$customHeader
Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

Context

All persons interested by openIMIS will try the reference application before planning any customization, today modular infrastructure has at least 5 components quite different from each other (database:T-SQL, gateway: Perl, webapp:ISS+VB.NET,backend:Python, frontend:Javascript). By working on the support ticket it was clear that it is way too complex. In addition today’s architecture use a hack for the session management (lua/perl script in the gateway) which leads to timeout synchronization issue.

All those technologies runs under windows but not under Linux (webapp is blocking).

Once the webapp will be completely migrated, a rework will be required to remove the webapp from the stack and to manage differently the session.

Proposal

Reduce the number of component to simplify the setup.

1- Remove frontend

As it was already done for Nepal, the front end code can be hosted in ISS, because there is no “From” folder in the webapp it can be deployed along the webapp, it can be updated later without impact on the rest of the webapp.

Because there is no drawback, I propose to include the reference frontend within the webapp package in GitHub.

2- Solve session time out and remove gateway

The complexity of removing the gateway comes from the lua script used for the ibackend authetification that need to be deployed on ISS, even if there is a package call ISSLUA, it is not given that it will work with the reverse proxy setup.

A solution could be to make a “Authentication” service in C# (as the restAPI) that will act as a reverse proxy for the python ibackend(graphql). The advantage of the solution is to reuse the RESTAPI authentification code and add some standard reverse proxy code. The potential drawback is the additional load on the webapp but this solution simplify the scalling because it will support perfectly sticky session on frontend.

https://stackoverflow.com/questions/35903237/a-simple-reverse-proxy-using-asp-net-c-sharp-with-authentication

3- link the backend

The backend doesn’t use the webapp authentication but a file based authentication therefore it should be easy to configure a reverse proxy (ARR and rewrite IIS module) and to disable anonymous access, windows authentication could be used iinstead.

4- Remove the ibackend and backend

this step is maybe not required / wanted but we could configure the backend as CGI in ISS and the ibackend as CGI called by a .net code (to use the same authentication as webapp)

https://medium.com/better-programming/running-python-script-from-c-and-working-with-the-results-843e68d230e5

  • No labels
$customFooter