Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How to design authentication in a thick client, to be fail safe?

Tags:

java

security

design-patterns

eclipse

Here's a use case:

I have a desktop application (built using Eclipse RCP) which on start, pops open a dialog box with 'UserName' and 'Password' fields in it. Once the end user, inputs his UserName and Password, a server is contacted (a spring remote-servlet, with the client side being a spring httpclient: similar to the approaches here.), and authentication is performed on the server side.

A few questions related to the above mentioned scenario:

  1. If said this authentication service were to go down, what would be the best way to handle further proceedings? Authentication is something that I cannot do away with. Would running the desktop client in a "limited" mode be a good idea? For instance, important features/menus/views will be disabled, rest of the application will be accessible?
  2. Should I have a back up authentication service running on a different machine, working as a backup?
  3. What are the general best-practices in this scenario? I remember reading about google gears and how it would let you edit and do stuff offline - should something like this be designed?

Please let me know your design/architectural comments/suggestions. Appreciate your help.

like image 630
Jay Avatar asked Jun 15 '10 22:06

Jay

People also ask

How thick should a client application work?

 The thick client application communicates directly with the server in a two-tier architecture. This model consists of the presentation tier and the data tier. The end user has direct access to the data tier, which makes it a less secure network architecture compared to the three-tier model.

What is an example of a thick client?

Essentially, any device that can function completely independently of a remote server is a thick client. Everyday examples of thick clients include desktop PCs or laptops running Windows or MacOS.

Are desktop applications thick client?

Also referred to as desktop, fat, or heavy client, thick clients are systems that connect to servers even without a network. Put simply, a thick client does not rely on server applications since it can process, store and manage data, as well as perform different tasks independently.

1 Answers

The simple answer is: Don't let the authentication service go down!

Make sure your authentication service is running in a clustered, load balanced environment behind a virtual IP. That way, you can avoid downtime in the event that one of the individual servers goes down. This goes for not only the service itself, but any data sources that it relies on.

Obviously no system is completely fail-safe, but you should be able to get your uptime close enough to 100% that there is no need to build a "limited" mode for the desktop client.

like image 119
dbyrne Avatar answered Sep 19 '22 22:09

dbyrne
Sign in to Comment

Related questions

Switch to BigInteger if necessary
Can I build a resultset from a file in Java?
How can I go through a Set in JSP? (Hibernate Associations)
Ternary (and n-ary) relationships in Hibernate
Android Speed based on accelerometer values
Floyd-Warshall Algorithm Logic - Stuck
Impact of java.sql.Connection.close() on java.sql.Statement objects and the like
Java try finally variations
RMI RemoteException
Is there a way to get the list of InnerClasses through Reflection in Java?
Quartz: triggering multiple jobs
Authentication and authorization for RESTfull API (java jersery)
Handling Solr read and write timeout exception
Determining whether a file is a duplicate
Which is the best java driver for mongodb access?
Prepared statement. Can I miss out parameter?
java.math.BigInteger pow(exponent) question
How to perform different operations within Observer's update() in Java?
Extract from string in Java
How to generate enum from properties file in Maven?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!