When you have two nodes of the IoT server running for HA, and if a given
image/file is stored on the file system of one server, how do you make that
image/file available for a request that's served via the other server?

On Wed, Aug 16, 2017 at 4:54 PM, Megala Uthayakumar <meg...@wso2.com> wrote:

> Hi All,
>
> Currently we are working on writing a mobile application store for IOT
> server. For that we have decided to save the images and binary files
> related with applications in the file system(This decision was taken
> considering the file size). File location will be derived from a
> configuration. While implementing this, we have come-up with the following
> suggestions for saving files as per the meeting we had internally.
>
> *Option 1*
> For each application we will have a folder with the name as the generated
> ID for the application from the database. Each will hold all the relevant
> artifacts such as icon, screen-shots and binary files.
> In this case, there were 2 suggestions
>
>    1. For each app, the icon and screen-shots will be saved with the same
>    name. Ex - For icons the image file name will be 'icon' and like-wise for
>    others as well. So in this case, we do not need to save image names in the
>    database.
>    2. Need to dynamically generate some random names.
>
> If we consider first approach, if we use the same name for all the
> application, there is possible chance an attacker may get all the image
> files if the name is known to them.  AFAIU this can happen even if we do
> not use the 1st approach and use the second approach in which we use random
> names, as this can happen only if the root path for saving the artifacts
> are compromised and without the name also attacker can do a "listFiles"
> request  and get all the data.
>
> *Option 2*
> For binary files and image files we will have separate location and each
> respective files will be saved in these location separately by generating a
> unique name. This may be helpful if we can cache the images and improve the
> performance, but this may not be possible in real production scenarios
> depending on the size of the images.
>
> What would be the most preferable option? Comments and suggestions on this
> regard is highly appreciated.
>
> Thanks.
>
> Regards,
> Megala
>
> --
> Megala Uthayakumar
>
> Software Engineer
> Mobile : 0779967122
>
> --
> You received this message because you are subscribed to the Google Groups
> "WSO2 IoT Team Group" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to iot-group+unsubscr...@wso2.com.
> For more options, visit https://groups.google.com/a/wso2.com/d/optout.
>



-- 
Nuwan Dias

Software Architect - WSO2, Inc. http://wso2.com
email : nuw...@wso2.com
Phone : +94 777 775 729
_______________________________________________
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Reply via email to