Frequently Asked Questions
- What is a reverse proxy server?
- How does jRevProxy work?
- Where can I use jRevProxy?
- Where can I find source code/API documentation?
What is a reverse proxy server?
A reverse proxy server is a server that secures the access to backend content servers. A reverse proxy server is in most of the cases placed in the DMZ (DeMilitarized Zone). Reverse proxy servers accept HTTP and HTTP over SSL (HTTPS) requests from Web clients and passes those requests to the backend servers. It then passes the requested resources back to the right Web client.
How does jRevProxy work?
jRevProxy accepts external HTTP(S) requests and translates these into
internal HTTP(S) requests, hereby checking some rules specified in an XML
configuration file.
In case jRevProxy is configured to accept HTTPS requests, jRevProxy supports
mutual (client and server) authentication. In this case the client has to prove
to the server that he has a client certificate installed in the browser and that
the user knows the password that gives access to the corresponding private key.
The server on the other sends his server certificate and proves like that his
identity.
After this optional client authentication, jRevProxy will decide based
on its configuration if the authenticated user is allowed to access the
requested resource.
Where can I use jRevProxy?
jRevProxy can be very useful in case you want to secure the access to web applications that only support HTTP but that have a basic authentication mechanism, username/password for example. This combination implies that usernames and passwords can be sniffed since they are sent in cleartext over the wire.
Where can I find source code/API documentation?
The JavaDoc source code documentation can be found here. You can of course jump into the sourcecode itself also :).
Last update: April 26 2003