Skip to main content

Web applications access control

3 replies [Last post]
guruvulubojja
Offline
Joined: 2009-10-15
Points: 0

Hi All,

i am using glassfishv2.x for my project. we have a EAR file in that two web application are there. my client requirment is one web application should accessab all [public] and another one should not be accessable to public that shoud be accessable to local ips [internal] . i really dont know how to configure the server for the same requirement. i tried it in the net , some are suggesting that we can achieve the same with virtual server concept but i did not get . please help me.

Regards

Guru...

Reply viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
bthalmayr
Offline
Joined: 2007-02-27
Points: 0

by 'accessible internally' ... do you mean it should not be available 'externally' at all or only accessible with proper authorization? If you mean the first one I don't think this is possible as you can only 'assign' the whole application to a virtual server, not parts of it. If you can separate the two web-apps into two apps then you can use virtual server concept. However if one knows what to do it can easily be bypassed ... so it's not really secure. Another possibility would be to frontend GF with a 'reverse-proxy' kind of thing which does not allow to request specific URIs. -Bernhard

guruvulubojja
Offline
Joined: 2009-10-15
Points: 0

Hi bthalmayr,

thank you for your reply, please tell me how to do it with virtual server concept if both are separate.

regards

Guru...

bthalmayr
Offline
Joined: 2007-02-27
Points: 0

Create a virutal server in your instance (f.e. for the default-server)

asadmin ..... create-virtual-server --hosts <list-of-FQDNs> internal

If you need a different instance, just specify '--target <instance-config>' option.

'internal' is the virutal server id .. .you can choose what you want.

I assume you're familiar what 'FQDN' and the 'http-host-header' attribute meens.

Deploy your app to the target specifying the virtual server it should be 'bound' to.

asadmin ... deploy (--target <target>) --virtualservers internal <archive>

The app will only be served if you access it with the FQDN configured for the virtual host.

HTH,

Bernhard