2. Before:
Current Public Document Deployment
Internal Public (beyond DMZ)
Program
Data
Program uses app
to save document
under application
path
Save Location
And Document Name
Place Document
in Network Folder
for transfer to
public
Transfer document
to public folder
under application
CopyBot Action
Usual failure point
Is Document Available?
NO
404 Error
YES
Download
document
Public web
application
Requests document
Connect to Program
Data and get document
informationInternal applications
that store
documents on the
network have them
literally copied out
to the public
application structure
SOA Document Download10/31/2014
3. Now: PDF’s
Here, Internal
applications that
have been storing
documents on the
network continue to
do so.
The difference is
that there is no
access to them
beyond the firewall.
The IIS Hosted WCF
Service handles all
requests for
program data,
including documents
Proposed Public Document Presentation
Internal Public (beyond DMZ)DMZ
Program
Data
Program uses app
to save document
under application
path
Save Location
And Document Name
Get necessary
Information
From data Endpoint
Download
document as
ByteStream
Public web application Requests
document
IIS Hosted
WCF Service
Get Program Data,
Necessary document
information
Program
Endpoint #1
Program
Endpoint #2
Get Document using
Domain assigned user
Receive ByteStream
From Data Endpoint
SOA Document Download10/31/2014
4. Now: Spreadsheets
WCF to MVC Excel Spreadsheet Download
Internal Public (beyond DMZ)DMZ
Program
Data
Program uses app
to save document
under application
path
Save Program Data
And
Document Information
Send necessary
Information to
data Endpoint
Download
document as .csv
file
Public web application requests
Spreadsheet
IIS Hosted
WCF Service
Get Program Data
Program
Endpoint #1
Program
Endpoint #2
Receive List of Objects
From Data Endpoint,
Convert to Comma-
Delimited string
The .Net framework contains a
function of the “List” object that
will convert the objects to a
comma-delimited list (.csv file)
Here, Internal
applications that
have been program
data as usual
Again, there is no
access to the
information beyond
the firewall.
The IIS Hosted WCF
Service handles all
requests for
program data,
returning serialized
objects
SOA Document Download10/31/2014
5. Additional Information
• Microsoft WCF “Getting Started Tutorial” (http://msdn.microsoft.com/en-
us/library/ms734712(v=vs.110).aspx)
• How to: Host a WCF Service in IIS (http://msdn.microsoft.com/en-
us/library/ms733766(v=vs.110).aspx)
SOA Document Download10/31/2014
Editor's Notes
This presents a couple of problems:
Program documents are saved in multiple locations both inside and outside of the Department’s control
The public version of many of our applications use the web.config file on the public side to store database connections to program data. With the right amount of strength, this connection, and possibly the entire network, could be compromised if there are other settings in the web.config file.
Currently designed as a read-only process, but has the potential to be expanded using myAlaska if necessary. This configuration requires a Domain level user assigned by DAS for network file access. Strongly suggested only do this as needed
Benefits:
The database connection to program data never goes beyond the Department firewall. The Data Endpoints have only the information that we make available.
The web.config in the public web application does not store anything except settings in DAISLib for Autosense functionality, so the public app knows which service to use. Everything else is compiled in the application code.
The number of locations that DEC stores files in gets reduced. This saves us storage space on the SAN, speeds up other processes, and other benefits that have yet to be discovered