In regards to security, using PHP up front has a huge number of risks.
It is far better than it used to be, but I have to quarterly update our
PHP servers to maintain VISA/MC PCI compliance. It is never needed with
WebObjects because of the original design.
Ultimately in this kind of scenario, both for security and performance
what you want is:
WWW --> AppServers --> Database
Its called a '3-tier architecture' and is well known both for security
and scalability.
Finally, in regards to matters, WebObjects is java based, so there is
over head since its bytecode interpreted, but similar matters exist with
PHP.
The nice thing about the 3-tier architecture, is that if you find one
part of the tier has performance issues, you just add more hardware, and
on a medium+ sized installation, you probably have redundant hardware
anyway? Typically, the hard work (business logic, dynamic HTML) is done
at the app server layer which with WebObjects is so incredibly easy to
make redundant it is amazing. Redundancy at the WWW and DB layers
simply follows traditional network and are usually done to fit budget.
In regards to the 'linux port' being a hack and security issues, well, I
would simply suggest that the adaptor is open source, and if folks can
show a flaw in it, then please let us all know so it can be quickly
patched - just like linux :)
On your overall scalability issues, you will find it easier to grow
things, you and your company's options will be much wider, with a 3-tier
architecture.
Oh, one more part, writing WebObjects code is not quite as quick and
easy as writing PHP code, but it is designed to scale. For instance,
your MySQL connections, most DB connectivity is read-only, and the EOF
cache management system when implemented properly, actually takes a huge
load off the database and move it to the middle tier, which again,
easily scales.
My 2-cents. I'd love to hear back from folks if anything has changed in
regards to this basic deployment pattern.
- mike
ute Hoffmann wrote:
Hallo,
a possible clients provider said, that they have fear that a
WebObjects App on a LInux would be a
security problem. As the port to Linux is really a hack it would pose
problems with the possibility of teh server
being hacked because of that.
Can someone who deploys on Linux (in my case debian, but... I suppose
the linux breed is not relevant here)
please comment on that. Are there measures I can take to ensure, there
is no security risk coming from this setup?
I was also told, they feared a performance problem if a WebObjects app
would connect to the mysql database
they build (which is used for other purposes as well). Has anyone
experience with a App with higher traffic
(about 240.000 hits per day, most of that read only. About 3000
concurrent users). Can a WebObjects app pose a problem
to database performace in such a case (or in any case)?
I was advised to let the website programm in php instead (preferably
by the provider itself, I think, but that was not said, of course).
Would php have any advantages in respect to the database performance
(or to performance in general)?
Or would it have a clear advantage in respect to security (what I
really doubt, php can be as insecure as anything else, depending on
the usage).
Any hints welcome.
Thanks a lot!
Regards,
Ute
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-deploy mailing list (Webobjects-deploy@lists.apple.com)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/webobjects-deploy/michael%40deman.com
This email sent to [EMAIL PROTECTED]
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Webobjects-deploy mailing list (Webobjects-deploy@lists.apple.com)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/webobjects-deploy/archive%40mail-archive.com
This email sent to [EMAIL PROTECTED]
