Products

Evoq Content Overview Content Creation Workflow Asset Management Mobile Responsive Personalization Content Analytics SEO Integrations Security Website PerformanceEvoq Engage Overview Community Management  Dashboard  Analytics  Member Profile Gamification Advocate Marketing Community Engagement  Ideas  Answers  Discussions  Groups  Wikis  Events Mobile ReadyDNN Support PackagesEvoq: CMS FeaturesEvoq OnDemandCompare DNN's CMS Products

Solutions

Content Management SystemMulti-Channel PublishingDigital MarketingOnline Community ManagementIntranet Software SolutionOur CustomersPrime

Resources

Test DrivesSchedule A DemoDocumentation CenterWebinarsWhite PapersProduct ManualsRequest PricingData SheetsCase StudiesEvoq Preferred Products Content Management Ecommerce Forms Identity Management and Authentication Site Management Social Themes

Partners

DNN Partners Partner Directory Become a DNN Partner Partner Program Overview  Hosting  Implementation  ISV  Training  Competencies

Community

Participate Ask a Question Forums Community Showcase DNN MVP  Program Overview  Lifetime MVPs  Honorary MVPs Subscribe to DNN Digest Advisory Groups  Awareness Advisory Group  Developer Advisory Group  Partner Advisory Group  Technology Advisory GroupLearn Documentation Wiki Community Blog Video Library Project History Development RoadmapDownload DNN Store Language Packs Manuals Nightly BuildsSecurity Policies Security Center

Blog

About

News Press Releases News Coverage Press KitCareersContact DNN

QA

Ideas Test

New Community Website

Ordinarily, you'd be at the right spot, but we've recently launched a brand new community website... For the community, by the community.

Yay... Take Me to the Community!

Welcome to the DNN Community Forums, your preferred source of online community support for all things related to DNN.
In order to participate you must be a registered DNNizen
HomeHomeArchived Discus...Archived Discus...Developing Under Previous Versions of .NETDeveloping Under Previous Versions of .NETASP.Net 2.0ASP.Net 2.0Application Server & DNN?Application Server & DNN?
Previous
 
Next
New Post
4/24/2009 5:11 PM
 
tim kauffman

Joined: 8/25/2003
Posts: 30

I have a customer who is developing functionality (class libraries) to provide customers with data from multiple internal applications/databases through DNN as the internet facing GUI.  Additionally, they want to use the libraries to service internal requests from custom apps and would like all of these libraries to exist in a single location behind a firewall, while the IIS server sits in the DMZ.  So, the custom modules for the external DNN environment would make simple requests to the libraries on the server behind the firewall, which is where the business logic and data access would exist.

My first inclination would be to setup a web server behind the firewall and expose the class libraries through web services.  However, I'm not sure if .Net Remoting or WCF are better, more efficient ways to go about this because of the weight of web services and the potential size of the data coming out of the libraries?  The customer's reasoning for adding the layer between DNN and the business logic & data access is both security and scalability.  Also, they are not specifically limited tied to a particular version of DNN or the .net framework.

I would greatly appreciate any suggestions, recommendations, pointers and/or references that would help in this design and implementation...

Thanks!
 
New Post
4/24/2009 9:04 PM
 
Michael Washington


Michael Washington's Avatar

www.LightSwitchHelpWebsite.com
Joined: 7/17/2004
Posts: 3526

You're gonna take a hit in performance using web services. I don't agree wit the security argument. If someone hacks your DNN site that is REALLY REALLY bad. If they hack your website they will also have the keys (the passwords) to your web services.

If someone has Host access to your site they can upload a module that will show them the source code to every file and they can read all the connection strings in the web.config. Even if connection strings and passwords are encrypted they can upload modules that will allow them to still make calls against anything the DNN site has access to.

 


Michael Washington
http://ADefWebserver.com
www.ADefHelpDesk.com
A Free Open Source DotNetNuke Help Desk Module
 
New Post
4/25/2009 12:13 AM
 
tim kauffman

Joined: 8/25/2003
Posts: 30

Thanks Michael, I agree completely about performance and their security concerns, but am stuck in a position where I am unable to convince them to change the requirement that the dnn business layer must communicate with an app server behind the firewall, which is where all internal db connections will be made.  The dnn db will actually be in the dmz (I believe) as well and will not have any knowledge of, or connections to, any of the internal databases. 

I know remoting and wcf provides better performance than web services, but does .net remoting and/or WCF provide a better security alternative, or are you saying that there are no alternatives that provide greater security than an encrypted config file?  My goal is simply to provide the best architecture based on the customer's requirements.

Thanks again for any suggestions!
 
New Post
4/25/2009 8:00 AM
 
Michael Washington


Michael Washington's Avatar

www.LightSwitchHelpWebsite.com
Joined: 7/17/2004
Posts: 3526

So it's only the normal DNN operation that they want to segment into sections for security?

DNN already separates the business layer from the database layer.

You can replace the standard DNN database provider with a custom provider. Instead of the standard SQL provider you can pass all the calls from the business layer to a database using custom code. You can use WCF, web services, remoting, ect. I 

My issues with security remain. If a hacker gets into the Host account they have full control no matter what you do.


Michael Washington
http://ADefWebserver.com
www.ADefHelpDesk.com
A Free Open Source DotNetNuke Help Desk Module
 
New Post
4/27/2009 9:56 AM
 
tim kauffman

Joined: 8/25/2003
Posts: 30

Right...  so, do you have any recommendations on securing host access?  I found this post... but, am curious if anyone else has done anything differently to make the host account more secure than it is out of the box.  I guess I'm looking for something beyond standard account management practices...

Thanks!
 
 Page 1 of 3
123Next 
Previous
 
Next
HomeHomeArchived Discus...Archived Discus...Developing Under Previous Versions of .NETDeveloping Under Previous Versions of .NETASP.Net 2.0ASP.Net 2.0Application Server & DNN?Application Server & DNN?


These Forums are dedicated to discussion of DNN Platform and Evoq Solutions.

For the benefit of the community and to protect the integrity of the ecosystem, please observe the following posting guidelines:

  1. No Advertising. This includes promotion of commercial and non-commercial products or services which are not directly related to DNN.
  2. No vendor trolling / poaching. If someone posts about a vendor issue, allow the vendor or other customers to respond. Any post that looks like trolling / poaching will be removed.
  3. Discussion or promotion of DNN Platform product releases under a different brand name are strictly prohibited.
  4. No Flaming or Trolling.
  5. No Profanity, Racism, or Prejudice.
  6. Site Moderators have the final word on approving / removing a thread or post or comment.
  7. English language posting only, please.
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out