Extranet and SQL Server Design
#1
Scooby Regular
Thread Starter
Join Date: Mar 2002
Location: Herts
Posts: 327
Likes: 0
Received 0 Likes
on
0 Posts
Steven - yes i do mean http.
sorry to sound daft, but i cant quite get the picture of your solution ... is it SQL Server inside my network, with a proxy sitting on the outside world. The user interface talks to the proxy which securly retrieves and updates data?
*****......|........*******.........****
*SQL*..<-- | -->..*proxy*.<--->.*UI*
*****......|........*******.........****
the web design stuff is all abit new to me and it is hard to know where to start reading.
thanks again
[Edited by Scotty Boy - 9/3/2003 12:04:29 PM]
sorry to sound daft, but i cant quite get the picture of your solution ... is it SQL Server inside my network, with a proxy sitting on the outside world. The user interface talks to the proxy which securly retrieves and updates data?
*****......|........*******.........****
*SQL*..<-- | -->..*proxy*.<--->.*UI*
*****......|........*******.........****
the web design stuff is all abit new to me and it is hard to know where to start reading.
thanks again
[Edited by Scotty Boy - 9/3/2003 12:04:29 PM]
#2
Scooby Regular
Thread Starter
Join Date: Mar 2002
Location: Herts
Posts: 327
Likes: 0
Received 0 Likes
on
0 Posts
Hi,
The current set up is a network SQL Server. A SQL Server database is replicated OUT of the internal network to an extranet SQL Server. All WWW reporting runs from the extranet box.
A new requirement has arisen. The WWW reporting now needs to be able to update SQL Server data.
What is the most secure way of getting modified extranet SQL Server data back IN to the internal SQL Server? Does anyone have any experience in these designs? A few pointers would be greatly appreciated to begin my investigations
many thanks
Scott
The current set up is a network SQL Server. A SQL Server database is replicated OUT of the internal network to an extranet SQL Server. All WWW reporting runs from the extranet box.
A new requirement has arisen. The WWW reporting now needs to be able to update SQL Server data.
What is the most secure way of getting modified extranet SQL Server data back IN to the internal SQL Server? Does anyone have any experience in these designs? A few pointers would be greatly appreciated to begin my investigations
many thanks
Scott
#3
Scooby Regular
When you say 'WWW' you just mean over http?
You'll need something listening on the outside world. That should _not_ be SQL server An authenticating proxy sitting in the middle is what you need, you could just talk XML or something and have that insert the data into SQL Server.
You'll need something listening on the outside world. That should _not_ be SQL server An authenticating proxy sitting in the middle is what you need, you could just talk XML or something and have that insert the data into SQL Server.
#4
Scooby Regular
That's exactly it. You can't put SQL Server on the outside world for obvious reasons (slammer wasn't that long ago), so you need a abstraction layer to authenticate (and control acces with your firewall as well, is your extranet a DMZ or public Internet?) and look after receiving data from your web app, and putting it into SQL Server.
How you decide on the details exactly will be determined on how you are currently using the web app for reporting.
How you decide on the details exactly will be determined on how you are currently using the web app for reporting.
#5
Scooby Regular
Thread Starter
Join Date: Mar 2002
Location: Herts
Posts: 327
Likes: 0
Received 0 Likes
on
0 Posts
Hi Steven,
The extranet is a public internet, to which the user can run reports and update data accordingly.
So it seems like i need to do some homework regarding;
1. security on the public internet user interface.
2. understanding the best abstraction layer.
thank you so much for the pointers, now to book worm it up
scott
The extranet is a public internet, to which the user can run reports and update data accordingly.
So it seems like i need to do some homework regarding;
1. security on the public internet user interface.
2. understanding the best abstraction layer.
thank you so much for the pointers, now to book worm it up
scott
#6
Scooby Regular
You'll need something to authenticate (who the user is), authorise (is that user allowed to access this site), then do the work. Something as simple as Apache + CGI could do the updating. You just need to make sure only those allowed can do it
#7
Scooby Regular
Thread Starter
Join Date: Mar 2002
Location: Herts
Posts: 327
Likes: 0
Received 0 Likes
on
0 Posts
OK, methods of authentication and authorisation being ...???
... a log on screen to access the web site, with username and password communication using https rather than http, and stored in a database?
scott
... a log on screen to access the web site, with username and password communication using https rather than http, and stored in a database?
scott
Trending Topics
#8
Scooby Regular
Depends on a load of things, mainly:
If you're not expecting a shed load of traffic, you could do the lot over https and use basic HTTP authentication.
If your users need to "log out" you can't do that with basic auth, you'll need to set a cookie.
Work out where you want to get to, what you have, then work backwards. you have many, many options for doing it (apache, soap, etc) and none of the software will cost anything, but it will be a steep learning curve if you've not done it before!
If you're not expecting a shed load of traffic, you could do the lot over https and use basic HTTP authentication.
If your users need to "log out" you can't do that with basic auth, you'll need to set a cookie.
Work out where you want to get to, what you have, then work backwards. you have many, many options for doing it (apache, soap, etc) and none of the software will cost anything, but it will be a steep learning curve if you've not done it before!
#9
Scooby Regular
Thread Starter
Join Date: Mar 2002
Location: Herts
Posts: 327
Likes: 0
Received 0 Likes
on
0 Posts
Steven
Web development is new to me, so i am in for that steep learning curve but that is half the fun too !!!!
OK, off to the drawing board
thank you so much for your time, so greatly appreciated and most helpful.
kind regards
scott
Web development is new to me, so i am in for that steep learning curve but that is half the fun too !!!!
OK, off to the drawing board
thank you so much for your time, so greatly appreciated and most helpful.
kind regards
scott
Thread
Thread Starter
Forum
Replies
Last Post
oilman
Trader Announcements
15
01 October 2015 11:55 AM