Internal/external order tracking system

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
13 messages Options
Reply | Threaded
Open this post in threaded view
|

Internal/external order tracking system

Sean P. DeNigris
Administrator
I want to rewrite a php order tracking system in Seaside.

Previously, it:
1. exported the mysql records from an intranet
2. uploaded them to a shared host
3. the shared host ran a cron job to import them
4. there was a read-only web interface on the shared host for customers to check their order status

I want to make it as simple as possible - I'd love to get rid of the db.  What's the best way to securely provide read access to external customers (only their orders) and read/write to all orders for employees internally?  I thought about putting it all on VPS, but what happens if the server goes down?  It would not work for the employees to be locked out for even a few hours.

Thanks.
Sean
Cheers,
Sean
Reply | Threaded
Open this post in threaded view
|

Re: Internal/external order tracking system

Kai-Uwe Pielka
Hello Sean,

you could run the whole scenario with just one Seaside image if the data volume is not too high.
There are several persistency options described in the seaside book. Personally I prefer to hold the data in the image as regular objects.
This makes developing the application pretty straight forward.

Then you build two web applications with Seaside:
1. One that only can be used by external users to check the status of their orders; you could generate a dedicated Url for each single order that directly leads to the corresponding record/object instance in your Seaside image
2. A second application that requires logon. This is used by the internal users to maintain the order status.

Maybe your order execution system even provides a webservice or other API to import the current order status automatically into your Seaside image.

Regards,
Kai-Uwe


Am 18.12.2010 um 04:46 schrieb Sean P. DeNigris:

>
> I want to rewrite a php order tracking system in Seaside.
>
> Previously, it:
> 1. exported the mysql records from an intranet
> 2. uploaded them to a shared host
> 3. the shared host ran a cron job to import them
> 4. there was a read-only web interface on the shared host for customers to
> check their order status
>
> I want to make it as simple as possible - I'd love to get rid of the db.
> What's the best way to securely provide read access to external customers
> (only their orders) and read/write to all orders for employees internally?
> I thought about putting it all on VPS, but what happens if the server goes
> down?  It would not work for the employees to be locked out for even a few
> hours.
>
> Thanks.
> Sean
> --
> View this message in context: http://forum.world.st/Internal-external-order-tracking-system-tp3093410p3093410.html
> Sent from the Seaside General mailing list archive at Nabble.com.
> _______________________________________________
> seaside mailing list
> [hidden email]
> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside

_______________________________________________
seaside mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
Reply | Threaded
Open this post in threaded view
|

Re: Internal/external order tracking system

Mariano Martinez Peck
In reply to this post by Sean P. DeNigris


On Sat, Dec 18, 2010 at 4:46 AM, Sean P. DeNigris <[hidden email]> wrote:

I want to rewrite a php order tracking system in Seaside.

Previously, it:
1. exported the mysql records from an intranet
2. uploaded them to a shared host
3. the shared host ran a cron job to import them
4. there was a read-only web interface on the shared host for customers to
check their order status

I want to make it as simple as possible - I'd love to get rid of the db.

Be more specific ;)   You want to get rid of MySQL ?  or any RDBMS ? or any database?  because I think that at some point you may need to have such objects stored somewhere.

cheers

mariano

 
What's the best way to securely provide read access to external customers
(only their orders) and read/write to all orders for employees internally?
I thought about putting it all on VPS, but what happens if the server goes
down?  It would not work for the employees to be locked out for even a few
hours.

Thanks.
Sean
--
View this message in context: http://forum.world.st/Internal-external-order-tracking-system-tp3093410p3093410.html
Sent from the Seaside General mailing list archive at Nabble.com.
_______________________________________________
seaside mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside


_______________________________________________
seaside mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
Reply | Threaded
Open this post in threaded view
|

Re: Internal/external order tracking system

Sean P. DeNigris
Administrator
Thank you both for the responses.

I guess my question is what is the best architecture for the system?  I see three options:
* run the server externally and provide logins for employees (but what happens when they lose their internet connection?)
* run the server internally and provide public access (I'm hesitant to do this because I don't do much web stuff and don't understand the security implications)
* keep two servers running and export the internal w/r system's data out to the external server at regular intervals (this seems very complicated).  If I did this, could it be done without a DB (e.g. with a reference stream)?

I've read all the docs and done the tutorials, and everything seems straightforward once the direction is set.  And I'm curious if/how people are setting up existing systems like this with Seaside.

Thanks.
Sean

Cheers,
Sean
Reply | Threaded
Open this post in threaded view
|

Re: Internal/external order tracking system

sebastianconcept@gmail.co
I really don't understand why other option than a web application could be appealing.





