High-level Architecture viewpoint of a Troux Infrastructure
1. Troux Application Flow
[Last Updated: 11/29/2015]
Author: mreams
Client Browser Back-End
CompanyACompanyB
User A
User is logged into computer
with companya.com Active
Directory credentials
ADAuthentication
User invokes in IEbrowser
Portfolio Instance A
The WAFFLE agent runs in front of the
Web Servers as the gateway into the
app. WAFFLE checks the user’s
Windows AD credentials against it’s
configured Troux Roles the person is
or is not assigned to
Waffle
Tomcat
Troux_A
SQL Cluster
ActiveDirectory
User Flow Database
AD Forest
Companya.com
ServiceAccount runs the
Windows service and
brokers against coxinc in
order to see ifthe user is
in AD groups mapped to
Troux Roles
ServiceAccount
AD Forest
Companya.com
Is user
authorized?
User is granted access and
willsee designated content
based on role
Yes
User is not in any Troux roles
and will seeblank content on
the screen or a message
saying access denied
No
User B
User is logged into computer
with companyb.com Active
Directory credentials
ADAuthentication
User invokes in IEbrowser
Portfolio Instance B
The WAFFLE agent runs in front of the
Web Servers as the gateway into the
app. WAFFLE checks the user’s
Windows AD credentials against it’s
configured Troux Roles the person is
or is not assigned to
Waffle
Tomcat
Troux_B
SQL Cluster
AD Forest
Companyb.com
ServiceAccount runs the
Windows service and
brokers against coxinc in
order to see ifthe user is
in AD groups mapped to
Troux Roles
ServiceAccount
AD Forest
Companyb.com
User is granted access and
willsee designated content
based on role
Yes
User is not in any Troux roles
and will seeblank content on
the screen or a message
saying access denied
No
Is user
authorized?
User is granted access
User is granted access
2. Company A Users
Active Directory
ApplicationLayerNetworkLayer
Portfolio Instance B
Troux App Servers (A)
Virtual Server 1
Waffle
Tomcat
TrouxServer1.domainA.com
Host IP – 0.0.0.0
Data&AccessLayer
Data Storage
Troux_B
Portfolio Instance A
Company B Users
Virtual Server2
Troux App Servers (B)
Virtual Server 1
Virtual Server 2
Troux_A
Waffle
Tomcat
TrouxServer2.domainA.com
Host IP – 0.0.0.0
Waffle
Tomcat
Waffle
Tomcat
TrouxServer1.domainB.com
Host IP – 0.0.0.0
TrouxServer2.domainB.com
Host IP – 0.0.0.0
F5 Big-IP Load Balancer
VirtualPublic IP: 0.0.0.0
F5 Big-IP Load Balancer
VirtualPublic IP: 0.0.0.0
Virtual Server
Kerberos
AuthN
ActiveDirectory
Domain Forest A
Virtual Server
Kerberos
AuthN
ActiveDirectory
Domain Forest B
SQL Cluster