1 Reply by robin.jones

  • robin.jones
  • Member
  • Offline
  • From: UK
  • Registered: 24-06-2011
  • Posts: 18

Re: Setting up communication through a firewall.

Hi,

I was wondering whether anyone has an experience in setting up an indicia client to communicate
with a warehouse that is behind a firewall?

The firewall has been configured to allow any http requests originating from the ip address of our external web server directed at the ip address of our firewall to be redirected to a machine that
is on our local network. I've tested this and found that I can successfully retrieve web pages and
directly communicate with the warehouse.

Having progressed a bit further, I have realised that the default situation for the indicia client helper is for the included javascript and css files to be from the same location as the warehouse. Because the route through the firewall is deliberately limited to the IP address of the web server, attempts by the browser to load these files will fail.

As a crude means of overriding this, I copied the media/js and media/css folders onto the client web server and added the following after line 197 of helper_base.php :

$base = "/indicia/";

This means that the js and css files are being picked up from the client site.
This would probably be better served as an option in the configuration file.


However, this change doesn't apply to ajax calls, which still attempt to communicate directly with the warehouse.

I suspect that it will be necessary to configure ajax communication to be done through a proxy script, but before trying to work this out myself, thought I should ask the members of the forum whether anyone has already found a solution or need a similar solution.

cheers

Robin Jones

Robin Jones
IT Manager: Species Conservation
Wildfowl & Wetlands Trust

robin.jones's Website

2 Reply by johnvanbreda

  • johnvanbreda
  • Administrator
  • Offline
  • From: UK
  • Registered: 27-04-2006
  • Posts: 1,237

Re: Setting up communication through a firewall.

Hi Robin
For the JavaScript and CSS files, there is are settings you can apply to any of the helper classes (as it is in the base helper class), called $js_path and $css_path. So in your scenario you need a copy of the media folder on your external web-server and to set both of these variables to the appropriate folders. This is exactly how the iform module for Drupal works by the way. So, I think your attempt was pretty close.

Personally I have only worked with the Warehouse on a public URL so have not encountered this specific problem, as it is designed for website administrators to remotely configure their websites. However I think you are spot on with the suggestion of a proxy script which sits on your external web-server. There is a proxy script in the iform_proxy module's module file which you could borrow ideas from - it is Drupal specific but the actual proxying code is generic. This particular script takes the destination URL as a parameter, whereas yours could be fixed with the advantage that the client does not need to know about the URL at all.

Best wishes

John van Breda
Biodiverse IT

johnvanbreda's Website

3 Reply by Jim Bacon

  • Jim Bacon
  • Veteran
  • Offline
  • From: BRC
  • Registered: 03-11-2008
  • Posts: 980

Re: Setting up communication through a firewall.

I can't add anything to John's comments about your question but one other thing comes to my mind for consideration which is whether you will use GeoServer to generate maps and have you thought about how that will work.

Jim Bacon