We have something similar here. The way we did this is that we run the same application in two contexts on Tomcat but there are configuration settings that make one an internal application and the other Intranet application. What this means is that upon startup the properties say that for example the Internet application is not allowed to authenticate users in 'intranet' role.
Both of these contexts share resources but we have encapsulated the resources into libraries and if there is a change to the database access library we just update the jars on the both applications. If you structure everything with modularity in mind then this should be easy to accomplish. Good luck, d. Becky Phaneuf wrote:
I have been trying to determine the best way to architect an Internet (external) website and an intranet (internal) website. The requirements are simply that the two web applications may need to share EJB resources and some static content (word, excel, visio docs), but their look and feel (JSPs) will be completely different. It would be nice if they could also share some servlets too - ones that do basic work. I could use some helpful input and suggestions about the best, most secure, way to do this. The main problem we are dealing with is security. If we couple any of these web applications together too tightly someone may be able to sneak into our intranet site via the Internet site. This is what I'm currently looking at: Client - (DMZ) Internet Web Server on Machine A points to Appserver/EJB Container - (firewall) - Intranet Web Server on Machine B - Appserver/EJB Container on Machine B - Data storage Machine A and B would be MS2K Advanced Servers, and there may be another firewall between Machine B and the RDBMS. Has anyone attempted an implementation similar to this before? Thanks in advance for your feedback! ___________________________________________________________________________ To unsubscribe, send email to [EMAIL PROTECTED] and include in the body of the message "signoff SERVLET-INTEREST". Archives: http://archives.java.sun.com/archives/servlet-interest.html Resources: http://java.sun.com/products/servlet/external-resources.html LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
-- David Mossakowski Instinet Corporation **************************************************************************** <<Disclaimer>> This message is intended only for the use of the Addressee and may contain information that is PRIVILEGED and/or CONFIDENTIAL or both. This email is intended only for the personal and confidential use of the recipient(s) named above. If the reader of this email is not an intended recipient, you have received this email in error and any review, dissemination, distribution or copying is strictly prohibited. If you have received this email in error, please notify the sender immediately by return mail and permanently deleting the copy you received. Thank you. **************************************************************************** ___________________________________________________________________________ To unsubscribe, send email to [EMAIL PROTECTED] and include in the body of the message "signoff SERVLET-INTEREST". Archives: http://archives.java.sun.com/archives/servlet-interest.html Resources: http://java.sun.com/products/servlet/external-resources.html LISTSERV Help: http://www.lsoft.com/manuals/user/user.html
