Application Server What’s New in Version 10 Deployment
Topics <ul><li>What’s New in Version 10 </li></ul><ul><li>Deployment </li></ul>
What’s New in Version 10 <ul><li>Performance </li></ul><ul><li>Security </li></ul><ul><li>Functionality/Configuration </li...
What’s New in Version 10 Performance <ul><li>A Peek at What the Server Spends Time Doing </li></ul>
What’s New in Version 10 Performance <ul><li>What is the Server Overhead? </li></ul><ul><li>Read and Parse incoming reques...
What’s New in Version 10 Performance <ul><li>Request Parsing </li></ul><ul><li>More efficient socket reading </li></ul><ul...
What’s New in Version 10 Performance <ul><li>Set up A5W execution environment </li></ul><ul><li>Cache the Application Root...
What’s New in Version 10 Performance <ul><li>Prepare  and Send Response </li></ul><ul><li>Cache gzipped output for static ...
What’s New in Version 10 Performance <ul><li>The Results?  </li></ul><ul><li>Vary with type of request, hardware, etc. </l...
What’s New in Version 10 <ul><li>Performance </li></ul><ul><li>Security </li></ul><ul><li>Functionality/Configuration </li...
What’s New in Version 10 Security <ul><li>Security is implemented at many levels. Most significant in core server are: </l...
What’s New in Version 10 Security <ul><li>Connection Handling </li></ul><ul><li>Intentionally malformed socket communicati...
What’s New in Version 10 Security <ul><li>Request parsing is dangerous business </li></ul><ul><li>Depends on input from an...
What’s New in Version 10 Security <ul><li>Session Management </li></ul><ul><li>Cookie lifetime matches session lifetime </...
What’s New in Version 10 <ul><li>Performance </li></ul><ul><li>Security </li></ul><ul><li>Functionality/Configuration </li...
What’s New in Version 10 Functionality <ul><li>Logging Options </li></ul><ul><li>Thread transition logging </li></ul><ul><...
What’s New in Version 10 Functionality <ul><li>Session.BrowserId </li></ul><ul><li>Similar to V9 session Id </li></ul><ul>...
What’s New in Version 10 Functionality <ul><li>New Response Methods </li></ul><ul><li>AddCookie() supports Http-Only and S...
What’s New in Version 10 Functionality <ul><li>Error Pages </li></ul><ul><li>Custom error pages can now execute A5W code <...
What’s New in Version 10 Functionality <ul><li>IP Address Binding </li></ul><ul><li>Server can now run on just one of a ma...
What’s New in Version 10 Functionality <ul><li>Enable/Disable Built-in Functionality </li></ul><ul><li>Alpha favicon </li>...
What’s New in Version 10 Functionality <ul><li>Configuration Options </li></ul><ul><li>Timeout for header reading </li></u...
What’s New in Version 10 Functionality <ul><li>Version 9 Compatibility Server </li></ul><ul><li>Runs the old Version 9 ser...
Topics <ul><li>What’s New in Version 10 </li></ul><ul><li>Deployment </li></ul>
Deployment <ul><li>Web application or browser-based application? </li></ul><ul><li>Web browser is used for UI, but app doe...
Deployment <ul><li>The primary deployment issue is where to host your application. But other questions must be answered fi...
Deployment <ul><li>Who needs access to the application? </li></ul><ul><li>Internal users on local network </li></ul><ul><l...
Deployment <ul><li>Browser-based only or hybrid app? </li></ul><ul><li>A desktop app with DBF suggests hosting locally </l...
Deployment <ul><li>Internal Resources </li></ul><ul><li>Once installed, little ongoing maintenance is needed </li></ul><ul...
Deployment <ul><li>Given these considerations, should you host it internally or use a hosting provider? </li></ul><ul><li>...
Deployment <ul><li>Regardless of internal or outsourced hosting, consider the hardware configuration </li></ul><ul><li>Mem...
<ul><li>Questions/Discussion </li></ul>
Upcoming SlideShare
Loading in …5
×

Building an web 2.0 blog RAPIDLY in Alpha Five v10 with Codeless AJAX

986 views

Published on

Presentation created by Jeff Cogswell showing how a blog application was created very rapidly with Alpha Five v10 with Codeless AJAX (tm)

