On 1/14/14 4:21 AM, Tim Bronski wrote:
I'm not sure what you're asking exactly but they're obviously looking to
set up a secure link between the web site and the wintouch app. The link
will be via an ssh tunnel. They need your public key to authenticate with.
I forwarded both of the on-List replies, as well as an off-List one that
should probably stay off-List, to my colleague, who in turn asked the
customer if ssh tunneling is what we're talking about here; I was just
told that the customer thinks this is indeed the case.
This should also answer Rob's questions:
Wintouch is a client-server CRM application, using a proprietary server
running on an IBM Midrange box. In its earliest form, it used a
Smalltalk(!) client communicating via APPC/APPN; by the time it had
become a viable product, it had evolved into a Java Swing client
communicating via TCP/IP (but still, with everything above the socket
itself very much a proprietary protocol). Some years ago, we added
web-based forms/portal capability, which in recent years evolved into a
full-blown Java client that runs as a Tomcat context, serving not only
forms and portals, but also something very close to the full
Java-client, with the latter supporting both browser-based and
mobile-app-based interfaces, both communicating with the original
proprietary server and (mainly for reporting tools) issuing JDBC
requests as well.
Naturally, of course, the Tomcat context can run on the same box as the
Wintouch server, or on anything else that can run Tomcat, and
communicate directly with that box.
So far as I'm aware, we haven't been told where this other web site will
be running.
This situation looks, to me at least, like a case where the ssh
tunneling would be entirely between the external web server and the
Tomcat context. Which tells me that the next thing to research is ssh
tunneling in Tomcat.
Thanks, all, and any further insights would be appreciated.
--
JHHL
midrange.com
