Help in understanding what is Reverse Invoking

Can anyone help me understand what is Reverse Invoking of Servers is?




RI is an approach for increasing the security of webMethods integration servers.

It involves deploying a dedicated IS server in an organization’s DMZ between the inner and outer firewalls. RI works by having an IS server inside the firewall establish a (mostly) permanent connection with the RI server.

Documents posted by external customers or partners go to the “proxy port” on the RI server where they are read in their entirety and converted to a proprietary message format that is sent across the previously established connection to the internal server. Replies are first sent to the RI server before being returned to partner. External http get/posts follow a similar path.

The increased security is achieved by allowing an organization’s network security group to configure the inner firewall to deny all inbound requests.

IMHO, this increased security goal is not really achieved if the DMZ is shared by other web or application servers that require inbound “holes” through the firewall.

RI increases architecture complexity and can be a performance bottleneck in certain usage scenarios (e.g. large docs). Without using a third-party load balancer / content switch, it does not support having a single virtual IP address for multiple internal servers. RI does not support FTP or SMTP.

Organizations that have not purchased an enterprise-wide license will also need to license the RI servers separately. For at least one customer, this was not cost-effective when compared to other security approaches.

Finally, if your organization runs IS (and therefore RI) on Windows platforms, you have to carefully manage the endless parade of security updates to be sure that you are not actually reducing your security by adding a windows box to the DMZ. (You can always run RI on your favorite Unix flavor to address this).

The IS Administrator’s Guide provides a good overview of the Reverse Invoke server and covers most of these limitations in adequate detail.



Thank you very much Mark,


This question I think is related to this thread.

I have a client running IS 4.6 (actually SAP BC) and their internal processes are fine. They now want to offer external access via https to .dsp pages, BUT are very security paranoid. I have offered RI and passed them much documentation. The security team have asked me:

“Mention is made on pages 139-140 (SAP BC 4.7 Admin guide)of “messages” flowing from the “reverse invoke” BC Server in the DMZ to the BC Server inside the firewalled network. I would like to see a list of valid message types that can pass across this interface. If the receiving software can interpret insecure and/or generic commands then this would be a security violation.”

can anyone help me with these ‘message types’ or the insecure/generic commands. I cannot find any detailed documentation on this, or elsewhere on wmusers