Hello everybody,
For a customer of us, we have to deploy a webservice with following constellation:
* Web Server in a DMZ
* DB-Server in network
What's the best practice for such a deployment / development ? Where should be installed which component ?
Normally (without any DMZ), State-Free AppServer & WSA are installed on the DB-Server but I think that with a DMZ, this is different.
Many thanks in advance.
Kind regards,
Mat
[/collapse]Thread created by mtuglerHello everybody,
For a customer of us, we have to deploy a webservice with following constellation:
* Web Server in a DMZ
* DB-Server in network
What's the best practice for such a deployment / development ? Where should be installed which component ?
Normally (without any DMZ), State-Free AppServer & WSA are installed on the DB-Server but I think that with a DMZ, this is different.
Many thanks in advance.
Kind regards,
Mat
Stop receiving emails on this subject.Flag this post as spam/abuse.
Hi Mike,
Many thanks for your reply.
Here my approach:
WSA in DMZ
AppServer in network running on the DB-server.
I know that it's possible to set remote & local webservice. Do I have to create 2 WebServices (1 on DB-server & 1 in DMZ) ? Which one will be the local and wich one will be the remote ?
Do you or someone else have an idea ?
Many thanks !
Mat
I would go for the second option Michael suggests. Setup a reverse proxy in the DMZ and let that point to a machine in your LAN. This LAN machine could run the entire OE stack (ie. db, AppServer and WSA). From a security point of view it's easier to maintain because this obscures most of Tomcat (WSA), except the URL you want obviously.
Moreover, you don't have to access you DMZ for deployments of your webservices. Apart from IIS & Apache I can recommend the nginx webserver for this task. It's lightweight in both footprint and at runtime (and it serves > 15% of the websites worldwide, so proven technology).