AS2 on DMZ Server

The AS2 service on a DMZ server can be started locally (or not). The parameter handleAS2 in ./etc/startup_dmz.xml is set to true or false accordingly (see section Parameter‌s).

• AS2 service started (handleAS2=true): AS2 messages are forwarded inwards as a message. If the inner server is (temporarily) not available, the messages are buffered (same for FTP, etc.).

• AS2 service not started (handleAS2=false): All AS2 HTTP requests are forwarded inwards and the inner Integration Server sends MDNs and messages. The file ./etc/forward.properties on the DMZ server needs to contain the following for AS2 forwarding.

  /partner/*=http://<Innerer Server und Port>/partner

  Or restricted:

  /partner/AS2Retrieve/*=http://<Innerer Server und Port>/partner/AS2Retrieve

The forwarding for the path /partner/... via HttpForwardServlet is set up when the DMZ is started, if handleAS2=false and addStandardServlets=true. If during startup, handleAS2=true or addStandardServlets=false and the AS2 service is active, the path /partner/... will be used by the AS2 service.

In principle, however, a subpath can also be set up under the context /forward for forwarding the AS2 requests, which can always be used independently of addStandardServlets and handleAS2. See also: Forwarding HTTP Requests Inwards. In this case, no active AS2 service is required on the DMZ server because the AS2 requests are passed on to the internal server.

It is also possible to connect individual partners via forwarding of the HTTP (s) request and others via the AS2 service on the DMZ. To do this you can start the AS2 service on the DMZ, set handleAS2=true and in addition set up in forward.properties:

Partners that connect to the path /partner/AS2Retrieve/ are accepted on the DMZ. If they connect to the path /forward/AS2Retrieve/, they are forwarded to the internal AS2 service.