0 Replies Latest reply on Mar 13, 2003 11:13 AM by javajohnson

    Whats the best/most secure approach to deployment

      I have an application (JSPs/EJBs) running on JBoss 3.0.4 that is conceptually similar to an online banking application. We need to allow our customers to modify their account in real-time, while we also can modify the account in real-time from within our network. The issue isn't concurrancy, but where to place the database in respect to the firewall.

      We have a couple ideas, but are not sure which is the most common approach to solve this problem. One idea is to put the oracle DB behind the firewall, and JBoss in front of it, however this means we have to open the oracle port in the firewall, and have a potential security risk.

      Another idea I had was to place the Jetty component of our application in front of the firewall, and the EJB/DB servers behind it. Then I can encrypt the communication using SSL over RMI to go accross the firewall. Our app is based on the Command Pattern, so doing this would require very little rework, mostly just configuration changes, of which I admit, I know very little about, but I have the docs, so I can figure it out.

      Any other suggestions? How do banks normally handle this situation?

      Thanks for any insight.
      --Mark Johnson