Re: Web Server - How Useful is It?
I don't know what you mean by Desktop Hybrid and I see the last two as the same. Browser-based or web-enabled, whatever we call it, it's still being served up by the WAS. How that WAS server is accessed is irrelevant. Matters not if only on the LAN or from the WAN, internet, web, whatever. And Ken's point about server security appropriate for any type of network.
Of course, if you have a properly fire-walled network it may be less critical to set up the security at the app level if ONLY allowing LAN access. I suppose this is a matter for debate. I would suggest that network guys would say setup the security anyway.
In my current desktop application I do not have a special security framework set up. If you get on my network you could mess with my database. Network security guys would freak. But this is one of the risks I take as a do-it-yourself developer. I have the LAN firewalled and have never had an intruder. I have some ports opened for my use only. But if someone targeted me I couldn't stop them.
I think I will have a better chance of securing my application and data using the WAS. Since I am not a programmer I don't quite understand how to do this on the desktop side. I get lost in the process. But the WAS and the A5 web components have a built-in security system. I'm not sure how robust these are but it's better than what I have now with my desktop app.
This may not be an issue for a professional developer but I have limited programming skills. From my point of view I favor using the WAS since it seems to be more future oriented. I like the desktop and it is not as hard as the WAS approach but I am afraid I am playing with fire when considering the security angle. Plus, I really want easy access to my data from anywhere. For me, the browser-based apps will eventually replace the desktop apps.
Sean
I don't know what you mean by Desktop Hybrid and I see the last two as the same. Browser-based or web-enabled, whatever we call it, it's still being served up by the WAS. How that WAS server is accessed is irrelevant. Matters not if only on the LAN or from the WAN, internet, web, whatever. And Ken's point about server security appropriate for any type of network.
Of course, if you have a properly fire-walled network it may be less critical to set up the security at the app level if ONLY allowing LAN access. I suppose this is a matter for debate. I would suggest that network guys would say setup the security anyway.
In my current desktop application I do not have a special security framework set up. If you get on my network you could mess with my database. Network security guys would freak. But this is one of the risks I take as a do-it-yourself developer. I have the LAN firewalled and have never had an intruder. I have some ports opened for my use only. But if someone targeted me I couldn't stop them.
I think I will have a better chance of securing my application and data using the WAS. Since I am not a programmer I don't quite understand how to do this on the desktop side. I get lost in the process. But the WAS and the A5 web components have a built-in security system. I'm not sure how robust these are but it's better than what I have now with my desktop app.
This may not be an issue for a professional developer but I have limited programming skills. From my point of view I favor using the WAS since it seems to be more future oriented. I like the desktop and it is not as hard as the WAS approach but I am afraid I am playing with fire when considering the security angle. Plus, I really want easy access to my data from anywhere. For me, the browser-based apps will eventually replace the desktop apps.
Sean
Originally posted by forskare
View Post
Comment