- Internet Access Issues
- Data Security Issues
- Establishing a Connection
- Further Sources of Information
When establishing connections to database servers available on the network, PowerBuilder applications make calls to the appropriate database client software. The actual network communications that take place are executed by that database client software. Any network protocol restrictions are limited only by what the client software supports.
With this in mind, if your objective is to connect to a server database mounted on the Internet, the network protocol your database client software must support is TCP/IP. All services that are offered on the Internet communicate using TCP/IP (i.e. World Wide Web, FTP, Telnet, WAIS, etc.) To your PowerBuilder application, communication with the database will appear the same, regardless of the location of the database server.
To connect to an Internet service, database server or otherwise, you must know the correct I.P. (Internet Protocol) address for that service. When your database client software is configured to utilize TCP/IP to access to the database server, the I.P. address can be one on your LAN, WAN, or accessible on the Internet. The one provision is that I.P. address needs to be accessible from your development and/or deployment machine. If that is the case, a connection may be established.
Internet Access Issues:
This brings us to the most important consideration when programming for, or interacting with Internet services, the concept of firewalls and access restrictions. When a company or organization begins routing TCP/IP packets onto the Internet (i.e. outside their private networks), there is a strong need to protect existing internal services and resources. If no security efforts are made, any existing services on the private network would be made vulnerable to tampering and unauthorized access.
To prevent such unauthorized access, a firewall is typically put into place to restrict the incoming/outgoing TCP/IP packets. In TCP/IP, the many different services listen on different ports and it is up to the application originating the request to specify the appropriate port for that service. A firewall allows network administrators to restrict the flow of TCP/IP packets by port, I.P. address, or in a number of other ways. If you are attempting to write a PowerBuilder application that will communicate with a database server available over the Internet, there are two firewalls you may need to contend with. Your local network has a firewall that may or may not be restricting outgoing TCP/IP packets to prevent certain activities from going on. The destination network has a firewall that is restricting the incoming TCP/IP packets, again to prevent certain activities from going on. Ultimately what you need to happen is that both firewalls involved respect TCP/IP requests on the port at which your database server will be listening, and that the database server resides at an I.P. address the firewall forwards the requests to.
If the firewall does not honor requests to the necessary I.P. address at the appropriate port, you will be unable to establish a connection from the client machine. If you have any concerns or doubts about the network configurations you are working with, please consult your network administrator or Internet services coordinator. It is in your best interest to clear any Internet related development with such administrators in an effort to prevent any possible security breaches for your site.
Data Security Issues:
Once your access issues have been addressed there is another very important aspect of Internet communications that needs to be addressed: Information transferred via the Internet in plain ASCII format is potentially visible to anyone at any machine your TCP/IP packets are routed through. What needs to happen, unless there is no need for maintaining the secure transfer of this information, is encryption of the TCP/IP packets as they are sent between database client and server in the course of their interaction.
Many server database systems support such packet encryption. For many such systems, the encryption is initiated on the server side. Consult your DBMS documentation or support if you have any questions on their implementation of network packet encryption. Unfortunately, if your DBMS does not support encryption, there are strong security risks regarding the information in transit. Initiating communications with a database server without any transaction security will make the information exchanged vulnerable to access by others on the Internet.
In the same manner in which you would develop an application that works with a database system on the local network, you need to keep in mind the same considerations for an application that communicates with a database server accessible via the Internet. You need to balance processing between the client and the server, limit result set sizes, consider network limitations, and consider network traffic.
Balancing processing between your client and the server works in the same manner with an Internet accessible database as it work with a database server on your local area network. The more important considerations come in terms of network limitations and network traffic. Unlike your LAN or WAN, your network administrator does not have control over the servers through which your TCP/IP network packets will be routed. In fact you have very little control over how your network packets will be routed and handled once they leave your local network.
Along the same lines, you have no control over Internet network traffic and depending on where the network server is mounted, there are no guarantees that traffic will increase or decrease at any given time of the day. The Internet is a global connection of networks, so around the clock usage of the networks and routers your applications will be relying on will be occurring.
Establishing a Connection:
We will not cover how to configure and establish a connection to all DBMS systems that PowerBuilder supports here. If you are unfamiliar with establishing a connection to the DBMS you will be working with, please review the "Connecting to your Database" section of the PowerBuilder documentation, or the documents in the Powersoft FaxLine Technical Documents Catalog, in the section Connecting to your Database, to find the one appropriate to your situation. Or if your difficulty is with the database client software to begin with, please contact your database vendor for information and support specific to customizing that DBMS for your needs.
Once you have your database client software installed and configured, you need to be sure that the I.P. address specified for TCP/IP access to the database is the appropriate one for the database server that is available via the Internet. Once you have that address made available to the client software, your database client should be able to establish a connection to the server via the Internet. As soon as your database client software is connecting to the appropriate server, you can then define a PowerBuilder database profile to use the PowerBuilder Native Driver/ODBC to connect to your datasource. Your database profile should be the same for this type of connection as it would be for connecting to any other DBMS server of the same type on your network.
Further Sources of Information:
To be able to appropriately use TCP/IP to connect to a database service available over the Internet, it is important to have a strong understanding of how the Internet works, to prevent possible security and usage problems. The following resources are recommended for becoming more familiar with accessing information services available on the Internet:
- Your DBMS documentation on network and protocol usage for specific client and server interactions.
- Technical Document 44391x, PowerBuilder and Network Primer
- Any "TCP/IP" Primer
- Any "Firewall, Usage and Implementation" Primer