On Dec 18, 2010, at 12:36 PM, Sean P. DeNigris wrote:

>
> Thank you both for the responses.
>
> I guess my question is what is the best architecture for the system?  I see
> three options:
> * run the server externally and provide logins for employees (but what
> happens when they lose their internet connection?)
> * run the server internally and provide public access (I'm hesitant to do
> this because I don't do much web stuff and don't understand the security
> implications)
> * keep two servers running and export the internal w/r system's data out to
> the external server at regular intervals (this seems very complicated).  If
> I did this, could it be done without a DB (e.g. with a reference stream)?
>
> I've read all the docs and done the tutorials, and everything seems
> straightforward once the direction is set.  And I'm curious if/how people
> are setting up existing systems like this with Seaside.
>
> Thanks.
> Sean
>
>
> --
> View this message in context: http://forum.world.st/Internal-external-order-tracking-system-tp3093410p3093713.html
> Sent from the Seaside General mailing list archive at Nabble.com.
> _______________________________________________
> seaside mailing list
> [hidden email]
> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside

_______________________________________________
seaside mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
Reply | Threaded
Open this post in threaded view
|

Re: Internal/external order tracking system

Kai-Uwe Pielka
In reply to this post by Sean P. DeNigris
From the security and reliability point of view it makes no difference whether to run it internally or externally.
In any case you have to give at least one party external access to the system.

I setup my webserver in the following way:
- ordered a virtual server at a hosting provider (strato.de in Germany)
- let the hoster install a Debian linux system
- installed Seaside on this Debian system
- installed Cherokee Webserver on the Debian system as reverse proxy; this is necessary to run your site on port 80 (http) or 443 (https)
- all the traffic receives port 80/443 on the Cherokee Webserver and is forwarded to Seaside

What you need in addition is a server certificate to run https - I guess you need secure login for your application, right?

Kai-Uwe


Am 18.12.2010 um 15:36 schrieb Sean P. DeNigris:

>
> Thank you both for the responses.
>
> I guess my question is what is the best architecture for the system?  I see
> three options:
> * run the server externally and provide logins for employees (but what
> happens when they lose their internet connection?)
> * run the server internally and provide public access (I'm hesitant to do
> this because I don't do much web stuff and don't understand the security
> implications)
> * keep two servers running and export the internal w/r system's data out to
> the external server at regular intervals (this seems very complicated).  If
> I did this, could it be done without a DB (e.g. with a reference stream)?
>
> I've read all the docs and done the tutorials, and everything seems
> straightforward once the direction is set.  And I'm curious if/how people
> are setting up existing systems like this with Seaside.
>
> Thanks.
> Sean
>
>
> --
> View this message in context: http://forum.world.st/Internal-external-order-tracking-system-tp3093410p3093713.html
> Sent from the Seaside General mailing list archive at Nabble.com.
> _______________________________________________
> seaside mailing list
> [hidden email]
> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside

_______________________________________________
seaside mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
Reply | Threaded
Open this post in threaded view
|

Re: Internal/external order tracking system

Sean P. DeNigris
Administrator
In reply to this post by sebastianconcept@gmail.co
Sebastian Sastre wrote
I really don't understand why other option than a web application could be appealing.
I'm not quite sure what you mean, would you say more?

It's going to be a web app.  The question is whether to have it on the local network, remotely (VPS), or two web apps (a local that passes data to the remote for customers)

Sean
Cheers,
Sean
Reply | Threaded
Open this post in threaded view
|

Re: Internal/external order tracking system

Sean P. DeNigris
Administrator
In reply to this post by Kai-Uwe Pielka
Kai-Uwe Pielka wrote
I setup my webserver in the following way:
- ordered a virtual server at a hosting provider (strato.de in Germany)
What do the internal employees do if the VPS is unavailable for a while (e.g. server down, internet connection down, etc.)?

Kai-Uwe Pielka wrote
What you need in addition is a server certificate to run https - I guess you need secure login for your application, right?
https couldn't hurt, but the information currently is not trade secrets.  It'd probably be enough to make sure customers are restricted to their own orders, and that the data is backed up.

Sean
Cheers,
Sean
Reply | Threaded
Open this post in threaded view
|

Re: Internal/external order tracking system

sebastianconcept@gmail.co
In reply to this post by Sean P. DeNigris
What is the practical difference in the downtime your users will get from being in the cloud versus having the same web app in their LAN?
Downtime could happen for millions of reasons anyway. Why do you think that using the LAN is going to do any substantial difference for the better?


On Dec 18, 2010, at 5:54 PM, Sean P. DeNigris wrote:

>
>
> Sebastian Sastre wrote:
>>
>> I really don't understand why other option than a web application could be
>> appealing.
>>
>
> I'm not quite sure what you mean, would you say more?
>
> It's going to be a web app.  The question is whether to have it on the local
> network, remotely (VPS), or two web apps (a local that passes data to the
> remote for customers)
>
> Sean
> --
> View this message in context: http://forum.world.st/Internal-external-order-tracking-system-tp3093410p3093957.html
> Sent from the Seaside General mailing list archive at Nabble.com.
> _______________________________________________
> seaside mailing list
> [hidden email]
> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside

_______________________________________________
seaside mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
Reply | Threaded
Open this post in threaded view
|

Re: Internal/external order tracking system

Sean P. DeNigris
Administrator
Sebastian Sastre wrote
Why do you think that using the LAN is going to do any substantial difference for the better?
I have no idea what I'm talking about - that's why I'm asking you guys ;-)

We had a 5 year streak of no business-hours downtime on the internal server, and when it failed we didn't have to wait for a vendor.  But I wanted to get opinions from the experts, and it seems everyone's comfortable with the cloud for this type of thing.

