Using HTTP(S) Tunnelling for the Infor Rich Client

Use this procedure if you want to tunnel communications between the Infor Rich Client and the grid. The advantage to this is that it allows a portion of the communication path between the applet and the grid to be encrypted. This tunnelling uses a servlet that tunnels the grid communication using HTTP or HTTPS protocols. This allows users to encrypt the communication from the applet client to the servlet container (which is typically deployed in the DMZ). The firewall can then be configured to allow only the servlet contains to communicate to the grid (unencrypted) using the grid communications protocol. In this way all the traffic routed between external client browsers and the servlet container, through the internet, will be done using TLS. The traffic between the servlet container and the grid is still done using the grid proprietary protocols and is not done through a TLS connection.

You enable tunnelling by entering a URL that includes the usetunnel parameter. The URL is slightly different depending on whether you are tunnelling through the grid servlet container or the WebSphere servlet container. Be sure the grid_router_host value you use in the URL exactly matches the value given for the com.lawson.grid.host_address property in the %LACFGDIR%\grid.properties file.

To use HTTP(S) tunnelling

  1. If accessing the Infor Rich Client through the grid servlet container, use the following URL:

    http(s)://grid_http_host:grid_http_port/richclient/richclientapplet.html?usetunnel=true&opt=-g \-m grid_router_host:grid_router_port dataarea&context.session.key.key_name=value

  2. If accessing the Infor Rich Client through the WebSphere servlet container, use the following URL:

    http(s)://was_http_host:was_http_port/richclient/richclientapplet.html?usetunnel=true&opt=-g \-m grid_router_host:grid_router_port dataarea&context.session.key.key_name=value