since this is not a very good architecture
from several point of views
It would be helpful if you name these explicitly. While it is well
known that adding another level of indirection can solve any
problem, it is good to know what a problem is.
In any case, I also think CGI/WSGI/FCGI/HTTP is an easier
and safer way than building Apache module. JSON or not depends on
data you have; it's ok for small independent records.
--
With Best Regards,
Marat Khalili
On 29/11/2015 16:12, Torge Riedel
wrote:
Dear
list,
I'm faced with the following "architecture" of an application:
- Linux Server (small VM) with MySQL-DB, accessible via SSL from
outside of the server, access is limited to a set of users
- Client is a .NET-Application connecting to the DB with one user
for each installation
since this is not a very good architecture from several point of
views I am thinking about changing it:
- develop own Apache module offering REST services (one endpoint
(resource part of url) for each operation)
- use JSON as data format for GET/POST requests
- let Apache handle SSL and authentication (authentication in the
meaning of "general access" to the services)
- manage permissions to protected data in DB and handle
authentication to access this data by the new Apache module
The decision to develop an Apache module instead of using
Tomcat/Java is to avoid additional load on server, since Apache is
already active. And I'm a C/C++ geek but not for Java. ;-)
Questions to the list:
- Am I one the right way?
- Is there something missing from the security point of view?
- Is there something pre-compiled for parsing JSON data in Apache
modules (didn't find something, only Apache independent libs)
Thanks in advance
Torge
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|