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
986
On SlideShare
0
From Embeds
0
Number of Embeds
8
Actions
Shares
0
Downloads
1
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Building an web 2.0 blog RAPIDLY in Alpha Five v10 with Codeless AJAX

  1. 1. Application Server What’s New in Version 10 Deployment
  2. 2. Topics <ul><li>What’s New in Version 10 </li></ul><ul><li>Deployment </li></ul>
  3. 3. What’s New in Version 10 <ul><li>Performance </li></ul><ul><li>Security </li></ul><ul><li>Functionality/Configuration </li></ul>
  4. 4. What’s New in Version 10 Performance <ul><li>A Peek at What the Server Spends Time Doing </li></ul>
  5. 5. What’s New in Version 10 Performance <ul><li>What is the Server Overhead? </li></ul><ul><li>Read and Parse incoming request </li></ul><ul><li>Determine action required to fulfill request </li></ul><ul><li>Retrieve/Instantiate session </li></ul><ul><li>Set up A5W execution environment </li></ul><ul><li>Prepare and send response back to client </li></ul>
  6. 6. What’s New in Version 10 Performance <ul><li>Request Parsing </li></ul><ul><li>More efficient socket reading </li></ul><ul><li>Totally new parser </li></ul><ul><li>Orders of magnitude faster </li></ul><ul><li>Tightens up potential attack vectors </li></ul><ul><li>Paves way for future functionality </li></ul>
  7. 7. What’s New in Version 10 Performance <ul><li>Set up A5W execution environment </li></ul><ul><li>Cache the Application Root </li></ul><ul><li>Cache a5_application.a5i </li></ul>
  8. 8. What’s New in Version 10 Performance <ul><li>Prepare and Send Response </li></ul><ul><li>Cache gzipped output for static resources </li></ul><ul><li>Optimized output sending </li></ul>
  9. 9. What’s New in Version 10 Performance <ul><li>The Results? </li></ul><ul><li>Vary with type of request, hardware, etc. </li></ul><ul><li>On average, server overhead is about ½ of what it is in V9 </li></ul><ul><li>Large gzipped static resources have the most significant improvement </li></ul>
  10. 10. What’s New in Version 10 <ul><li>Performance </li></ul><ul><li>Security </li></ul><ul><li>Functionality/Configuration </li></ul>
  11. 11. What’s New in Version 10 Security <ul><li>Security is implemented at many levels. Most significant in core server are: </li></ul><ul><li>Connection handling </li></ul><ul><li>Request parsing </li></ul><ul><li>Session management </li></ul>
  12. 12. What’s New in Version 10 Security <ul><li>Connection Handling </li></ul><ul><li>Intentionally malformed socket communications have potential to crash server </li></ul><ul><li>Largely the operating system’s responsibility </li></ul><ul><li>Application Server adds additional protection </li></ul>
  13. 13. What’s New in Version 10 Security <ul><li>Request parsing is dangerous business </li></ul><ul><li>Depends on input from an untrusted source </li></ul><ul><li>Uses untrusted input to create variables, take actions, etc. </li></ul><ul><li>Most common area of exploit across web servers </li></ul><ul><li>The new request parser has further protection against attacks via request parsing. </li></ul>
  14. 14. What’s New in Version 10 Security <ul><li>Session Management </li></ul><ul><li>Cookie lifetime matches session lifetime </li></ul><ul><li>Cookie is an Http-Only cookie </li></ul><ul><li>If using SSL, cookie is a “Secure” cookie </li></ul><ul><li>Server prevents recycling of session IDs </li></ul>
  15. 15. What’s New in Version 10 <ul><li>Performance </li></ul><ul><li>Security </li></ul><ul><li>Functionality/Configuration </li></ul>
  16. 16. What’s New in Version 10 Functionality <ul><li>Logging Options </li></ul><ul><li>Thread transition logging </li></ul><ul><li>Xbasic error stack logging </li></ul>
  17. 17. What’s New in Version 10 Functionality <ul><li>Session.BrowserId </li></ul><ul><li>Similar to V9 session Id </li></ul><ul><li>Does not change across sessions </li></ul><ul><li>Can be used to uniquely identify browser across sessions </li></ul>
