European Laboratoryfor Particle Physics

NICE NT Web Services

Alberto Di MeglioCERN

IT/DIS/NCS

2-4 December 1998 HEPNT Days at CERN 2

Introduction The NICE Web Services

A set of services and tools to publish documents and share information on the Internet

A CERN-wide service, flexible, expandable and scalable

A front-end for a community of users who want to share information dynamically on the web without having to learn (too much of) the technical details

Study phase started in April, implementation phase started in October

2-4 December 1998 HEPNT Days at CERN 3

History of the Service One Windows NT Server (NICEWWW)

born in 1994 as an interface for the Novell NetWare-hosted user home directories

a special filter to access files via HTTP from a well-known URL (http://nicewww.cern.ch/~username)

a useful, well-accepted service in need of an upgrade: no scripts, no ACLs, caching problems, server dependency

2-4 December 1998 HEPNT Days at CERN 4

A Growing Demand

The need for publishing documents and sharing information, especially in the form of databases and dynamic charts is growing

New internet standards have emerged or are emerging (ASP, audio and video streaming, Internet calendars, interactive learning tools)

It is foreseeable that the XML/HTML format will be one of the standard document formats (Microsoft Office 2000?)

2-4 December 1998 HEPNT Days at CERN 5

The New ArchitectureMain Servers Infrastructure

Two main series of servers the web servers (NT 4. IIS 4,MTS, NetShow

Services, FrontPage, IS) host the user web sites, documents, streams, iCalendars, etc.

the profile servers (NT 4) host the user profile directories, containing the NT profile, links to the user web sites and documents (a sort of enhanced home directory)

Profile servers are protected from web servers troubles and the structure is more flexible

NTWEBxx

NTHOMExx

2-4 December 1998 HEPNT Days at CERN 6

The New ArchitectureUser Profile Directory Structure

User (share)

Public files and folders

Internet Server

Public

Profile

Www (links)

Private files and folders

2-4 December 1998 HEPNT Days at CERN 7

The New ArchitectureAdditional Services (present and

possible) On-line training:

two servers set up in collaboration with the CERN Training Services, Gartner Learning and NETg to provide web-based tutorials (NT4,IIS3/4,SQL6.5)

NetShow Services to feed video and audio streams

Document indexing and serving (IS) Internet Calendars: iCal, vCal, ICAP (in the

profile directories or a dedicated web site

2-4 December 1998 HEPNT Days at CERN 8

A Special URL Naming Scheme

A sub-domain is defined in the main domain (web.cern.ch)

One DNS alias is defined for each web as:webname.web servername

An ASP script in the root default page removes the directory dependency

The URL for each web becomes:http://webname.web.cern.ch

All this with only one IP address per server

2-4 December 1998 HEPNT Days at CERN 9

Service Administration Users can manage their web sites using a web

interface (with authentication) to: Register/Delete web sites Edit permissions and properties (add/remove FrontPage

Extensions, add/remove DSN for database support, change name and owner, etc.)

Search for/List documents using Index Server The use of FrontPage Extensions allow easy, direct

authoring with scripts, forms and database support Administrators have a similar set of interfaces to

manage servers and users

2-4 December 1998 HEPNT Days at CERN 10

The Three-Tier ModelPresentation Layer: Web Interfaces (IE or NS) to register, edit, delete web sites, access documents, etc. Uses ASP to produce HTML and activate COM objects

Business Logic: a set of COM/DCOM components to perform the requested actions - VB/VC++ - FP/IIS ADSI objects (Active Directory), MTX

Data Storage: an Access database with owners, webs, homes, quotas data. Can be upgraded to SQLS or Active Directory. Linked to the CERN general database on Oracle

2-4 December 1998 HEPNT Days at CERN 11

The Transaction Model

Client IIS parse ASP scripts,

creating objects and calling methods

MTX

COM/DCOM

HTML

Basic Authentication

SSL

2-4 December 1998 HEPNT Days at CERN 12

The Web Creation Script<%

username = Request.Form("UserName")webname = Request.Form("WebName")webtype = Request.Form("WebType")

set nwm = CreateObject("NICENTWeb.FP")

if (nwm.IsOwnerValid(username) <> 1) thenresponse.redirect ”…………"

end if

if (nwm.IsWebValid(webname) <> 1) thenresponse.redirect ”…………"

end if

if webtype = "FP_Type" thenLRes = nwm.CreateNICENTFPWeb(username,webname,username)

end if

set nwn = nothing

%>

2-4 December 1998 HEPNT Days at CERN 13

Quota Management

Several possibilities: Now: no control, third-party products, SP4

(?), custom solutions Later: Windows 2000

Custom solution: background check of folder size owners looked up from the main web

service database actions: send a message, remove write

access, lock account

2-4 December 1998 HEPNT Days at CERN 14

ConclusionsAdvantages: Rich set of features: FrontPage extensions, native ACL support, ASP and database

support, streaming services, etc. Easy to access and administer from a web browser anywhere (not necessarily from

within CERN) with secure connections Server independent: users don’t need to know where their homes or webs are,

they use the generic name webname.web.cern.ch and can be moved transparently Flexibility and scalability Data is safe: daily backups, fault-tolerance

Disadvantage: Users are putting scripts on the web servers:

security and stability must be carefully checked Certificates for SSL are an open issue