This topic describes how to configure Process Engine to work in a firewall configuration. To do so, make the following changes.
Enable communication between the Application Engine (AE) and Content Engine (CE) on one side of the firewall (if CE is co-located on the same side of the firewall as AE), and the Process Engine by opening ports for the Broker (user configurable) and WSI access (user configurable through Process Task Manager).
A parameter must be added to the PE server through the Process Task Manager that forces Process Engine to return its hostname instead of an IP address.
vworbbroker.endPoint = giop:tcp:<Process Engine FQDN>:<Port>
The Interoperable Object Reference (IOR) ports are used by AE to communicate with Process Engine (PE).
NOTE The ports are user configurable. You can modify the ports in Process Task Manager on the General tab.
A static return port must be configured for PE to return communication to AE. This port is user-configurable and assigned in Process Task Manager.
In Process Task Manager, go to the Process Engine node, and select the Advanced tab. Add the following property:
vworbbroker.endPoint = giop:tcp:<Process Engine FQDN>:<Port>
where <Port> is the port number that PE uses to reply to the AE request.
PE authenticates users via CE. To do this:
The ports are bi-directional between CE and PE, and between PE and CE.
The ports used correspond to the Application Server, and are user-configurable.
No firewall changes are required for PE with a local database.
The database “Listener” port is used for communication between PE and the database.
The ports are bi-directional between PE and the database, and the database and PE.
The database ports are user-configurable.