We have a couple of internal applications behind firewall which is not accessible to internet. We are trying to setup an internet accessible portal (which can also access our internal applications) and trying to provide menus to these two applications and display them via iframes.
Here are the application details:
Portal - Tomcat+Apache
Internal Applications - one is a node.js app and the other is a J2ee+tomcat app
Host servers - different for all the three applications
We are facing two issues here:
1) The internet accessible portal is secured (HTTPS). But, the internal applications are not secured ie.,HTTP. so, the browser shows the warning message "some of the content are unsecured" and blocks the application. Is there a programmatic way to suppress this warning without manually changing the browser settings?
2) The internal applications are behing the firewall, but our portal is internet accessible as well as can access the internal applications. Currently the application is not displayed through internet. How should we implement the portal so that we can byepass the firewall?
Appreciate your inputs.
Configure a reverse proxy in Apache on your portal server to forward requests to your internal apps, and let Apache handle the https. This should solve both 1) and 2) since everything will then be accessible through https.
Reverse proxying in Apache can be done using the Apache module mod_proxy. You can find many examples on the Internet, but here's a simple one:
<VirtualHost *:443>
...
ProxyPass /foo http://internalserver/bar
ProxyPassReverse /foo http://internalserver/bar
...
</VirtualHost>
If you put that in the Apache config of your portal, it would make the internal app http://internalserver/bar accessible at https://yourportal/foo from your portal.
Here's a good article with more details.