[sean]

The server/client layout that I have is a single server in a trusted area, and several servers in untrusted areas. I need the server to make connections out (never in), and lock in the connection. For example, I thought of creating a proxy on the central server, and passing the proxy as an argument while connecting out to the outside servers, who could then use the proxy to access the central server.

For example, in the central server:
local_proxy = adapter->add( foo, bar );
proxy_to_untrusted_server = stringToProxy( blah );
proxy_to_untrusted_server->hand_it_proxy( local_proxy );

And in the server in untrusted land:
hand_it_proxy( Prx &p )
{
store_someplace( p );
}
...and later...
p->access_to_secure_server()

However, when the satellite servers in untrusted territory use the proxy, do they end up making additional connection -into- the trusted zone, under the hood? Because that will be blocked by the firewall. How can I structure this setup most efficiently?
--Sean