I was wondering, is it possible to connect a deployed frontend to a offline backend on a local host on the same machine? Or a local frontend to a live backend?
It is not possible to connect a deployed frontend to an offline backend as it can only source data from an online source, but an offline frontend can source data from an online backend as long as the links to the data source or APIs are correctly placed. e.g a mongoDB database, can be posted or one can get data from the database using an offline frontend.
Related
For example, using an nginx server sitting within your AWS network?
I am using a mobile application that connects directly to the database instance (Postgres), as such, I have to keep the ports open for traffic that is generated from the internet (4G, mobile app).
This mobile app (QFIELD, mobile version of QGIS) has a direct connection to the database, this is the reason why the database is reachable from the internet on a public ip but this is a critical issue for the security of the data and the requests that can be sent to the database.
I would like to proxy the requests so that the database is only available to local machines and not open for connections directly.
The mobile appp would send the request to an HTTP url which would send the request to the local ip and port, this way I would avoid to have the database exposed on the internet.
Ideally, I would like to go from this app (which uses a postgres connection string to connect to the server) to an HTTP server that routes the request locally, as such:
APP connects to https://myproxy/postgres
Request is proxied to a local server
Can I do this with Apache2? Any ideas?
At the moment I cannot write a middleware that proxies requests from the APP to the local postgres.
If your application is expecting to connect directly to a PostgreSQL database and you don't want to change that then you need to connect to something that "speaks" PostgreSQL's client protocol.
You can place a proxy such as pgbouncer or pgpool in front of it, but they aren't a guarantee of greater security just by themselves. This is the same problem as with any proxy - it is just forwarding requests and responses to your actual server so any vulnerability is still exposed.
What you can do is:
restrict the number of connections at the proxy point
restrict which users can connect non-locally to your PostgreSQL cluster
restrict where they can connect from to just your proxy
restrict those users permissions within the database(s)
That last point is particularly important - assume any user account your application can be used maliciously. Restrict the account to prevent mass updating or deleting of data. Also take special care to restrict access to other users' data.
If I was forced to allow access like this, I would want one PostgreSQL user account per actual user at the very least. In practice I wouldn't get to this point with a production application.
I want to integrate Hazelcast with a web application running on a tomcat server. The backend is MongoDB. So far I have managed to integrate MongoDB with Hazelcast how do I integrate it with tomcat so that changes made to the DB through the UI can be seen in the IMaps used when i do a get call.
Not every get call will load from DB, only those keys that are not present in Hazelcast cluster will be loaded from the DB.
As for integrating with a web server, not sure what you meant there because the code that loads from DB runs on Hazelcast server. An application, whether it is a simple public static void main(...) or a web app running in a container or a web server, is a client to Hazelcast server - means, you will be required to use client proxies to connect to servers.
I am creating a webapp for data analysis. I want to use Redis to store the data that the user has uploaded so that I can send it to other pages/views. This data is only valid during the session and should expire when the session expires.
Is this a violation of REST principles? Or is this only a problem if I use some value that I have stored server side as session key/identifier?
With your updates what you can do is to upload the data, generate a key against it, place it in Redis and keep it in hash(with meta data) or list(if there could be more than one upload). They list/hash key could be identified by the user id.
Then moving forward, let the client refer to this object using the generated id.
Actually one of the best practices is to use Redis over the internet is to expose a REST API and handle all communication using your Web Server. Redis is always kept in a secure network since Redis doesn't provide any security.
On Redis website
Network security
Access to the Redis port should be denied to everybody but trusted
clients in the network, so the servers running Redis should be
directly accessible only by the computers implementing the application
using Redis.
In the common case of a single computer directly exposed to the
internet, such as a virtualized Linux instance (Linode, EC2, ...), the
Redis port should be firewalled to prevent access from the outside.
Clients will still be able to access Redis using the loopback
interface.
This is also a basic practice when using traditional databases.
I analyzing if I use or not the mobiledata of Bluemix to my app, but I could not find what is the DB engine behind its Solution.
Anyone know what is the backend of mobiledata service of Bluemix?
Backend of mobile data service of bluemix is cloudant.For details please refer below link on getting started:
https://www.ibm.com/developerworks/cloud/library/cl-rapiddev-app/
Backend of mobile data service of bluemix uses Cloudant NoSQL Database for Bluemix as datastore.
It actually uses Cloudant behind the scenes. Cloudant is based on CouchDB and adds Lucene Indexes as well.
Basically, you can select any database service available on Bluemix to store your data. It depends on type of application and data to be stored. If you need to store relational data, go for a SQLDB service. If your mobile application need to store JSON data, then you need a NoSQL database service available on Bluemix. Cloudant is a good NoSQL database and most developers use it as a mobile data backend service.