bildwelt
E2E FORUM
E2E Bridge E2E Commerce

Security: Protect E2E Services without configuring a firewall

E2E Forum Modeling & Development Security: Protect E2E Services without configuring a firewall

This topic contains 1 reply, has 1 voice, and was last updated by  Christof 4 years, 8 months ago.

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • #387

    Christof
    Blocked

    At one of our customers, different E2E services interact with each other using SOAP ports. Although security is a big concern in the customer environment, the conceptual setup of the customer’s server zone where the E2E Bridge server resides does not allow to configure firewalls. Thus we need to find another way to avoid exposure of the E2E services into the customer’s network.

    #388

    Christof
    Blocked

    Planned approach:
    * Defining a proxy with https and basic auth in front of the original soap service
    ** Calling the webservice only via proxy internally
    * Defining basic auth also on the original http soap service
    ** Not calling the webservice directly internally (thus never sending user/password as plain text in the http call)

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.