RE: [Rainbowportal-devel] Future stuff
Brought to you by:
danijel_kecman,
manudea
From: Rahul S. <ana...@ya...> - 2004-09-20 21:48:56
|
There is already an effort to create an open source standardized admin module. http://www.oscom.org/Projects/Twingle/ Also take a look at the revamped Typo3CMS Admin Module. The initial one sucked, so someone came up with an addon. All the admin features that you want to do with WinForms _Can_ be done with DHTML/Javascript. I don't disagree that a WinForms is an awesome solution, It's just that for the type of interactions that people do on Rainbow, a thick client may not quite fit the requirements. Take a look at components from places like http://www.componentart.com http://www.easylistbox.com http://www.purecomponents.com http://www.infragistics.com These are companies that create web based widgets to allow the same type of rich GUI experience as that in a windows environment. Rahul --- John Cullen <JC...@ad...> wrote: > Iâve done some work with Web Services and WSE 2.0. > This handles all the encryption and much, much > more. No SSL required. A little more work to > implement but MS makes it pretty easy. I would > suggest going this route. WinForms is the way to go > for admin, much more robust. Iâm happy to help > out with this if needed. > > > > _____ > > From: > rai...@li... > [mailto:rai...@li...] > On Behalf Of Christoph Schramm > Sent: Monday, September 20, 2004 10:46 AM > To: rai...@li... > Subject: RE: [Rainbowportal-devel] Future stuff > > > > Correct me but that would require a ssl-certificate > which costs at least 100⬠> > > > _____ > > From: > rai...@li... > [mailto:rai...@li...] > On Behalf Of Plowman, Mark > Sent: Montag, 20. September 2004 16:40 > To: 'rai...@li...' > Subject: RE: [Rainbowportal-devel] Future stuff > > > > securing web-services without SSL against someone > with a packet sniffer is not possible (someone > correct me here?) as all information is sent in > clear text. > > Using SSL, one of the most efficient methods is to > have a login function protected by SSL which then > provides a session id that is valid for 30 minutes. > > Every admin function call made passes this session > id rather than the admin login credentials and > authentication is made against the session id. > > This means that admin functions can run outside of > SSL which will make them faster (SSL has a fairly > high overhead) and if a packet sniffer gets hold of > a valid session id, it will only be valid for 30 > minutes. > > If the session id has expired, the WinForm can be > prompted to login interactively again in a way that > is transparent to the user... > > I hope I'm wrong here, but I havn't yet found a way > of securing web-services without using SSL at some > point. > > Cheers, > Mark > > > > > -----Original Message----- > > From: manu [mailto:ma...@du...] > > Sent: 20 September 2004 15:20 > > To: rai...@li... > > Subject: RE: [Rainbowportal-devel] Future stuff > > > > > > I think an win form or remote management interface > will run > > on top of web > > services. > > So the question is: how much effort is needed to > expose admin > > modules as > > webservices and how can we secure it without no > special > > install on server > > (like SSL server side)? > > > _____ > > size=2 width="100%" align=center> > > This message is intended only for the addressee(s) > and may be confidential. Access to this email by > anyone else is unauthorised. Any opinions expressed > in this email do not necessarily reflect the > opinions of BCA. Any unauthorised disclosure, use or > dissemination, either in whole or in part is > prohibited. If you are not the intended recipient of > this message please notify the sender immediately. > BCA, Greater London House, Hampstead Road, London. > NW1 7TZ. Tel: 020 7760 6500. This message has been > checked for all known viruses by the MessageLabs > Virus Scanning Service. > > _____ > > > > > > _______________________________ Do you Yahoo!? Declare Yourself - Register online to vote today! http://vote.yahoo.com |