I want to access an Oracle web service in my Android application. But the web service is on my company's server so the public cannot access it. But our Android app is going to be used by the public. Is there a way to use that web service and connect to the server without changing the server's security configurations..? Thank you very much.
you can either try tunneling through a web server as is a standard industry practice. Setup a pair of web server in front of oracle app servers and then a load balancer if front of webs servers. The firewall can be configured to allow traffic on ports 80 (standard http port) or 443 (standard https port). Everything below the load balancer stays protected inside the firewall and you wont have to tweak your oracle server for security configuration changes.
Related
I am in a situation.
We have a Windows Server 2012 on which a play application is running. This play application is listen to port 80(using built-in HTTP server). Any request sent to my server say, http://abc.testserver.com is picked up by play.
We have one more web application which is developed using php and html. This is hosted on the same server on port 81 using IIS.
So any request http://abc.testserver.com:81 will launch my php web app. But we are not comfortable to expose the port no (i.e. 81) to the users.
Is there any way we can have both the applications running on the same server without displaying the port number to the user? (say use different domain names)
Please help us with possible approach if there is any.
Thanks
I'm trying to setup Nginx for some personal web services I have running on my home server.
The network is setup with router between the server and the internet, the router has a Dynamic DNS service running such that I can connect to it while not at home.
I would like Nginx to handle connections from the local network such that it will serve the web services over HTTP and HTTPS without any authentication.
Connections from outside the local network, should redirected to HTTPS for security, and should also be required to authenticate.
The available web services are the same in the both cases. Connections directly to the IP should also be handled in the same way. I already have the web services running over HTTP, so this question is only about how to setup my server blocks
Is this possible?
In our production environment a website runs under HTTPS with SSL terminating on a load balancer and passing traffic to the IIS servers as HTTP.
There are various in-house and 3rd party components and controls within the site and some of them use mechanisms similar to the .NET System.Web.HttpRequest.IsSecureConnection property which simply queries the HTTPS server variable to return its result. As the connection into the web server from the load balancer is HTTP, these methods return the incorrect value and cause some components to fail. For example, a component might direct the user to a HTTP URL instead of HTTPS for a JavaScript file and cause the browser not to load the mixed content.
In order to debug these components and to develop a workaround, I need to recreate this scenario on my development machine. My question is Is there an easy way to simulate an externally terminated SSL connection for the Visual Studio / IIS Express development environment?
I've found a way using Port Forwarding Wizard.
Create a single TCP mapping with Listen Port set to a spare port (e.g. 443), destination as localhost with web server port (e.g. 80). Leave everything else as default, but go into SSL Encryption and generate a Root Key and Certificate in CA Center. Once done, select Enable SSL Encryption and select Server. Generate a Private Key file, Cert Req file and a Certificate and then bob's your uncle, you get terminated SSL forwarding to your local IIS Express server: Simply Start your port mapping and then connect to https://localhost with your web browser (specifying the port if it's not 443).
I want to find out how to set up a WCF service, which communicates with client via certificate over SSL (HTTPS) in a load balancer environment. The certificate is used for message exchanges.
Update
Below is current setup:
WCF 3.5 is used, but can be changed to ver 4 if required.
IIS7.5 and ASP.NET 3.5
certificate is installed on each IIS,
each WCF app is installed on each IIS,
certificate is issued to *.mydomainname.com, where my app is under myapp.mydomainname.com
does load balancer require certificate?
Goal
Client uses certificate to communicate with WCF service over HTTPS in load balancer.
Any idea would be very much appreciated!
Your site hosting the service must be exposed on domain name for example:
myapplication.enterprise.com
This configuration must be done on all application servers in the web farm (load balanced servers) = you must assign correct host header. You must request / create certificate for this domain name and install it (including private key) on all servers in the farm. You must configure your web sites on all servers to use this certificate. DNS record for the domain name must be configured to point to IP address of the load balancer.
Load balancing must be done on TCP level to maintain HTTPS between client and your servers. In this scenario load balanced environment should become completely transparent to client and load balancer will not need the certificate because it will only forward TCP connections and SSL tunnel will be created with the real web server.
I developed an FBConnect web application using C# .Net Framework 4.0 recently. Tested with my UAT server, everything just works fine, I'm able to login with my Facebook account, and perform all operation.
Unfortunately when I deploy the same code to my client's production environment, the FBConnect return "unreachable network 69.171.229.24:443". After several investigation, notice the port 443 is blocked! And due to corporate policy, this port is not allowed!!
Is there alternate way I can tweak my facebook app settings NOT to authenticate via port 443? instead of rewriting my code?
Please advice.
No, there is no alternative.
Port 443 is for secure HTTPS connections using TLS and SSL. Facebook, quite correctly, restricts access to their authentication mechanism to this port: (as far as I know) there are no alternative mechanisms that use a different port or an insecure login on port 80.
Check with your client to see if there's an proxy server that can be used for HTTPS connections.
Otherwise, request that your client opens that port.