This topic describes how to configure Process Engine to work in a firewall configuration. To do so, make the following changes.
Enable communication between the Application Engine and Content Engine servers on one side of the firewall (if Content Engine is co-located on the same side of the firewall as Application Engine), and the Process Engine by opening ports for the Broker (user configurable) and WSI access (user configurable through Process Task Manager).
A parameter must be added to the Process Engine server through Process Task Manager that forces Process Engine to return its host name instead of an IP address.
vworbbroker.endPoint = giop:tcp:<Process Engine FQDN>:<Port>
The Interoperable Object Reference (IOR) ports are used by Application Engine to communicate with Process Engine.
NOTE The ports are user configurable. You can modify the ports in Process Task Manager on the General tab.
A static return port must be configured for Process Engine to return communication to Application Engine. This port is user-configurable and assigned in Process Task Manager.
In Process Task Manager, go to the Process Engine node, and select the Advanced tab. Add the following property:
vworbbroker.endPoint = giop:tcp:<Process Engine FQDN>:<Port>
where <Port> is the port number that Process Engine uses to reply to the Application Engine request.
Process Engine authenticates users via Content Engine. To do this:
The ports are bi-directional between Content Engine and Process Engine, and between Process Engine and Content Engine.
The ports used correspond to the Application Server, and are user-configurable.
No firewall changes are required for Process Engine with a local database.
The database “Listener” port is used for communication between Process Engine and the database.
The ports are bi-directional between Process Engine and the database, and the database and Process Engine.
The database ports are user-configurable.