You need a security policy.
Say you have this topology:
Configure this:
set security-zone OUTSIDE interfaces ge-0/0/1.0
set security-zone WEB interfaces ge-0/0/2.0
set from-zone OUTSIDE to-zone WEB policy 1 match source-address any
set from-zone OUTSIDE to-zone WEB policy 1 match destination-address WEB SERVER
set from-zone OUTSIDE to-zone WEB policy 1 match application CUSTOM-WEB
set from-zone OUTSIDE to-zone WEB policy 1 then permit
set security address-book global address WEB-SERVER 10.1.1.1
set applications application CUSTOM-WEB protocols tcp
set applications application CUSTOM-WEB destination port 8080
set applications application CUSTOM-WEB application-protocol http
HTH,