Announcement

Collapse
No announcement yet.

Browser application

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Browser application

    Hi

    We have a browser based leads database running in house (written for us, not commercial) that connects to a SQL server, which publishes to a web site on IIS , pretty simple so far.

    Is it possible to have outside connections to the Sql server to allow users to use the leads db whilst offsite,

    Now we have the usual VPN 's etc but i would really like the users to type in a URL from any PC, like they do for web exchange, and get a connection. I assume we would be talking some port 443 ssl setup, but i'm no expert.

    The data passed is not confidential in any way and would be next to useless to anyone.

    Regards

    Richard

  • #2
    Re: Browser application

    Originally posted by Richie View Post
    Is it possible to have outside connections to the Sql server to allow users to use the leads db whilst offsite
    Yes, it is possible, but you really do not want to do that. Exposing SQL server directly to the Internet is a Bad Idea.

    What kind of data needs your users need an access for? Could the web front-end be extended so that there would be additional page for displaying leads and whatnot from the database?

    -vP

    Comment


    • #3
      Re: Browser application

      Even its a browser application, i would have thought it would only be http traffic going across, securely of course, how could that be damaging to the server, i'm no expert so please treat me like a novice. What do you mean by extending the web front end?

      thanks

      Richard

      Comment


      • #4
        Re: Browser application

        Originally posted by Richie View Post
        What do you mean by extending the web front end?
        Well, the connection requirement depends on what kind of access you want to provide. I first thought that you'd like to give an direct access to the SQL Server and allow using Query Analyzer or Enterprise Manager tools. That would be quite risky. Now that I re-read the op, I guess I misunderstood you.

        The recommended way is to add a new page to the front-end website. Let's say that the current lead inserting is done at address www.example.com/sales/addNewLead.asp. Then you just add a new page into the system and access it from another an URL, like www.example.com/sales/browseLeads.asp. Technically, you have a directory in your IIS server called Inetpub\wwwroot\sales and all the HTML / Asp / Css / Png / Whatever files are located there. The web site is published with any name.

        The idea is that the web page (=browseLeads.asp) is installed on an IIS server. You then set up the IIS box on DMZ and allow people to connect into it from the public Internet by using HTTP/HTTPS only. The network is configured so that the IIS system can connect into the internal network and talk with SQL Server. The .asp page will use ADO or whatnot for creating connection to the database. (You could use Asp.Net & Ado.Net, or PHP or something, but the idea is the same always.)

        You could use any kind of authentication for users who would like to use the browseLeads page. Manual passwords, integrated Windows authentication, per-user cookie, you name it. The page just needs some kind of access control to prevent outsiders (think: Googlebot or random vandal) messing around.

        -vP

        Comment

        Working...
        X