Hi! You should present them some facts:
1) WO is Java. That means it runs (hack-free!) on any platform with a JVM, Linux included. The adaptors are now all open source, as Linux itself, so you have no problems with that. Also, many people here are deploying on Linux of FreeBSD and have no problems at all.
2) WO on Linux will not be less or more secure than on any other platform, because it's Java, so it's the same thing everywhere.
3) The performance hit of an WO app on the DB depends on many factors, of course, but it has a huge advantage over PHP and similar stuff: an WO app uses a fixed number of database connections (usually one, but you can increase that number using Wonder). It will not open new connections every time a page is opened, and the number of connections won't depend on the server load and on how many visitors you are getting. So, way less load on the server because no TCP or UNIX socket connections being opened and closed all the time, less memory usage on the DB, etc. Also, and because an WO app is a real app running, and not a bunch of scripts, you can easily cache stuff that avoid database roundtrips. Actually the default behaviour of EOF is aggressively caching everything, so much that sometimes the hard thing is to get fresh data from the DB... :)
4) Advising someone to use PHP instead of WO for security reasons is like playing Russian roulette with a fully loaded gun and you being the first to pull the trigger... WO gives you a lot of security features right out of the box. Stuff like no SQL injection problems, no access to pages that shouldn't be accessed in a given situation, etc. All this is a nightmare on PHP-like stuff, and in WO it's just right there. Also, it's much easier to do stuff like controlling is the user is authorized to see a certain content (due to the component architecture) than in PHP. It's not by accident that web sites that run on top of some CMS made in PHP are hacked all the time on the Net.
Yours Miguel Arroz On 2008/08/22, at 06:18, ute Hoffmann wrote:
Hallo,a possible clients provider said, that they have fear that a WebObjects App on a LInux would be a security problem. As the port to Linux is really a hack it would pose problems with the possibility of teh serverbeing hacked because of that.Can someone who deploys on Linux (in my case debian, but... I suppose the linux breed is not relevant here) please comment on that. Are there measures I can take to ensure, there is no security risk coming from this setup?I was also told, they feared a performance problem if a WebObjects app would connect to the mysql database they build (which is used for other purposes as well). Has anyone experience with a App with higher traffic (about 240.000 hits per day, most of that read only. About 3000 concurrent users). Can a WebObjects app pose a problemto database performace in such a case (or in any case)?I was advised to let the website programm in php instead (preferably by the provider itself, I think, but that was not said, of course). Would php have any advantages in respect to the database performance (or to performance in general)? Or would it have a clear advantage in respect to security (what I really doubt, php can be as insecure as anything else, depending on the usage).Any hints welcome. Thanks a lot! Regards, Ute _______________________________________________ Do not post admin requests to the list. They will be ignored.Webobjects-deploy mailing list (Webobjects- [EMAIL PROTECTED])Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/webobjects-deploy/arroz%40guiamac.com This email sent to [EMAIL PROTECTED]
http://www.survs.com
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Do not post admin requests to the list. They will be ignored. Webobjects-deploy mailing list ([email protected]) Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/webobjects-deploy/archive%40mail-archive.com This email sent to [EMAIL PROTECTED]
