Thank's Bob.
But the applet has to be aware of the proxy, doesn't it ?
Because it tries to address its server...or do I miss something ?
I meant, to be able to use any applet coming in, as long as its
signature is recognized and the source is trusted.
Any more light ?
Thank's again and best regards !
Thierry A.
P.S: again, please, copy my personnal address, too. I'm not part of the
list due to low bandwidth at home.
Bob Beck wrote:
>
> >
> > Hi,
> >
> > Suppose we have a firewall with proxies only and which let no IP traffic
> > through.
> > What alternatives should be considerred to make applets running inside
> > to be able to connect to their respective servlet (if any) on the host
> > they come from (outside the FW, of course) ? (let's assume the applets
> > are authentified thank's to some signature mechanism).
> >
> > Are there specialized JAVA libraries aware of some tcp relay to contact
> > if the destination IP address is outside the local domain/firewall ?
> > Is there a well known port reserved for that ?
> >
> > Any other alternative ?
>
> Sure, if you're running a transparent proxy, have a transparent
> outbound pass-through proxy for any source port to the machine the servelets
> are running on, or in general to any. If you are going to allow a
> "tcp relay to contact if the destination is outside the firewall", you might
> as well do it this way, then there's no special changes.
>
> -Bob
Follow-Ups:
References:
|
|
