Putting it all together Dynamic Data Base Access and Authentication Norman White Stern School of Business.

Slides:



Advertisements
Similar presentations
DIGIDOC A web based tool to Manage Documents. System Overview DigiDoc is a web-based customizable, integrated solution for Business Process Management.
Advertisements

Browsers and Servers CGI Processing Model ( Common Gateway Interface ) © Norman White, 2013.
Active Directory: Final Solution to Enterprise System Integration
Copyright 2004 Monash University IMS5401 Web-based Systems Development Topic 2: Elements of the Web (g) Interactivity.
Browsers and Servers CGI Processing Model ( Common Gateway Interface ) © Norman White, 2013.
Server-Side vs. Client-Side Scripting Languages
15 Chapter 15 Web Database Development Database Systems: Design, Implementation, and Management, Fifth Edition, Rob and Coronel.
B.Sc. Multimedia ComputingMedia Technologies Database Technologies.
Kashif Jalal CA-240 (072) Web Development Using ASP.NET CA – 240 Kashif Jalal Welcome to week – 2 of…
Outline IS400: Development of Business Applications on the Internet Fall 2004 Instructor: Dr. Boris Jukic Server Side Web Technologies: Part 2.
Week 2 IBS 685. Static Page Architecture The user requests the page by typing a URL in a browser The Browser requests the page from the Web Server The.
Performed by:Gidi Getter Svetlana Klinovsky Supervised by:Viktor Kulikov 08/03/2009.
1 CS6320 – Why Servlets? L. Grewe 2 What is a Servlet? Servlets are Java programs that can be run dynamically from a Web Server Servlets are Java programs.
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
Computer Science 101 Web Access to Databases Overview of Web Access to Databases.
2440: 141 Web Site Administration Web Server-Side Programming Professor: Enoch E. Damson.
Part or all of this lesson was adapted from the University of Washington’s “Web Design & Development I” Course materials.
Slide 1 of 9 Presenting 24x7 Scheduler The art of computer automation Press PageDown key or click to advance.
Server Side Scripting Norman White. Where do we do processing? Client side – Javascript (embed code in html) – Java applets (send java program to run.
Sys Prog & Scripting - HW Univ1 Systems Programming & Scripting Lecture 15: PHP Introduction.
BASIC NETWORK CONCEPTS (PART 6). Network Operating Systems NNow that you have a general idea of the network topologies, cable types, and network architectures,
1 Web Database Processing. Web Database Applications Static Report Publishing a report is prepared from a database application and exported to HTML DB.
 2000 Deitel & Associates, Inc. All rights reserved. Chapter 24 – Web Servers (PWS, IIS, Apache, Jigsaw) Outline 24.1Introduction 24.2Microsoft Personal.
Dynamic Web Sites Chris North cs3724: HCI. Presentations matt ketner, sam altman, mike gordon Vote: UI Hall of Fame/Shame?
ASP.NET Dr. Ralph Westfall May, Web Development Problem HTML designed to display static pages only interactive when user clicks links  can’t provide.
Chapter 33 CGI Technology for Dynamic Web Documents There are two alternative forms of retrieving web documents. Instead of retrieving static HTML documents,
Server-side Scripting Powering the webs favourite services.
Basics of Web Databases With the advent of Web database technology, Web pages are no longer static, but dynamic with connection to a back-end database.
Data-Enabled Web Sites: Classibooks.com & Internet Database Technologies Colin Fukai April 4, 2000 Gonzaga University.
About Dynamic Sites (Front End / Back End Implementations) by Janssen & Associates Affordable Website Solutions for Individuals and Small Businesses.
CIS 375—Web App Dev II Microsoft’s.NET. 2 Introduction to.NET Steve Ballmer (January 2000): Steve Ballmer "Delivering an Internet-based platform of Next.
Introduction to Internet Programming (Web Based Application)
11/16/2012ISC329 Isabelle Bichindaritz1 Web Database Application Development.
COLD FUSION Deepak Sethi. What is it…. Cold fusion is a complete web application server mainly used for developing e-business applications. It allows.
Web Programming: Client/Server Applications Server sends the web pages to the client. –built into Visual Studio for development purposes Client displays.
Web Server Administration Chapter 7 Installing and Testing a Programming Environment.
1 Accelerated Web Development Course JavaScript and Client side programming Day 2 Rich Roth On The Net
Open Internet Explorer Go to: my.ccsd.net Type YOUR InterAct username and password. Then Submit Query.
Introduction to ColdFusion Yu Fu 2003 MEC Candidate.
Putting it all together Dynamic Data Base Access Norman White Stern School of Business.
Web Pages with Features. Features on Web Pages Interactive Pages –Shows current date, get server’s IP, interactive quizzes Processing Forms –Serach a.
_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.
CGI Common Gateway Interface. CGI is the scheme to interface other programs to the Web Server.
1 CS122B: Projects in Databases and Web Applications Spring 2015 Notes 03: Web-App Architectures Professor Chen Li Department of Computer Science CS122B.
1 MSCS 237 Overview of web technologies (A specific type of distributed systems)
Web Pages with Features. Features on Web Pages Interactive Pages –Shows current date, get server’s IP, interactive quizzes Processing Forms –Serach a.
NMD202 Web Scripting Week5. What we will cover today PHP & MySQL Displaying Dynamic Pages Exercises Modifying Data PHP Exercises Assignment 1.
Implementing and Using the SIRWEB Interface Setup of the CGI script and web procfile Connecting to your database using HTML Retrieving data using the CGI.
Web Technologies Lecture 8 Server side web. Client Side vs. Server Side Web Client-side code executes on the end-user's computer, usually within a web.
WEB SERVER SOFTWARE FEATURE SETS
The business logic engine for Microsoft IIS Speaker T.M. Arnett.
ASP-2-1 SERVER AND CLIENT SIDE SCRITPING Colorado Technical University IT420 Tim Peterson.
Java Servlets and Java Server Pages
8 th Semester, Batch 2009 Department Of Computer Science SSUET.
ASP.NET WEB Applications. ASP.NET  Web application framework developed by Microsoft  Build dynamic data driven web applications and web services  Subset.
PHP is a server scripting language, and a powerful tool for making dynamic and interactive Web pages. PHP is a widely-used, free, and efficient alternative.
Server Performance, Scaling, Reliability and Configuration Norman White.
CGS 3066: Web Programming and Design Spring 2017
Tonga Institute of Higher Education IT 141: Information Systems
Haritha Dasari Josue Balandrano Coronel -
PHP / MySQL Introduction
Web Development Using ASP .NET
Tonga Institute of Higher Education IT 141: Information Systems
Content of Presentation
Tonga Institute of Higher Education IT 141: Information Systems
Introduction of Week 11 Return assignment 9-1 Collect assignment 10-1
Tutorial 6 PHP & MySQL Li Xu
World Wide Web Components
Web Application Development Using PHP
Presentation transcript:

Putting it all together Dynamic Data Base Access and Authentication Norman White Stern School of Business

Advanced Web Solutions Question – How do I add the capability to query/update a data base from a WEB page Answers – Need a Client/Server data base Oracle, SQL Server tec. – Need tools to access data base Active Server pages PERL JAVA (JDBC) Java Servlets Cold Fusion Etc…

Data Driven WEB Pages Many business applications depend on knowledge of the current environment which is often available in a database somewhere Need to “WEB-Enable” applications, so customer, supplier etc. can interact directly with a companies database. Database changes are automatically immediately available on web site

Example Active Server Pages ASP files are Visual Basic or Java programs which can be mixed with HTML The WEB server executes the ASP code as it generates the WEB page. – Code runs on the Server side, client never sees it – Code can dynamically access/update one or more databases Only runs on Microsoft web servers, but similar applications run cross platform (PHP, Cold Fusion, Java Servlets etc.)

Simple ASP Example Hello.asp – What Day is it? – Hello, Today is Bye

ASP Database Access Results <% SQL = “SELECT * FROM CUSTOMERS;” Set DBOBJ = server.createobject(“adodb.connection”) Dbobj.open=“dsn=nwind;uid=;pid=;” Set oRS = DBOBJ.execute(SQL) %>

Continued Customers

Output Customers – Id1, Company1 – Id2, Company2 – … – Idn, CompanyN

How do we handle FORMs in ASP GET form – Var = REQUEST.QUERYSTRING(“field”); Eg <% userid = request.querystring(“userid”) Response.write( “Your userid is “ & userid %> REQUEST.FORM returns POST parameters – Retrieves the userid field from the form for usage in the ASP program

But what good is all this? Things get interesting if some of the fields in my database contain links to URLs Now I can have a database that maintains information about web objects I can allow user to select certain search characteristics To update info, I update the database, and the links are automatically generated

example You have a music collection of a bunch of mp3 files which you keep adding to. You maintain information about your collection in a database Your database – Song Table Artist Id, album name, record label, date of release, type of music,name of song, link to MP3 file – Artist Table Artist name, bio, link to picture

Your application Web page with form that allows users to choose selection criteria ASP file processes form and retrieves a list of links that point to songs that satisfy selection User clicks on link and song plays

Additional Applications Add a song Add an artist Delete a song Delete an artist Update a song

