 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
Java Forum / General / April 2007How to design a web application to manage many server nodes?
There are currently more than 10 web server nodes. These server nodes can be logged in using a root/public account. Then users can run a series of management commands under CLI mode. I currently have a web application. This application can add these server nodes, and run the commands on the web application GUI. My questions is, why I don't need to log in these server nodes to run the commands? How to design and implement this web application. It is already a product, so I don't know how it was designed and implemented. The web application is using Jsp, but i am not sure what the database it is using, probably oracle. Anyone has some ideas? I dont understand your question. First you say this: "These server nodes can be logged in using a root/public account. Then users can run a series of management commands under CLI mode." Then you say this: "My questions is, why I don't need to log in these server nodes to run the commands?" These two statements don't match. Do you need to logon or not? Are you asking how to logon? Are you asking why they need to logon? Are you asking why they dont need to logon? Are you asking something completely different? > I dont understand your question. > [quoted text clipped - 5 lines] > These two statements don't match. Do you need to logon or not? > Are you asking how to logon? Are you asking why they need to logon? Are you asking why they dont need to logon? Are you asking something completely different? Hi, I am asking something completely different. There are two cases. One is to login to these servers directly. The other is just to login to the web application and do not need to login these server again. In the second case, after I have logged in to the web application, why I don't need to log in these servers one by one to execute the commands, which were originally need to be logged in and run? Are there any mapping done there? Thanks,Schubert >> I dont understand your question. >> [quoted text clipped - 14 lines] > > Are there any mapping done there? If your web servers are running as root (or the user its running under has root privileges) then the applications may well "just run" and are accessible to the world: probably that's not a good idea. You should at least put a password on the page that runs them. For Apache you'd put it in a separate directory along with a file called .htaccess that contains something like: ==========start of .htaccess content========= AuthName "Sensitive details" AuthType Basic AuthUserFile /usr/local/etc/sensitive.pw require valid-user Order Allow,Deny Allow from yourlan.domain ==========end of .htaccess content=========== where the file referenced by AuthUserFile is someplace that's not accessible to the web server and contains a valid username and encrypted password. Use htpasswd to create this file. If you consider this to be too lightweight for decent security you should consider running the webserver in a chroot jail or remove this function from your web server.  Signaturemartin@ | Martin Gregorie gregorie. | Essex, UK org | Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.