Published BSSV Architecture

[craig_welton]

Hi all,

I'm looking to understand a real-world example of exposing published E1 business services. Knowing that the published BSSV is used to call the internal BSSV that then does the business logic against your ERP (through BSFN calls order database access), how is that deployed within an enterprise network in regards to the DMZ and the secured network?

I'm guessing that a hardened Business Services server is placed in the DMZ, so that's what the external consumer interfaces with. Now when called, does the published BSSV call an internal BSSV on another Business Services server inside the secured network? i.e. firewall allowed through established ports/hosts? I'm imagining you want to keep you internal code inside so the published service just translates the input parms as essentially a wrapper or proxy.

Any insight would be much appreciated. Pardon my ignorance if I'm way off base, I am primarily a code monkey.

thanks
Craig

 

[RussellCodlin]

I've never seen a situation where BSSV services have been directly exposed to the internet except for demo systems. You normally have some other component calling the services, even if it just a middleware/message broker product. In a basic set up your BSSV instance would sit inside the firewall and you'd stick a proxy in the DMZ.

 

[78aspide78]

Hi Graig, I'm not sure to understand your question so I'll try to explain my last work.

I have a Java EE web application that call JDE BSSV in order to create purchase orders.

There is a reverse proxy (apache http server) on the DMZ, so user put the public https url in the browser in order to access the application; the proxy routes the request the the Java EE application (there is a roule in the firewall to allow the communication), the Java EE app call the BSSV.

So the published BSSV is not exposed to the outside network.

If your question is about the split beetwen Published and Internal I think it's only an application layer division (not for security).


Let me know if I missed something.

 

[craig_welton]

Thanks for the response. Just so I understand, you created a separate Java EE application to broker the request to the E1 BSSV?

 

[78aspide78]

No, the externel Java EE application is a full Web Application (with UI and business logic).

 

[craig_welton]

OK, so it's a full JEE app, but consumes the E1 BSSV internally. If you wanted to expose the published E1 BSSV directly, would you use the reverse proxy and route it to the Business Services server behind the firewall?

thanks again for the info.
Craig

 

[78aspide78]

Yes, may be somenthing like http proxy -> Load balancer - > E1 BSSV

 

[craig_welton]

Very cool, thanks a lot.

Craig