Three-Tier Architecture vs. Two-Tier Architecture: A Comparison, Slides of Fundamentals of E-Commerce

The differences between two-tier and three-tier architectures in the context of web applications. It covers the number of sessions, workflow control, web servers, gathering input, caching, input validation, and authentication. The document also mentions the evolution of presentation devices and the role of web servers in presentation independence.

Typology: Slides

2012/2013

Uploaded on 07/30/2013

post_box
post_box 🇮🇳

4.7

(3)

113 documents

1 / 10

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
3-Tier Reduces the Number of Sessions
Partition the set of presentation devices (e.g., 103 PSs per WFC)
100 WFC × (103 PS/WFC + 102 TS/WFC) = 110,000 sessions
Typo on page 50 in textbook, paragraph 4: 10 routers would have 10,000 sessions
to their presentation servers => 105,000 sessions, not 15,000 sessions.
Workflow
Controller
Txn
Server
Txn
Server
Txn
Server
Workflow
Controller
Pres’n
Server
Pres’n
Server
. . .
Pres’n
Server
Pres’n
Server
. . .
Txn
Server
. . .
Docsity.com
pf3
pf4
pf5
pf8
pf9
pfa

Partial preview of the text

Download Three-Tier Architecture vs. Two-Tier Architecture: A Comparison and more Slides Fundamentals of E-Commerce in PDF only on Docsity!

3-Tier Reduces the Number of Sessions • Partition the set of presentation devices (e.g., 10

3 PSs per WFC) (^3) • 100 WFC × ( 2 PS/WFC + 10TS/WFC) = 110,000 sessions

WorkflowController TxnServer • Typo on page 50 in textbook, paragraph 4: 10 routers would have 10,000 sessionsto their presentation servers => 105,000 sessions, not 15,000 sessions.

TxnServer

Pres’n^ Pres’n^.. .ServerServer^ WorkflowController^ TxnServer

Pres’n^ Pres’n^.. .ServerServer

Txn.. .Server

2-Tier vs. 3 Tier — Other Issues • In early 90’s people argued whether 2-Tier was enough – Scalability was the decisive factor, but there were other issues • Database Servers – Nonstandard stored procedure language, usually less expressivewith weaker development tools and it’s another language tolearn – Limited interoperability of cross-server calls – Limited interoperability of distributed transactions – Poor fit with OO design, which are inherently 3-tier(client, business rules, business objects) • Application Servers – more system complexity

11.3 Web Servers • Presentation independence - application isindependent of the display device used – Today, this is via http and html – In the past, it was via a display controller or middle-tierminicomputer whose presentation functions insulatedthe rest of the back-end system from different devicetypes • Web server performs presentation functions:– Gathering input– Validating input

  • DB caching– Authentication -^ They also do some basic request routing^ – Constructing requests - Invoking applications -^ Examples - IIS (MS), Apache, Netscape Server

Gathering Input

-^ Gathering input - Select transaction type (menu item,etc.), and fill in a form (request’s parameters)^ –^ Today, Web forms, moving to XML (XForms, XSLT, …) •^ 30 year^ evolution of presentation devices^ –^ Teletype, character-at-a-time terminal (async), block-modeterminal (IBM 3270)^ –^ Specialized devices - ATMs, bar code readers, gas pumps,robots, credit card authorization, cash registers, ticketprinters, etc.^ –^ 4GL on a PC - ActiveX controls accessed from Visual Basic(VB), PowerBuilder, Delphi, etc.

Input Validation

-^ Validate input against locally cached tables^ –^ E.g., product types, department numbers •^ Avoids wasting communications and server resourcesfor obvious input errors^ –^ Fewer round-trips to the DBMS^ –^ And faster feedback to the end user •^ “Cache” is part of the web page^ –^ List boxes, script^ –^ Cache size is a factor (it affects page access time)

Authentication

-^ Authentication - determining the identity of a user and/or^ display device^ –^ Client system (e.g., PC) may do authentication, but the serverusually does it too (doesn’t trust clients)^ –^ Encrypt the wire to avoid wiretapping and spoofing(on the Web, use https = http over secure socket layer) •^ Geographical entitlement - check that a particular

device^ is

allowed access (e.g., security trading room) • Need system mgmt functions to create accounts, initializepasswords, bracket hours of access (simplify it using a role abstraction)

Application Invocation • Request arrives as an http message. – Need to call a program (i.e. a WFC), to perform the request • Common Gateway Interface – Write a script, store it as a file in cgi-bin – Web server creates a process to execute the request (Slow!!) • ISAPI (Microsoft) and NSAPI (Netscape) – Web server calls an in-proc .dll instead of creating a process – Web server can cache the .dll – More complex programming model, but much faster • Active Server Pages and Java Server Pages – Offers the performance of ISAPI with programmability of CGI