Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.lang.javascript > #7696 > unrolled thread

Three tier web model?

Back to article view | Back to comp.lang.javascript

Contents

  Three tier web model? Filippo Portera <fportera2@gmail.com> - 2011-10-26 06:18 -0700
    Re: Three tier web model? Richard Damon <news.x.richarddamon@xoxy.net> - 2011-10-26 11:23 -0400

#7696 — Three tier web model?

In the classical three tier model for web applications there are a web
browser, an application server and a DB.
I wonder if it is possible to bypass the application server altogether
by writing a jdbc driver (Chrome supports WebSockets) that connects
directly to the database.
This will speed up the conversation between the browser and the DB.
If you have any suggestion please write to: fportera2@gmail.com

[toc] | [next] | [standalone]

#7697

On 10/26/11 9:18 AM, Filippo Portera wrote:
> In the classical three tier model for web applications there are a web
> browser, an application server and a DB.
> I wonder if it is possible to bypass the application server altogether
> by writing a jdbc driver (Chrome supports WebSockets) that connects
> directly to the database.
> This will speed up the conversation between the browser and the DB.
> If you have any suggestion please write to: fportera2@gmail.com

The big issue here is security. If the client side code has all the 
access information to access the database, a malicious user can reverse 
engineer this code and corrupt the database. The application server 
layer is what provides access control/security.

Remember the cardinal rule of web development, NEVER totally trust data 
from the user, but verify, verify, and verify. This needs to be on the 
application server layer.

[toc] | [prev] | [standalone]

Back to top | Article view | comp.lang.javascript

csiph-web