Apex 5
Glassfish 4.1
We currently have an Apex application running on a Glassfish Application server (ORDS) with the DB separated onto another server - using LDAP authentication against our Active Directory. We now want to allow external access to this one application.
So far, we have configured an Apache web server in our DMZ with an SSL Certificate that is acting as reverse proxy to send traffic for our application to an internal IIS server where we have URL ReWrite rules forwarding the session to the Glassfish Application Server.
Our internal security team wants us to modify the application so that the network connection from the external end user is terminated in (part of the application) housed in the DMZ and then have traffic sent internally to the Apex application server on a different port and if possible using a different protocol.
My question is: Would it be possible to have a run-time Apex application/DB on the Linux Apache server that would:
1- authenticate against the internal Active Directory
2- generate the session cookie
3- forward the session to an internal Apex application server
4- which would use the session cookie to 'take over' the session and make the dual-Apex server setup invisible to the end user.
This is the closest I can think of to getting what the security team wants. Is this possible? What am I missing or what should I be concerned with?
Thanks so much in advance for your time and experience...
Rich