A New Architecture for Web Services at CERN

1
A New Architecture for Web Services at CERN

• Alberto Di Meglio, Francois Fluckiger, Monica
  Marinucci, Per Hagen, Alberto Pace

http//cern.ch/web
2
Part 1 of 2

• The new Web Namespace
• Review of new Services

3
Todays namespace

• http//www.cern.ch/
• http//wwwinfo.cern.ch/
• http//network.cern.ch/
• http//home.cern.ch/
• http//nicewww.cern.ch/
• http//wwwas.cern.ch/

4
Is there a problem ?
5
Is there a problem ?
6
From the MAIL architecture
Translation Service
Generic address
Physical address
First.last_at_cern.ch
user_at_host.cern.ch
Global namespace
domain
Mailbox name
Physical Mail Server name
7
The same for the WEB
Translation / Redirection Service
Generic address
Physical address
http//cern.ch/SiteName
http//host.cern.ch/path
Global namespace
domain
Physical Web Server name
Site Name
8
Complete Duality Mail - Web
Mail address and mailing lists
Web address
Organisational Units
it-div_at_cern.ch
http//cern.ch/it-div
aleph-exp_at_cern.ch
http//cern.ch/aleph-exp
Individuals addresses and personal files
alberto.pace_at_cern.ch
http//cern.ch/alberto.pace
9
more duality

• Mail
• Mail Composing tools are unable to find the
  physical server name from the generic address
  first.last_at_cern.ch
• given a users mailbox xxxx, the host
  xxxx.mailbox.cern.ch represents the server
  hosting the xxxx mailbox
• Web
• Web Authoring tools are unable to find the
  physical server name from the generic address
  http//cern.ch/xxxx
• given a sitename xxxx, the host
  xxxx.web.cern.ch represents the server hosting
  the xxxx site

xxxx_at_xxxx.mailbox.cern.ch
http//xxxx.web.cern.ch/xxxx
10
Not limited to Central Servers

• MAIL Generic E-mail Addresses (xxxx_at_cern.ch)
  can point to locally managed mail servers or even
  to servers outside CERN
• WEB Generic URL Addresses (http//cern.ch/xxx)
  can point to locally managed web servers or even
  to servers outside CERN

11
What about www.cern.ch ?

• http//www.cern.ch and http//cern.ch are
  equivalent
• Users preferring the www.cern.ch syntax can use
  it, the leading www. being optional.

12
Will we still have broken links ?

• The new web redirector supports site aliasing
• Multiple / different names can be mapped to the
  same physical site

• We can have
• Old names pointing to new names
  http//cern.ch/cn-div -gt http//cern.ch/it-div
• Descriptive names pointing to real
  names http//cern.ch/it.division -gt
  http//cern.ch/it-div http//cern.ch/Alberto.Pace
  -gt http//cern.ch/pace
• Site nicknames, easier to type http//cern.ch/it
  -gt http//cern.ch/it-div
• Existing hosts can be taken over by the central
  redirector
• http//mysite.cern.ch/ -gt http//cern.ch/mysite

13
100 compatible with the existing infrastructure

• Existing servers integrates smoothly in the
  namespace
• No broken links / No HTML to modify
• The Web namespace becomes independent from the
  physical server layout and it allows the
  evolution of the existing infrastructure

14
DEMO

• You can access the CERN Scuba club site using any
  of the following URLs
• http//cern.ch/subaqua
• http//www.cern.ch/subaqua
• http//web.cern.ch/subaqua
• http//subaqua.cern.ch
• http//subaqua.web.cern.ch
• http//subaqua.web.cern.ch/subaqua
• As in the browser, the prefix http//and the
  domain name cern.ch can be omitted, a CERN user
  can simply type subaqua to access the site

15
Part 2 of 2

• The new Web Namespace
• Review of new Services

16
With the new web namespace

• We are no longer bound to the all in one
  server architecture.
• We can differentiate Server OS, Web Server
  software, File Storage and support multiple
  solutions if necessary.
• We can go beyond simple static HTML authoring and
  open a wide set of new services
• (as described in the next slides)

