Hi.
I might be out of my league here, but here's my two cents:
How do you instantiate the java.net.url object? Several of the constructors
allow the port to be entered.
What is the protocol you are using on this port?
>From the JavaDocs:
"A URL can optionally specify a "port", which is the port number to which
the TCP connection is made on the remote host machine. If the port is not
specified, the default port for the protocol is used instead. For example,
the default port for http is 80."
cheers.
pete.
----- Original Message -----
From: "Joe Pearse" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, September 07, 2001 5:19 PM
Subject: Re: Specify outbound port on tomcat
> That's just it, though. Take the firewall out of the equation, and the
> application works fine. I understand that the destination port is what
> matters, and it does; you're right about that. Let me describe a
scenario,
> to see if this helps explain the problem.
>
> I'm running tomcat + application at location A, you're running the same
> application + tomcat at location B.
>
> Scenario 1) You, site B, have no firewall restrictions. I, site A, send
> you, site B a message to port 443. Application does its thing, and sends
a
> confirmation message, on _your_ local port, between 1024-5000. The
> destination is port 443 of site A. I receive the confirmation, and
everyone
> is happy.
>
> Scenario 2) Now, your new security guru puts the clamps down on all
> outbound ports at site B. Taking the same scenario as 1), all works fine
> UNTIL you, site B, tries to send the response. Because all outbound ports
> have been blocked, the message does not get back to site A.
>
> Having said all that (sorry so long), at site B, you convince your
security
> guy to open ports 2000-2005 (for example). What can I alter to guarantee
> that messages will be sent out on these ports? Thanks again for your
help.
>
>
> >From: "Craig R. McClanahan" <[EMAIL PROTECTED]>
> >Reply-To: [EMAIL PROTECTED]
> >To: <[EMAIL PROTECTED]>
> >Subject: Re: Specify outbound port on tomcat
> >Date: Fri, 7 Sep 2001 16:56:50 -0700 (PDT)
> >
> >
> >
> >On Fri, 7 Sep 2001, Joe Pearse wrote:
> >
> > > Date: Fri, 07 Sep 2001 16:49:09 -0700
> > > From: Joe Pearse <[EMAIL PROTECTED]>
> > > Reply-To: [EMAIL PROTECTED]
> > > To: [EMAIL PROTECTED]
> > > Subject: Re: Specify outbound port on tomcat
> > >
> > > The application itself is generating the message being sent out. In
the
> > > basic sense, a browser is not involved. For example, information is
> > > received on port 443, and processed by the application. From that, a
> > > java.net.URL object is created, and the message is fired off to the
> > > specified client URL. When firing off the message, the outbound port
> > > (1024-5000) is chosen, and I'm not sure what chooses the port, and if
I
> >can
> > > restrict it.
> >
> >OK, to make an outbound connection, you definitely need a port on the
> >local server. But what matters to a firewall is the port on the
> >*destination* of that connection, not the *origin*. What port number on
> >the client are you sending to? In order for things to work, *this* is
the
> >port number your firewall has to allow through (assuming that the client
> >is on the other side of it, of course).
> >
> >Which, of course, raises the question of why do this anyway, when you can
> >simply return data in the HTTP response to the request you are
processing,
> >but that's a different question.
> >
> >Craig
> >
>
>
> _________________________________________________________________
> Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp
>
