Back to Security Pattern Catalog

Front Door

Classification Key : Perimeter Security, Information Disclosure


A website implemented with different servers or different vendor solutions run into a consistency problem when the topology changes. You are hiding the topology of the servers from external users using a reverse proxy. The user has to authenticate himself and collaborate with the multiple server vendors hidden by the reverse proxy but this multiple authentication reveals the inner topology. How do you provide a single sign on for several web applications or services integrated under a single reverse proxy?


Keep user identity and session information in the integration reverse proxy. This proxy passes the information to all of the back ends.

Known Uses

IBM Tivoli Access Manager provides front door reverse proxy functionality with its Web Seal product.

Related Patterns

Integration Reverse Proxy, Security Session, Policy Enforcement Point, Protection Reverse Proxy


Wiley Book


Reverse Proxy, DMZ, Firewall


Last modified: May 05, 2012

Conceived and Maintained by: Munawar Hafiz