by Pam Manolakis
IMPACT'98 in Miami was as hot as the Florida weather. Again we had excellent attendance from customers of both Model 204 and System 1032, coming from across the US, Canada, Japan, the UK, and Australia, together with consultants and other vendors. Thirty-five CCA staff members attended the conference, giving presentations, workshops, demonstrations, and classes, and taking part in the many discussion groups.
CCA showcased three new products - WebGate and MQ/204 for Model 204, and ODBC V2 for System 1032.
The WebGate presentations covered the internals of WebGate, CCA's Web Development tool, and showed how to build real world applications with the product. We demonstrated the Data Mining application developed for the VLDB conference, showing parameter-driven retrieval and graphical presentation over the Web of information from multimillion record databases. We also demonstrated an application that was developed for a WebGate pilot site, running complex inquiries without changing the customer's original code.
MQ/204 provides an interface to IBM's MQSeries, the dominant product in the rapidly growing Message Queuing Middleware arena. IMPACT attendees learned about the theory of MQSeries, and how to pass messages between Model 204 and a wide range of platforms, including MVS, UNIX, OS/400, and NT, in straightforward User Language statements. The MQ/204 product, now being tested by one of our largest customers, will be commercially available later in the year.
Other CCA presentations featured SoftSpy (jointly with ITS), Model 204 new features, MP/204, Year 2000 issues, RCL for client/server development, and Model 204 for Business Intelligence.
The Customer presentations were, as always, very informative and excellently delivered.
We were delighted to see a major increase in the number of System 1032 customers represented this year. Two days of intensive sessions focused on our new ODBC Driver, and how it can be used to develop industry-strength client/server and Web applications. Other System 1032 subjects were also covered. Some of the customers had already been using the new product, and were able to share their experiences. The continuous exchange of information and ideas between users of System 1032 and the CCA staff also added enormous value to the conference.
After very busy days in the Conference Center, there was still plenty of energy for the evening entertainment. Everyone enjoyed the IMPACT Receptions, on Sunday night for Model 204 delegates and Monday night for System 1032. At the party hosted by CCA on Tuesday evening, we took over Planet Hollywood.
Though the main conference ended on Wednesday afternoon, over 60 people stayed to take part in Jim Damon's Version 4.1 Upgrade course on Thursday, before heading home.
CCA would like to express special thanks to the IMPACT Board - Eric Adler, Ron Salvador, Les Stewart, Jerry Caldwell, and Michael Corfman - and the IMPACT administrator, Debra McDonald, and we welcome the new Secretary/Treasurer of IMPACT, Suzanne Burke.
It was great for all of us at CCA to meet so many of you.
By David Stone and Ann Hulsing
System 1032 developers designed the ODBC Driver V2 for compatibility with most off-the-shelf ODBC-enabled applications, including:
Demonstration applications using commonly available third-party software-MS Access 97, MS FrontPage 98, IIS 4-were shown at IMPACT'98. The demonstrations were developed using features built into the software, then customized for performance. Performance of dynamic Web pages is based on a number of factors, including:
This article is the first in a series. Part I describes the design of a typical ODBC-enabled Web application. Future articles will describe performance improvement possibilities.
A Web application is a series of related pages, some (or all) of which carry dynamic information. Both IIS and Enterprise Server manage Web applications in a similar way. Applications consist of layers. The bottom layer contains the actual Web pages displayed to the user. The top layer is called the Application Object in IIS and the Project in Enterprise Server. This article uses the term Web application layer.
Between the Web application layer and the Web pages are the session objects (here called sessions). A session represents an individual user who is accessing the application, one session per user.
The Web application layer contains global information for the application and its users. This layer is activated the first time a user accesses the application and persists until the last user exits. In many cases, the Web application layer exists until the Web server is shut down or the layer itself requests termination.
Sessions
A session is created when an individual user accesses a page within the application and remains until after the user exits. IIS and Netscape maintain a session for a timeout period. If the user does not access a page within the timeout period, the session is terminated. A session holds the context-sensitive information needed to keep track of user requests and information from Web page to Web page
Web pages Web pages contain the HTML that is presented to the Web browser. These pages can be static or created dynamically by the Web application. Static pages are usually stored as files on the Web server and are shared by all users. Dynamic pages can be shared but are usually created on-the-fly for a specific user. Figure 1 illustrates a typical Web application. The application itself is accessible to all Web users: it manages one or more sessions. As each user accesses the application, a session is opened. Users can access the same or different pages.
Web pages contain the HTML that is presented to the Web browser. These pages can be static or created dynamically by the Web application. Static pages are usually stored as files on the Web server and are shared by all users. Dynamic pages can be shared but are usually created on-the-fly for a specific user.
