[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [JDEV] A question regarding scaling




> 	Here's the reasoning I was thinking of wanting to connect to other servers
> beside's your home server.  Different transports that not all servers may
> run..  Let's use an example of a mod_perl module, or some other HTTP based
> transport..  If my server doesn't run it, I'd want to be able to connect to
> ANOTHER server.  My case would be while I'm at work behind an HTTP firewall.
> In this way, if you wish to utilize another transport, you can..

Absolutely!  Fortunately, this is already built into the architecture :)

If *your* server doesn't offer a particular transport/feature that you'd
like to make use of, all you have to do is find a public one.  All
transports can optionally have public IP addresses to access them.

So say you weren't running the @ICQ transport locally, but xyz.com was and
allowed the public to use their installation.  They configured the ICQ
transport to be icq.jabber.xyz.com, so you just use @icq.jabber.xyz.com.

Everything is configurable as to how this works, but all the posibilities
are already there.

> 
> 	Wow, I just had a though about this..  If we did have what I mentioned, you
> could actually have the 'publically available server' be a different server
> then the one that actually validating logins, allowing for the
> authentication to be based on a machine inside a firewall, while the public
> server is out in the open, but contains none of the password and user data..
> Simular to this:
> 
> ClientA      ClientB      ClientC
>     \           |          /
>      \          |         /
>       \         |        /
>        \        |       /
>         \       |      /
>          \      |     /
>           \     |    /
>           |-----------|
>           |Public     |
>           |Server     |
>           \-----------/
>                 |
>                 |
> ================|===============
> ==== Firewall ==|===============
> ================|===============
>                 |
>            /----------------\
>            | Authentication |
>            | Server         |
>            \----------------/
> 
> 	This way an ISP could have their authentication based on the same system
> that authenticates it's users (Which, if they're bright, is behind some sort
> of firewall)..

This is also an excellent idea.  How I'd see this working easily would be
a special authentication module for the Public Server above, and that
module contacts the backend authentication system.  This is all very very
doable.

Jer