No announcement yet.
  • Filter
  • Time
Clear All
new posts

    Production deployment recomendations

    I'm a new licensee of SmartClient Pro v100p_2015_05_21. I need to set up a production server for a low traffic departmental site. The server will need to authenticate users with Shibboleth. Most of the data will be pulled from existing read-only oracle tables, with some items created and persisted locally. My thought was something like:

    1. Apache handling authentication and authorization, and serving static content.
    2. Tomcat running smartclient server side code and connected to Apache via ajp.
    3. Either mySQL or Hibernate storing some data, but most data pulled from upstream Oracle.

    1. What is the most common version of Java and Tomcat in use with SmartClient?
    2. Is there a reason to prefer mySQL or other SQL to Hibernate for a small site?
    3. Any obvious flaws in the proposed design?


    1. Tomcat 5 or 6, Java 7 or 8

    2. We generally recommend using SQLDataSource, because it's simpler, more efficient and more flexible. See this discussion.

    3. Shibboleth and a separate Apache deployment may be overkill for a low traffic, departmental site. Unless Shibboleth is required to tie into a pre-existing authentication system, you might just want to not bother with a separate Apache, and just use Tomcat Realms authentication.


      Further Shibboleth question

      I agree that apache would be overkill, but I was struggling to figure out how to interface with our enterprise authentication system that uses Shibboleth.

      Meanwhile I've found a couple of SAML2 security options that may work.

      1. Spring Security SAML

      2. OIOSAML2

      Is there reason in SmartClient to prefer one of these over the other? Like more experience with one? They both seem to function as filters that can be placed in front of an application in web.xml



        All of these options, including Shibboleth+Apache, are fine. What matters is really whichever *you* are most familiar with and can set up most easily.

        See the Authentication and Declarative Security sections of the QuickStart for our recommendations.