Description of the illustration ascon047java

This diagram shows the following zones:

the external Internet, outside the DMZ firewall
the Web Server Tier DMZ, between the DMZ firewall and the Intranet firewall
the Infrastructure DMZ, inside the Web Server Tier DMZ, but separated from the other parts of DMZ by the Infrastructure Firewall
the corporate intranet, behind the intranet firewall.

The external Internet contains the external clients, which communicate across the DMZ Firewall with the Load Balancer.

The Web Server Tier DMZ contains the Load Balancer, which communicates with the OracleAS Single Sign-On and OC4J for Single Sign-on servers, as well as with Oracle Web Cache. The Web Server Tier DMZ also contains the J2EE servers, the Web Cache and Oracle HTTP Server, and the Infrastructure DMZ.

Within the Web Server Tier DMZ:

The Load Balancer communicates through the DMZ Firewall with external clients using HTTP or HTTPS.
The Load Balancer communicates with the Oracle HTTP Server for Single Sign-on and the OC4J for Single Sign-On. The Load Balancer also communicates with the Web Cache and Oracle HTTP Server, including mod_oc4j and mod_plsql.
Oracle HTTP Server communicates through the InfrastructureFirewall with Oracle Internet Directory using SQL*Net.
Web Cache communicates with the J2EE servers using AJP.
mod_plsql uses SQL*Net to communicate through the Intranet Firewall with the Customer Database.

The Infrastructure DMZ contains Real Application Clusters, the OracleAS Metadata Repository, including product metadata, management metadata, and security metadata, and Oracle Internet Directory. Oracle Internet Directory communicates across the Infrastructure Firewall using SQL*Net. It communicates with the Oracle HTTP Servers in the Web Server Tier DMZ.

The J2EE Business Logic DMZ contains J2EE without Web Cache. J2EE communicates using AJP with Oracle HTTP Server in the Web Server Tier DMZ.

The corporate intranet contains the customer database with business data, possibly in Real Application Clusters or a cold failover cluster. The customer database communicates using AJP with the J2EE servers in the Webserver Tier DMZ. It also communicates using SQL*Net with mod_plsql in the Webserver Tier DMZ.