3-tiers architecture workarounds and possible time to do it
Hi All,
We have developed several projects to different clients using Umbraco. One of my clients is having an architecture requirement. He needs the project to follow N-Tier architecture where each tier is separated physically to achieve separation of concern. As per their security team, this would enhance the system security and prevent potential threats. The 3 tiers would be:-
Presentation Tier – UI project aka Umbraco
Business Logic Tier - App Service where WCF or WebAPI should be used
Database Access Tier – Database engine such as MS SQL server
We all know that current Umbraco architecture doesn’t support such separation. My questions could be the following: -
What are the possible workarounds to achieve this architecture?
If the client didn’t agree on any of the workaround , How much time
would it take if we decided to allocate developers to work on the
source code to convert the platform into this 3-tiers architecture
You could run Umbraco + SQL (no, those tiers can not be separated) as a headless API. So you expose endpoints on the Umbraco site to consume in javascript on a separate webserver, just calling the endpoints you create on the Umbraco site to load content from Umbraco.
If the client didnt agree on any of the workaround , How much time would it take if we decided to allocate developers to work on the source code to convert the platform into this 3-tiers architecture
Months :-)
Plus you'll never be able to upgrade so that's really bad for security, when we discover a vulnerability that needs to be fixed you will be left without the fix and you will be vulnerable.
3-tiers architecture workarounds and possible time to do it
Hi All,
We have developed several projects to different clients using Umbraco. One of my clients is having an architecture requirement. He needs the project to follow N-Tier architecture where each tier is separated physically to achieve separation of concern. As per their security team, this would enhance the system security and prevent potential threats. The 3 tiers would be:-
We all know that current Umbraco architecture doesn’t support such separation. My questions could be the following: -
Thanks in advance for your answers and help
You could run Umbraco + SQL (no, those tiers can not be separated) as a headless API. So you expose endpoints on the Umbraco site to consume in javascript on a separate webserver, just calling the endpoints you create on the Umbraco site to load content from Umbraco.
Months :-)
Plus you'll never be able to upgrade so that's really bad for security, when we discover a vulnerability that needs to be fixed you will be left without the fix and you will be vulnerable.
is working on a reply...
This forum is in read-only mode while we transition to the new forum.
You can continue this topic on the new forum by tapping the "Continue discussion" link below.