So I'm going to fly into the cloud and see how it goes.

Thank you all for the input.
Sean
Cheers,
Sean
Reply | Threaded
Open this post in threaded view
|

Re: Internal/external order tracking system

sebastianconcept@gmail.co
welcome to the 'learn as you go' world :)

It's never been easier to get a server in a decent datacenter for a very low price. With it and your ssh terminal you only have to design things in a way that you only depend on them to press the reset button (which in normal operations you don't even need it) (or format and install the OS at the beginning of the service) (or something went too bad on hardware). You can admin it via ssh forgetting about hardware issues (because they care if shit happens) and stay focused on architecture and the app itself.




On Dec 18, 2010, at 7:41 PM, Sean P. DeNigris wrote:

>
>
> Sebastian Sastre wrote:
>>
>> Why do you think that using the LAN is going to do any substantial
>> difference for the better?
>>
> I have no idea what I'm talking about - that's why I'm asking you guys ;-)
>
> We had a 5 year streak of no business-hours downtime on the internal server,
> and when it failed we didn't have to wait for a vendor.  But I wanted to get
> opinions from the experts, and it seems everyone's comfortable with the
> cloud for this type of thing.
>
> So I'm going to fly into the cloud and see how it goes.
>
> Thank you all for the input.
> Sean
> --
> View this message in context: http://forum.world.st/Internal-external-order-tracking-system-tp3093410p3094025.html
> Sent from the Seaside General mailing list archive at Nabble.com.
> _______________________________________________
> seaside mailing list
> [hidden email]
> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside

_______________________________________________
seaside mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
Reply | Threaded
Open this post in threaded view
|

Re: Internal/external order tracking system

Phil
In reply to this post by Sean P. DeNigris
Hi Sean,

For a truly next-gen solution, check out GLASS (http://seaside.gemstone.com/).

You'll be rid of the RDBMS legacy forever :) There are many deployment options as GemStone is a world-class solution. I've been running a GS solution for many years and it has NEVER stopped working unexpectedly.

Cheers,

Phil
On 18/12/2010, at 2:46 PM, Sean P. DeNigris wrote:

>
> I want to rewrite a php order tracking system in Seaside.
>
> Previously, it:
> 1. exported the mysql records from an intranet
> 2. uploaded them to a shared host
> 3. the shared host ran a cron job to import them
> 4. there was a read-only web interface on the shared host for customers to
> check their order status
>
> I want to make it as simple as possible - I'd love to get rid of the db.
> What's the best way to securely provide read access to external customers
> (only their orders) and read/write to all orders for employees internally?
> I thought about putting it all on VPS, but what happens if the server goes
> down?  It would not work for the employees to be locked out for even a few
> hours.
>
> Thanks.
> Sean

_______________________________________________
seaside mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
Reply | Threaded
Open this post in threaded view
|

Re: Internal/external order tracking system

Frank Shearar
In reply to this post by sebastianconcept@gmail.co
If you have the luxury of living in a country where you can take your
ISP's uptime for granted, that makes perfect sense.

As long as that really is the case.

If not, then Sean's plan of having a local network thing and a web apps
thing that can talk to each other makes a whole lot of sense, especially
when downtime means your business can't operate at all.

frank

On 2010/12/18 21:32, Sebastian Sastre wrote:

> What is the practical difference in the downtime your users will get from being in the cloud versus having the same web app in their LAN?
> Downtime could happen for millions of reasons anyway. Why do you think that using the LAN is going to do any substantial difference for the better?
>
>
> On Dec 18, 2010, at 5:54 PM, Sean P. DeNigris wrote:
>
>>
>>
>> Sebastian Sastre wrote:
>>>
>>> I really don't understand why other option than a web application could be
>>> appealing.
>>>
>>
>> I'm not quite sure what you mean, would you say more?
>>
>> It's going to be a web app.  The question is whether to have it on the local
>> network, remotely (VPS), or two web apps (a local that passes data to the
>> remote for customers)
>>
>> Sean
>> --
>> View this message in context: http://forum.world.st/Internal-external-order-tracking-system-tp3093410p3093957.html
>> Sent from the Seaside General mailing list archive at Nabble.com.
>> _______________________________________________
>> seaside mailing list
>> [hidden email]
>> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
>
> _______________________________________________
> seaside mailing list
> [hidden email]
> http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside
>
>

_______________________________________________
seaside mailing list
[hidden email]
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/seaside