I am setting up a web application on a server on an organisations internal network, and would like to make it publicly accessible.
There is a single publicly accessible server running Apache2.2 on the network and the organisation's firewall keeps this server separate from the internal network.
I would like traffic to http://publicserver.example.com/webapp/rest/of#url to forward traffic to http://webappserver.example.com:80/rest/of#url.
I am planning to set up apache using the ProxyPass directive, and request an exception to allow traffic on port 80 between publicserver and webappserver.
ProxyPass /webapp http://webappserver.example.com:80/
ProxyPassReverse /webapp http://webappserver.example.com:80/
Is this the correct way to go about this? Are there any security implications beyond handling malicious requests on the webappserver?
You should just get a firewall exception for the server you want public. Setting up a proxy in the way you describe makes the entire network insecure. The concept is called "pivoting".
Isolating public boxes from the rest of your network is important, and hacking around it as you suggest undermines what the firewall is trying to do.