Conclusion Simple ASP files can be very powerful WEB code doesn’t grow as data grows Once built, no maintenance (except for updating the database, which in many cases is already being done) Easy to “web enable” existing database applications

Server Side Scripting Languages Which support DB Access ASP (Visual Basic, JavaScript) C++ and C# coming soon. Cold Fusion (CFM files) PhP (Free open source solution, runs on Unix, Linux, NT) Supports all major databases PERL DBI (Data Base Interface) Java, Javascript Servlets

How do you identify server side scripting In most cases, the language processors become PART of the WEB browser. Dramatically reduces overhead involved with running a separate program (ala CGI)

Other Alternative JDBC – Java Data Base Connectivity – Allow Java applet to directly connect to a remote database – Problems …. Security (java can only connect back to server its code came from) Overhead for connection(s) across internet Depends on users browser being able to handle java – Best use is within an intranet….

PHP PHP is more powerful than ASP, and has direct support for a number of major databases PHP runs on almost all web servers PHP is free! Downside is documentation is weak, and the programming environment complex. Better for big, complex projects

Simple PHP Program PHP Test "; ?> OR –

Cold Fusion Cold Fusion is a platform independent development system similar to ASP Runs on Windows or Unix Includes Custom IDE (integrated development environment) Some extra features include replication and rollover – You can replicate cold fusion sites for better performance, and you can have one site back up another site in case one fails.

Other development environments Java Servlets Java Server Pages They allow reusable components and a write once run anywhere environment.

Advanced Features Authentication State maintenance Reusability Application integration – – …

Authentication How does web application control user access? Some methods –.htaccess files These are files located in a folder that are used to control access to the folder by the web server – LDAP server (Lightweight Directory Access Protocol) Uses separate servers for authentication, and maintenance of global information to be shared across many applications and systems – ADS Active Directory Service Microsoft supported directory information, cam integrate with LDAP and Novell – NDS Novell Directory Service Originally designed for Novell LAN directory access, now used for enterprise-wide directory services

Authentication.htaccess files – Pro Can be supported by individual web developers with any centralized overhead. – Con May end up with users have many different userids and passwords. Not really suitable for an intranet environment

.htaccess example Assume a directory structure of restricted content that you want to restrict to “authenticated” users. Have users fill out form with their address, and desired userid. password to them with a link to a cgi script that allows them to change password.

.htaccess example AuthUserFile /export/grad/a/aab211/public_html/websys/.htpasswd AuthGroupFile /dev/null AuthName Somewhere.com's Secret Section AuthType Basic require valid-user

Example.htaccess file describes authentication details and location of htpasswd file.htaccess file placed in the directory it controls, by default controls all lower level directories also. Htpasswd file can be anywhere Htpasswd program used to updated htpasswd file Htpasswd file encrypted

Maintaining htpasswd file htpasswd –c passwordfile username – Creates a new htpasswd file and adds a username to it, prompting for the password – Htpasswd passwordfile username adds a user – Htpasswd –b passwordfile username password Creates or updates username password

CGI Script to add user Script one – htadduser.sh User fills out form with desired username and address Shell script adduser.sh –grep.htpasswd file for username If username exists, issue error Else, generate random password –Issue htpaaasswd –b username passwd – adrees with username and password and link to files. –Add username and address to userid file

Changepass.sh Allows user to change password This script should be restricted directory Logic: – Display form with userid, desired password – Take form input (using POST … Why) – Issue htpasswd –b passwordfile username newpassword

Requestnewpassword What if user forgets the userid, password? Requestpass.sh – grep userid file for address, username – Cut userid and – Generate new random password, to user – Watch out, since web server is creating.htpasswd file, anyone can read it (but it is encrypted) – Solution don’t allow users to request.htaccess or.htpasswd

LDAP LDAP servers allow different types of authentication and tools LDAP server can be viewed as a hierarchical or relational data base which can be updated, queried etc. Can be used to handle a variety of global info like userids, passwords, home directories, phone numbers, majors etc. Supported by both Novell and Microsoft as well as Unix, Linux etc. One of the best approaches to Enterprise-wide authentication for web, , LAN etc.

NDS Probably first major directory service, due to the fact that many organizations had very large user populations that needed to be authenticated enterprise-wide. (Stern has > 12,000 users) Recent additions allow Novell to authenticate to LDAP.

ADS Active Directory Services Microsoft “replacement” for NDS Microsoft did not have a scalable, reliable method for handling 1000s of users. Main reason they couldn’t displace Novell in large organizations. Like NDS, ADS will also interoperate with LDAP, but still buggy.

Management Takeaway Many approaches to authentication and security Need an enterprise-wide solution to avoid “userid hangover” 3 major enterprise wide solutions – LDAP, NDS, ADS LDAP only open solution

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.