> I'm looking for experience with CORBA IIOP being passed through
>a firewall. Apparently the port assignments for this are dynamic and
>the only product I have heard of that can handle this is
>"Wonderwall", an add-in for the Raptor solution. Does anyone know of
Actually to the best of my knowledge Wonderwall is a product from
IONA and slated to be bundled with their OrbixWeb product.
I've used the beta versions. It is certainly not dependent on any
particular firewall vendor/setup.
I've not looked at any other solutions - basically I stumbled across
Wonderwall shortly after doing a rough design of what a simple IIOP
proxy would need to do - and Wonderwall did 90% of what I wanted.
Wonderwall only looks at the IIOP header to decide whether the
request should be forwarded. Ideally the proxy should have available
the IDL for each of the interfaces and be able to test the request against
it. Such a proxy was developed by a project group at one of my client sites
and Wonderwall was to be used to front-end that proxy - though in
a less complex firewall you could have ditched Wonderwall entirely.
For simpler situations or low risk ones, wonderwall is probably ok by itself.
As to dynamic port assignments, the range required is usually quite
configurable and many applications can tune their requirements to the
point where only a small range is required to be allowed through the
choke router.
--sjg
for
--
Simon J. Gerraty <sjg @
quick .
com .
au>
#include <disclaimer> /* imagine something _very_ witty here */
References:
|
|
