Hi folks,
We need a bit of help here. Our company, IONA, is big into CORBA, a
distributed object architecture, which implements IIOP, the CORBA
inter-ORB protocol.
The protocol standardization process is just reaching the stage where
firewalls are becoming an issue, and tunnelling the IIOP protocol
through a more popular protocol (such as HTTP) to get through firewalls
on the client-side is a popular solution; in fact, it may even become a
standard!
This is already how the Java JDK 1.1 Remote Method Invocation (RMI) system
suggests doing RMI through firewalls (see end for URL).
As an ex-firewaller, I know that this solution sucks and will simply result
in HTTP urls containing references to tunnelled protocols (or their
tunnel-decoding end) being blocked at the proxy, or possibly all HTTP
being banned outright in some organizations.
Our solution, instead, involves using SOCKS to traverse a client-side
firewall, and using an IIOP application proxy to talk to CORBA
servers.
Could you mail on some comments? A perspective from the firewalls lobby
could stop the HTTP tunnelling proposal getting into the CORBA
standards documentation.
Here's a few related URLs:
http://www.javasoft.com/products/JDK/1.1/docs/guide/rmi/rmi-arch.doc.html#4799
http://www.visigenic.com/BW/FAQ.html#GateKeeper
http://chatsubo.javasoft.com/email/rmi-users/0217.html
--j.
Follow-Ups:
|
|
