be honest.

>>> Is there any other good reason to have such an architecture?
You server images & static content quicker - if you have a lot of images, html files, pdfs etc, then its probably a good idea.

--------------------------------------------------
Free Database Connection Pooling Software

http://www.primrose.org.uk