Last post Jun 26, 2014 07:40 AM by PatriceSc
Jun 24, 2014 02:08 AM|swastikaeyes|LINK
Our enterprise network has 3 tier.Web,app and db tiers.We also separate our internet and intranet servers into internet and intranet zones respectively.
For intranet web services,our applications talk at the app server layer
We do not go through web layer for web services to talk
Likewise for internet web services,our applications talk at the app server layer
cross zone talking of web services are not allowed.(i.e. internet servers web services cannot talk to intranet servers web services)
Therefore the various ways our web services talk are as follows:
X web services in intranet app server talks to Y web services in intranet app server
X web services in internet app server talks to Y web services in internet app server
X web services in intranet app server cannot talk to Y web services in internet app server
If I want X web services in intranet app server to talk to Y web services in internet app servers,if I don’t want to use a service bus,what workaround can I do to talk ?
Jun 25, 2014 07:22 AM|PatriceSc|LINK
You want an intranet web server to use internet web services but you are not allowed to do so ? (even intranet to internet is not allowed, earlier you talked about internet to intranet ?).
Is this a thiard party service or your own ? Could the same service be installed in the intranet zone for consumption by intranet apps ? Could a VPN be established between the intranet and the 3rd party service (if 3rd party).
For now it seems your IT guys would be better placed to tell what they allow once you described what you need...
Jun 25, 2014 09:51 PM|swastikaeyes|LINK
We actually allow internet web services to be called by intranet servers and this makes sense as the less secure zone can be exposed to the more secure zone.
But not the other way round i.e. intranet web services to be called by internet servers.
We want the call to be both ways i.e intranet web services to be called by internet servers AND internet web services to be called by intranet servers.
We have no third party service setup.And setting up a third party like biztalk would be costly.
While your suggestion of replicating the code in the intranet zone will work,it is extra work/servers/migration for all our existing applications and we want to avoid that if possible.
Therefore we are trying to understand if there is any other means to have some sort of 'proxy' server to serve the web services(I've read something about this but don't really understand how it can work or if it can work in my circumstances)
Jun 26, 2014 07:40 AM|PatriceSc|LINK
So the issue is calling intranet services from the internet.
To me it would be a public facing server that is only allowed to call a particular web service on a particular server inside your organization (not exposing the exact service but just the needed interface that needs to be used from outside and it then "relays"
the call to your internal service) ? Or a VPN as suggested earlier to establish a connection between the caller and the callee ?
IMO you should ask in an admin forum and talk to your IT guys. It's beyond just programming and we don't know exactly what your IT people allows or proscribe...