  18. 18. What’s New in Version 10 Functionality <ul><li>New Response Methods </li></ul><ul><li>AddCookie() supports Http-Only and Secure cookies </li></ul><ul><li>AddHeader() supports additional header syntax </li></ul><ul><li>Expire() directs client on how long to cache the resource </li></ul><ul><li>NoCache() directs client to not cache resource </li></ul><ul><li>Redirect() supports Permanent (301) redirects </li></ul><ul><li>SendFile() easily send a file back to clients </li></ul>
  19. 19. What’s New in Version 10 Functionality <ul><li>Error Pages </li></ul><ul><li>Custom error pages can now execute A5W code </li></ul><ul><li>Write your own error handlers that email administrator, attempt to fix mistyped URL, or take just about any other action you can code in Xbasic </li></ul>
  20. 20. What’s New in Version 10 Functionality <ul><li>IP Address Binding </li></ul><ul><li>Server can now run on just one of a machine’s addresses </li></ul><ul><li>Allows for multiple servers on same system using same port to serve different applications </li></ul>
  21. 21. What’s New in Version 10 Functionality <ul><li>Enable/Disable Built-in Functionality </li></ul><ul><li>Alpha favicon </li></ul><ul><li>Alpha logo used in a5w_info() output </li></ul><ul><li>.a5ajax processing </li></ul><ul><li>.a5image processing </li></ul><ul><li>Alpha JavaScript library </li></ul><ul><li>Automatic sample pages deployment </li></ul>
  22. 22. What’s New in Version 10 Functionality <ul><li>Configuration Options </li></ul><ul><li>Timeout for header reading </li></ul><ul><li>Timeout for full request reading </li></ul><ul><li>Timeout for Keep-Alive connections </li></ul><ul><li>Maximum Keep-Alive requests per connection </li></ul><ul><li>Maximum URI length </li></ul>
  23. 23. What’s New in Version 10 Functionality <ul><li>Version 9 Compatibility Server </li></ul><ul><li>Runs the old Version 9 server </li></ul><ul><li>Removes all new Version 10 functionality </li></ul><ul><li>Provided for debugging purposes only </li></ul>
  24. 24. Topics <ul><li>What’s New in Version 10 </li></ul><ul><li>Deployment </li></ul>
  25. 25. Deployment <ul><li>Web application or browser-based application? </li></ul><ul><li>Web browser is used for UI, but app does not need to be on the Internet </li></ul><ul><li>Recommended approach for new development work </li></ul>
  26. 26. Deployment <ul><li>The primary deployment issue is where to host your application. But other questions must be answered first. </li></ul><ul><li>Who needs access to the application? </li></ul><ul><li>Is this a hybrid app or browser-based only? </li></ul><ul><li>Internal resources </li></ul>
  27. 27. Deployment <ul><li>Who needs access to the application? </li></ul><ul><li>Internal users on local network </li></ul><ul><li>Internal users at remote location(s) </li></ul><ul><li>External users at specific remote location(s) </li></ul><ul><li>General public Internet </li></ul>
  28. 28. Deployment <ul><li>Browser-based only or hybrid app? </li></ul><ul><li>A desktop app with DBF suggests hosting locally </li></ul><ul><li>A desktop app with no DBF is more flexible </li></ul><ul><li>Purely browser-based provides more options </li></ul>
  29. 29. Deployment <ul><li>Internal Resources </li></ul><ul><li>Once installed, little ongoing maintenance is needed </li></ul><ul><li>Greater availability tends to be difficult for smaller companies </li></ul>
  30. 30. Deployment <ul><li>Given these considerations, should you host it internally or use a hosting provider? </li></ul><ul><li>Internal typically gives you greater control, makes broader access more difficult, and has a greater initial cost. </li></ul><ul><li>Hosting providers can provision quickly, specialize in keeping your server running 24x7, can limit or open access as desired, may be slower for internal users. </li></ul>
  31. 31. Deployment <ul><li>Regardless of internal or outsourced hosting, consider the hardware configuration </li></ul><ul><li>Memory is inexpensive and greatly improves performance </li></ul><ul><li>Disk drives often create a bottleneck </li></ul><ul><li>Many database tasks are CPU intensive </li></ul><ul><li>For a detailed discussion, see Kurt’s articles on blog.alphasoftware.com </li></ul>
  32. 32. <ul><li>Questions/Discussion </li></ul>

×