17
Site Hosting

• Site hosting means offering disk space to store
  web files and then make them available via http
• Based on a pool of (cheap) servers to host web
  sites of customer who do not want to maintain
  their own server
• Load balanced using the web.cern.ch subdomain
• Every web site has one (and only one) owner
  responsible for the site content who can manage
  or delegate the site security

18
Site Hosting

• Sites can be physically stored on
• Central Web servers
• AFS
• NICE
• (locally managed servers)
• Flat Namespace (part of the CERN web namespace)
• http//(www.)cern.ch/sitename
• Subsites are possible but managed by owners of
  upper sites
• http//cern.ch/mainsite/subsite1subsite1 is
  managed by the owner of mainsite

19
Authoring interfaces

• Authoring interfaces (sites on the Central Web
  Servers)
• HTTP (PUT method) http//sitename.web.cern.ch/sit
  ename
• FTP ftp//sitename.web.cern.ch/sitename ftp//use
  r_at_sitename.web.cern.ch/sitename
• OSE Microsoft Office Server Extensions See
  http//www.microsoft.com/office/ork
• DAV Distributed Authoring and Versioning
  (Foreseen) See http//www.w3c.org

20
DEMO
21
Whats the difference ?
22
Site Registration Services

• Automated Site Registration and Creation Service
• Users can create/delete web sites or
  registrations themselves
• A moderator authority supervises all actions
• Users are authenticated on AFS or NICE and site
  ownership is always checked

23
Support for Authoring Tools

• Site management page editing tools
• Microsoft FrontPage
• Macromedia Dreamweaver
• Page editing tools
• Netscape Composer
• Other Microsoft Office Applications (Word, Excel,
  PowerPoint, Access, )

24
More Services

• Forms
• All sites in the central web servers are
  form-ready
• Users can create electronic forms themselves
• Databases
• All central web pages can be connected to
  databases
• Databases can be local Access files or remote
  Oracle
• Read and Write access
• Search services
• Both client-side (infoseek) and server-side
  indexing
• Complementary services

25
Searching and Indexing

• Two distinct methods
• The Infoseek server indexes all reachable
  documents.
• Indexes also locally manages servers
• CERN global searches possible
• It takes 3-4 days before a page gets revisited
• Server-side indexing
• Instantaneous index update
• Very fast queries for subsearches
• Extended searches possible (hit count, client
  addresses, whats new, )
• The Infoseek and the server-side indexing are
  complementary services

26
More services (2)

• Access Control
• ACL, IP address restrictions, external
  authentication, password protected documents,
• Secure connections (HTTPS, SSL)
• Available on all central sites by default
• Cascading Styles Sheets (CSS) and Themes
• We have now the necessary tools to make available
  Corporate / Divisional look and feel policies
• Document Source Control
• For sites authored by multiple persons

27
Access Control Security

• Web Site Owners can manage access to central
  sites
• Access Control List
• Login forms and name username/password pairs to
  authenticate unregistered users
• IP addresses restrictions
• Password-protected document

28
Secure connections and SSL

• Every Web page on the central Web server can be
  accessed using HTTP or HTTPS
• Web authors can choose which protocol to use

29
CSS and Themes

• Cascading Style Sheets are supported (normal HTML
  feature)
• FrontPage Themes are supported for FrontPage
  authors
• Same functionality but does not require a
  CSS-compatible browser
• We have now the necessary tools to make available
  Corporate / Divisional look and feel policies

30
Source Control

• Every Site hosted on the central server can
  activate source control for sites authored by
  many persons simultaneously
• Document source control available only to
  Microsoft Office users only

31
CGI-Interface and Scripting

• Every site on the central servers has a cgi-bin
  directory
• Standard CGI-Interface fully supported
• Scripting
• Supported interpreters .PL (Perl) and .ASP
  (Active Server Pages).
• Supported languages for ASP Vbscript, Jscript
  and PerlScript.

32
Conclusion

• The new namespace gives us independence from the
  physical infrastructure and allows us to move
  forward
• An important set of pending requirements for the
  web services will be addressed with the new
  architecture
• For more information

33
http//cern.ch/web