A strikingly odd web application exposure
Without having to expose your backend stuff to the internet, how do you service a WAP/WEB request. The blog below discusses a typical method of achieving the same. Assuming that whole web system is being developed in a intranet and not hosted outside. Let us call the internal unexposed server as A. We need a server hosted on internet to fetch the WAP/WEB requests from the mobile or computer. This server is called as B. The request is being fired on the server B, the request is written to a flat file called request file. Server A runs a shell program viz fetchrequest.sh which reads the request file every second for any new requests coming using the curl unix utility. Meanwhile, the server B sleeps off and waits for a response from server A. Server A will read the request and if its new (newness of a request is determined by saving the previous request number in a global shell environment variable) server A processes it and shoots back the response to server B in the form of a file via FTP. Server B, in its sleeping state waits for the this FTP response file. Once recieved, it pushes back the response to the user. The whole wait process is scheduled for a fixed period of time, after which a dummy response is send like server is down, request failed, bla bla etc . Let us see how the same is achieved in fetchreques.sh running on server A.
File fetchrequest.sh
#!/bin/bash while [ 10 -eq 10 ] #Runs in a infinite loop checking request file at server B every second do if [ `env | grep -c lastCounter` = 1 ];then newCounter=`curl -s http://serverB/requestFile.txt | tail -1 | cut -d: -f1` #Reading request file at server B param=`curl -s serverB/requestFile.txt | tail -1 | cut -d: -f2` #Extracting the request parameters echo newCounter : $newCounter lastCounter : $lastCounter #If there is a new request, sending a response back to the server B if [ "$newCounter" != "$lastCounter" ]; then echo "Need to send a response" echo "Response URL : http://serverA/something.pl?action=something¶m1¶m2" #Trimming of the response that needs to be send to serverB and storing it in a variable output=`curl -s "http://serverA/something.pl?action=something¶m1¶m2" | grep 'cap\\|img' | sed \ 's/<src>.*<\/src>//g;s/<cap>/\:/g;s/<\/cap>//g;s/<img>/\:/g;s/<\/img>//g'` echo "Response received : $output" #writing the response to a flat file to be FTPed to server B `echo $output>"rp_$newCounter.txt"` `export filename==rp_$newCounter.txt` `echo ls -l "rp_$newCounter.txt"` typeset -i responseSize=`wc -c rp_$newCounter.txt | cut -d" " -f1` echo "Response size $responseSize" #If the process response is garbled, small or null, sending a dummy error in FTP file if [ $responseSize = 1 ];then `echo "We are working , try later" > "rp_$newCounter.txt"` fi #making an FTP connection to serverB and launching the response file `curl -s -T "rp_$newCounter.txt" -u username:password"ftp://serverB/rp_$newCounter.txt"` echo "Uploaded the FTP file for $newCounter request" `rm -f rp_$newCounter.txt` echo "Deleting rp_$newCounter.txt after upload" #Updating the request environment variable lastCounter=$newCounter export lastCounter fi else lastCounter=`curl -s http://serverB/mobRequests.txt | tail -1 | cut -d: -f1` export lastCounter fi done
The whole system works very well, and the requests are processed and response send to user. There are however limitations to this model.
