Dear list,
I'm faced with the following "architecture" of an application:
- Linux Server (small VM) with MySQL-DB, accessible via SSL from outside of the server, access is limited to a set of users
- Client is a .NET-Application connecting to the DB with one user for each installation
since this is not a very good architecture from several point of views I am thinking about changing it:
- develop own Apache module offering REST services (one endpoint (resource part of url) for each operation)
- use JSON as data format for GET/POST requests
- let Apache handle SSL and authentication (authentication in the meaning of "general access" to the services)
- manage permissions to protected data in DB and handle authentication to access this data by the new Apache module
The decision to develop an Apache module instead of using Tomcat/Java is to avoid additional load on server, since Apache is already active. And I'm a C/C++ geek but not for Java. ;-)
Questions to the list:
- Am I one the right way?
- Is there something missing from the security point of view?
- Is there something pre-compiled for parsing JSON data in Apache modules (didn't find something, only Apache independent libs)
Thanks in advance
Torge
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|