apache as a channel to IIS

Zingaro2002 · 01-18-2005, 10:14 AM

well, I'll try to be clearer.

On a win2003 server box with public IP address I have IIS 6 working.
There I have a running web service (mapguide server) that doesn't exist for Apache (as far as I know).

If I go through the pages given by IIS everything works greatly (I mean: user can look at and interact with maps I created and inserted there).

Now you can easily understand that I cannot "say goodbye" to IIS (if so I could not use mapguide server), so all I want to do is:

I want to give a local (private) IP address to that win2003 box.
On another machine I install a linux distribution and Apache and I give it a public IP address.
When an external user looks at a page on a given url (that I decide) then apache, after authentication, MUST simply call IIS and take what IIS gives to it and pass these "bytes" to user's browser (without any modification); in other words apache should only be a transportation channel appearing as user's browser to IIS.

In this way I'd have enough security to expose on Internet a very good web server (apache) on a very secure machine (linux box) and I'd go on using mapguide server on IIS machine.

What do you think about that?
Can I really do it?
How?

Thanks in advance

marghorp · 01-18-2005, 12:15 PM

You can put them on different ports and solve it that way. Like Apache port 80 and IIS port 81

Zingaro2002 · 01-18-2005, 01:38 PM

No, I want to install Apache on a Linux machine (for security reason) and I don't want to directly expose IIS on Internet (IIS machine should have only 1 private IP address).
IIS should be called ONLY by apache and should give it the pages that apache will give to the user's browser.

Thanks

Zingaro2002 · 01-19-2005, 10:59 AM

any ideas?

Zingaro2002 · 01-20-2005, 03:01 AM

Just an example of what I want.

A user visits my pages in
http://80.aa.ss.ee/sitename

managed by apache on a linux box

When this user enters here
http://80.aa.ss.ee/sitename/interactivemaps

apache asks him to authenticate and then (if authentication is OK) apache calls IIS (where mapguide server service is running); then apache takes what IIS gives it and transmit those data to user's browser without any modification (apache acts as user's browser to IIS's eyes).

In other words I'd like to map this url http://80.aa.ss.ee/sitename/interactivemaps
on apache so that it calls IIS
(I don't want a redirect: this should mean that I'd have give to IIS a public IP address)

Why all this?
For security reasons: I want to give to IIS just a private (local) IP address; doing so I can tell IIS to answer ONLY to those calls coming from the single IP of my apache-linux box (in this way I hope to limit external direct attacks to IIS).

How can I do all this?

Thanks in advance for any advice-idea!!!