Solved

Need suggestion for this approach

Posted on 2003-12-03
17
308 Views
Last Modified: 2013-12-18
Hi Guys
Need some advice and suggestions on the approach to this scenario.

I have a Domino application which is residing in our network (i.e. within the firewall) This application requires feedback responses from several users. These users mostly will be notes users. But there may be some users who are external. For these external users we have decided to have a web portion where they have to supply a token before giving their feedback (as they don't have any login ). So anonymous access is given to create a feedback document but only after supplying a token by the user. Now in order for these external users to access this URL, the nsf should reside in the external server. But since the application is 90% internal , we would not like to put the entire app in external server as the details are also confidential.

The approach suggested by me was:
Have a replica copy of the nsf in the external server and do a selective replica of the external server with the internal, so that the documents submitted there, are pushed back to the internal server.

Is this the best way and are there any glitches in this approach. Are there are any alternative suggestions ?



Thanks
Partha
0
Comment
Question by:p_partha
  • 4
  • 3
  • 3
  • +2
17 Comments
 
LVL 46

Accepted Solution

by:
Sjef Bosman earned 125 total points
ID: 9867598
Best way: hmm. Glitches: you'd need push-pull replication for design changes, otherwise pull would do. It's an approach, it will work in the end, but it wouldn't be my choice, since selective replication is a difficult thing to tune.

Alternative:
- create a new database based on the same design (template)
- make a replica of this database on the external server
- create an agent that will copy documents received in the internal server to the real database

Your external users will therefore use an almost empty copy of the database, that contains very little information of the real database. Just the indispensable items.
0
 
LVL 46

Expert Comment

by:Sjef Bosman
ID: 9867615
Additional suggestion:
- delete the documents from the external database when they are successfully copied
0
 
LVL 24

Expert Comment

by:HemanthaKumar
ID: 9867674
Well that sounds perfect for me.

And that is the bestway too. In future if you want to assign external users a web id you can do so and keep them away from internal data.. Good security. We do have similar kind of setup here too.

The other approach would be something like mail-in-db. THe external user will send a mail with his comments and  Since the comments are just text you can read it from body and create docs on fly using mail agents. But the above method has more control over this one.

~Hemanth
0
 
LVL 14

Author Comment

by:p_partha
ID: 9867757
sjef bosman

from what i understand from u:

Create a replica copy of the database in external.

Push all the external feedback documents from the internal to the external thru an agent

Move the documents from the external to the internal once they are saved.



I have some issues here:

the feedback providers cannot submit documents after 30 days or if the report is generated. So ideally i have to do this steps:

Everytime a feedback document is modified at external server i have to push to internal database. Everytime the external feedback document in the internal database is modified (like agent running on the doucment to stamp some fields)  i have to push the document back to the external database

so ideally both push and pull replication is happening here...

Let me know whether i am right in understanding,


Hemanth,
are u supporting my model as perfect or sjef bosman's ... Kind of confused ;-)


Partha
0
 
LVL 24

Expert Comment

by:HemanthaKumar
ID: 9867849
Well when I started typing his comment was not there.. obviously yours
0
 
LVL 24

Expert Comment

by:HemanthaKumar
ID: 9867859
bosman suggestion says that user should not see the data that he posted.. is that you want ? If so you give them depositor access only. Write a cleanup agent which will run nightly to remove the documents I don't see any added benefit here
0
 
LVL 14

Author Comment

by:p_partha
ID: 9867894
Hemanth,
The document for external feedback providers shd be visible to them at any point of time as they can save the document as "draft". But once they do any modification to the document it shd be reflected int he internal....


Also when the document has crossed 30 days then the internal database wills tamp the document with some flags, so that it is not submittable. So ideally both push and pull shd take place here


{Partha
0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 
LVL 24

Expert Comment

by:HemanthaKumar
ID: 9868144
Right !
0
 
LVL 46

Expert Comment

by:Sjef Bosman
ID: 9868385
Ah, now you change the (assumed) specifications! If you say that "feedback" is required, that's one-way to me, hence my suggestion to use a copy of the database (not a replica!) and an agent to move documents into the central db. What you describe now, i.e. that you want users to be able to modify the document, does require full replication. Your original suggestion is more complicated, but replication in this case will be the only solution.

Maybe you could use a mixed approach: use a copy of the database for the external users, and let the agent only run on documents with status Accepted. If you want your browser-users to see documents that are processed, just leave them in the external db as well.

For the copy to be maintained easily, create a template database that you modify, base both your databases on this template, and use Refresh Design whenever you modified your template (or wait for the Designer task to pass by).

Sjef
0
 
LVL 31

Assisted Solution

by:qwaletee
qwaletee earned 125 total points
ID: 9871699
I concur with Sjef's original suggestion, DESPITE the fact that you need a "two way" agent.  I have seen selective replication do so much harm, I try to stay away from it at all costs. The only place I would ever use it is for a user replicating a subset of information to a local copy, when teh file would be awfully large otherwise.

So, how do you make this work?

It depends.  If the "external" documents are created and edited externally, and never created internally, then it is easy -- you just need to write an agent that copies from the "public" copy to the "real" copy.

If the documents will alway be CREATED internally, but only MODIFIED externally, then write an agent that:
1) Gathers all internal unexpired docs, and copies them to the exterbal copy
2) Gathers all internal documents over 30 days old, marks them as expired, and deletes teh correspodning document from teh externa; copy
3) Gathers all external documents, matches them to thei nternal copy, and brings over any changes

As far as the physical structure is concerned:
* The internal database should only be on internal servers.
* The external database should be on the external server, and replicate to an internal server.
* The agent should run on the latter internal server
0
 
LVL 1

Expert Comment

by:yoshi78
ID: 9882111
Why not just give full replication abilities to both the inside and outside db and set web and client forms to only be accessible for the necessary users.  You can still hide most information you need too.
0
 
LVL 31

Expert Comment

by:qwaletee
ID: 9897064
Yoshi,
Safer to start with "I give you nothing" and then add what you need to actually give.  If you chose teh "here's everything, but I am wrapping shrouds around the parts I dont wnat you to see," well, shrouds have a way of slipping off, and if you've got lots of stuff, all to easy to overlook another part you wated to hide.
0
 
LVL 1

Expert Comment

by:yoshi78
ID: 9904084
qwaletee,
I gotcha, you are right.  Sometimes I think more of my own restricted environment and not of others.  
0
 
LVL 31

Expert Comment

by:qwaletee
ID: 9909924
yoshi78,

Of course!  We all se the world through "locally-colored" glasses.

Still waiting on that code from you, though.
0
 
LVL 1

Expert Comment

by:yoshi78
ID: 9912125
qwaletee,

Uh Oh, I sent it to the _s_a_l_e_s addy in your profile.  My independant is twise@enia.net if you don't want to post your email address.  I've got it ready to go though.

0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

For beginners of Lotus Notes user this is important to know about the types of files and their location supported by IBM Notes. Mostly users are unaware about how many file types are created and what their usages are. This Article is fully dedicated…
Lack of Storage capacity is a common problem that exists in every field of life. Here we are taking the case of Lotus Notes Emails, as we all know that we are totally depend on e-communication i.e. Emails. This article is fully dedicated to resolvin…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now