Menu
Our client has a set of (5-6) intranet/internet applications either custom developed or 3d-party, located in various web servers, which applications we cannot modify/control.
We have developed a web portal application (A) and the client wants that all its other applications (B) are accessed only via A, meaning that if a user enters directly the application url for B, he gets an error page telling that access is allowed only via A. So, user has to log in to application A and then click a link to application B to access it. This requirement has been asked for security reasons and to make A act as an access gateway to other applications (B).
Is this possible and how can we implement it? Should we use another web server on the top acting as a proxy to all other applications (B) or is there a better solution for this? And if we use another web server as a proxy should we implement the referrer logic with a user id - token approach combined with appropriate session cookies, so that the application B's url cannot be hacked and is unique for each user and session?
Sorry if I stated my questions unclearly or in a wrong way, but I'm unfamiliar with network/system administration and web servers. I can provide more details where needed.
218
there are different approaches here:
1. using firewall setup access to B http{s} port only from A IP address.
2. set Directory restriction in httpd.conf for aps B directory like:
<Directory "/var/www/B">
AllowOverride None
Order allow,deny
Allow from <IP of A>
</Directory>
in APS A create link (http://ip_A/accesstoB/somepath/script.php) that will Proxied to B using .htaccess rule like:
RewriteRule ^accesstoB/(.*)$ http://<ip_B>/$1 [P]
in this example: customer accessing http://ip_A/accesstoB/somepath/script.php link will be proxied to http://ip_B/somepath/script.php
58
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