Figure 1 illustrates a typical Web application. The application itself is accessible to all Web users: it manages one or more sessions. As each user accesses the application, a session is opened. Users can access the same or different pages.
Figure 1. Web application layers
Data connections
A Web application must open and maintain one or more data connections on a data server. For System 1032, this is a connection using ODBC Driver to one or more datasets on a VAX or Alpha system. Connections require resources on both the Web server and the data server. System 1032 ODBC Driver V2 manages connections by creating a process for each new connection. For 10 data connections there are 10 processes. The Web server maintains buffer space and context information for each connection. Large numbers of concurrent connections can severely impact performance on both Web server and data server. Connections must be managed to maximize performance. Part II will discuss performance improvements in the application layer. Model 204 and WebGate Security Models by Greg Costopulos, Mark Hatch, Mark LaRocca, and Agnes O'Donnell At IMPACT'98, the Web client/server architecture of Model 204 and WebGate was introduced. Integration with third-party products such as Windows NT servers, IIS Web servers, proxy servers, and firewall technologies was discussed. Also demonstrated was the WebGate Developer, an integrated tool designed to support rapid application development. The market presence of so many industry-standard Web development packages prompted attendees to address the more complex topic of security. Because "one size does not fit all" in matters of security, users were looking for a variety of security levels. Users were pleased to find out that the design of the WebGate security interface fits nicely with the current and proposed strategies of their network groups.
A Web application must open and maintain one or more data connections on a data server. For System 1032, this is a connection using ODBC Driver to one or more datasets on a VAX or Alpha system. Connections require resources on both the Web server and the data server.
System 1032 ODBC Driver V2 manages connections by creating a process for each new connection. For 10 data connections there are 10 processes. The Web server maintains buffer space and context information for each connection. Large numbers of concurrent connections can severely impact performance on both Web server and data server. Connections must be managed to maximize performance.
Part II will discuss performance improvements in the application layer.
by Greg Costopulos, Mark Hatch, Mark LaRocca, and Agnes O'Donnell
At IMPACT'98, the Web client/server architecture of Model 204 and WebGate was introduced. Integration with third-party products such as Windows NT servers, IIS Web servers, proxy servers, and firewall technologies was discussed. Also demonstrated was the WebGate Developer, an integrated tool designed to support rapid application development.
The market presence of so many industry-standard Web development packages prompted attendees to address the more complex topic of security. Because "one size does not fit all" in matters of security, users were looking for a variety of security levels. Users were pleased to find out that the design of the WebGate security interface fits nicely with the current and proposed strategies of their network groups.
Your system's level of security is based on how you configure the Model 204 and WebGate architecture. This article presents three security models that Model 204 and WebGate support.
Note that, in any configuration of the WebGate architecture, all WebGate tags and statement information are hidden from viewing at the browser.
Minimum security model In the intranet example shown in Figure 1, the WebGate Communicator and the WebGate Information Broker are both on an NT system that is outside the firewall. The conversation that takes place is open to outside scrutiny. If you have an information-only Web server and security is not a major issue, this design meets your requirements. You can make this or any implementation more secure by installing external security software such as a secured sockets layer (SSL) on the server where the WebGate Communicator and WebGate Information Broker are installed. SSL encrypts traffic information. The WebGate product supports this technology, which is available for most Web servers and Web browsers.
In the intranet example shown in Figure 1, the WebGate Communicator and the WebGate Information Broker are both on an NT system that is outside the firewall. The conversation that takes place is open to outside scrutiny. If you have an information-only Web server and security is not a major issue, this design meets your requirements.
You can make this or any implementation more secure by installing external security software such as a secured sockets layer (SSL) on the server where the WebGate Communicator and WebGate Information Broker are installed. SSL encrypts traffic information. The WebGate product supports this technology, which is available for most Web servers and Web browsers.
Figure 1. Minimum security model
Medium security model
The intranet/extranet example, shown in Figure 2, provides medium security. The WebGate Communicator operates on a Web server running Windows NT outside the firewall, while the WebGate Information Broker runs on a separate NT server inside the firewall. An end user cannot see the RCL and SQL request using the browser's VIEW SOURCE facility, but TCP/IP packets containing SQL and RCL sent between the Communicator and the Broker are open to view. All ODBC conversations, where user IDs and passwords are exchanged, are protected by the firewall.
This scenario fits your needs if you are not concerned about the outside world viewing RCL and SQL request packets, but you are concerned about protecting ODBC communication from the public.
Figure 2. Medium security model
Maximum security model
In the third example, shown in Figure 3, the WebGate Information Broker and WebGate Com-municator are both inside the firewall. With this configuration, you maintain maximum security. All information is concealed from the outside world, including RCL and SQL requests, specialized templates, and ODBC conversations involving user IDs and passwords.
Figure 3. Maximum security model
Contact CCA Webmaster Copyright 2008
