Best way for Two MVC applications one public other private to securely update and retrieve from a SQL database
Question
I'm currently building a system that includes a MVC web-server that is public facing for users that sends post commands to an MVC application based server. The application server (also MVC) is private and only accepts web service post commands from the MVC webserver this application server is connected to my SQL database.
In theory the user would go to the MVC Web server to click a link that would cause the webserver to make a POST request in the Model of the Webserver to the application server's Web Services api, this in turn would do a SQL lookup in the Aplication's servers Model using a System.Data.SqlClient.SqlConnection with a System.Data.SqlClient.SqlCommand to actually update the Database. The same type of method (different API) may be used to retrieve information from the database and post back to the webserver for users to see.
I'm basically wondering if I'm completely off in this approach of having two MVC servers talking to each other for security and the general scalability of this approach as a whole and if there might be a better way to approach this problem, that I'm not thinking of.
1 answers
solution1
0 ACCPTED 2013-08-16 14:39:32
I don't really think this approach is going to add anything for security. What exactly are you thinking will be more secure by separating the web and application tiers to different servers?
Its possible that you might get some scalability benefit as you can scale your web and application server layers separately, but that will come at a pretty big performance hit in general as all application server calls will require serializing and deserializing things back and forth from SOAP/XML to objects.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.