Using the External User feature

This forum is now locked, since gold support is no longer offered.

Moderator: SourceGear

Locked
rcwalden
Posts: 22
Joined: Thu Jan 13, 2005 8:38 am

Using the External User feature

Post by rcwalden » Wed Apr 06, 2005 5:17 pm

Maybe a not so quick question.

Our Dragnet server is sitting inside our network and everyone internally has no problems accessing it what so ever. Now a new requirement has come out to let client's enter their own issues. No problem, if using the External User option.

However, external users cannot access the Dragnet server, since it is deep within our network. Since Dragnet is one big Web Service (quote stolen from another topic i had read here), could we install Vault on a server that is accessable to the outside world and have it use the web service that is hosted on our existing Dragnet server inside our network (assume lots of network configurations has occurred to only allow the external server to access the internal server)? Don't ask why we wouldn't just open up HTTP and port 80 to everyone to access the internal server and not just the external server.

Is this doable through the Dragnet config file? Any other options? I just don't want to move our Dragnet server to where it is accessable to the outside world (call me lazy); I am afraid that we would loose the Vault/Dragnet integration (for both authorization and the check-in feature).

Thanks,

Richard Walden

jclausius
Posts: 3706
Joined: Tue Dec 16, 2003 1:17 pm
Location: SourceGear
Contact:

Post by jclausius » Wed Apr 06, 2005 8:25 pm

Richard:

There is nothing that states the Vault server and Dragnet Web application need to be installed on the same machine. You can place either piece in a DMZ, outside your firewall, inside your firewall, or on any combination of these machines.

If you do place the server in a place publicly accessible, I would strongly recommend placing the SQL Server back end in a safe, secure location, and then allow traffic from the outside server ( on a known port ) have access to the SQL Server.

Other than that, the only other requirement when using integrated Dragnet/Vault, is the Dragnet Web app be able to hit the Vault Service ( for Vault authentication ), and the Vault Server be able to hit the Dragnet Web service.

It might be easier to answer this question if you provided the scenario you wish to configure. For example :
- Dragnet in DMZ ( since it is to be accessible to the outside world ).
- SQL Server on internal machine.
- Vault Server on internal machine.

From this we should be able to get an insight of your planned configuration.
Jeff Clausius
SourceGear

rcwalden
Posts: 22
Joined: Thu Jan 13, 2005 8:38 am

Post by rcwalden » Thu Apr 07, 2005 12:11 pm

This is what I hope to do:

Dragnet on external server (for external users only)
Dragnet on internal server (for internal users only)
Vault on internal server (for internal users only)

Have Dragnet on external server use the web service on the Dragnet box that is internal to store issues on Sql Server, that is on an internal box.

jclausius
Posts: 3706
Joined: Tue Dec 16, 2003 1:17 pm
Location: SourceGear
Contact:

Post by jclausius » Thu Apr 07, 2005 12:40 pm

Due to server side settings and caching of project information, Dragnet is currently limited to one server per database.

In this case, you would only want one Dragnet Web Application which is available to both internal / external users.
Jeff Clausius
SourceGear

rcwalden
Posts: 22
Joined: Thu Jan 13, 2005 8:38 am

Post by rcwalden » Thu Apr 07, 2005 1:10 pm

Well, the external server would really only be used to allow external users to add issues only, like the server/dragnet/External/AddItemExternal.aspx?pid=101 type functionality. From a time perspective, we just don't have the time to build a page to mimic the functionality and consume the webservice functionality. That would be the only use of the external server. Is there no way to just have those pages refer back to the internal web service? Does it always assume that the web service is local to the page?

jclausius
Posts: 3706
Joined: Tue Dec 16, 2003 1:17 pm
Location: SourceGear
Contact:

Post by jclausius » Thu Apr 07, 2005 1:16 pm

rcwalden wrote:Well, the external server would really only be used to allow external users to add issues only, like the server/dragnet/External/AddItemExternal.aspx?pid=101 type functionality.
If you don't mind restarting IIS ( in case project information changes ), I don't think there would be a problem if AddItemExternal was the only functional piece of an "external" Dragnet service. In a case like this it "should" with two servers.

Now getting back to your question about Vault authentication ( in the other thread ). Just use the internal name Vault name with VaultService postfixed on the end. Since the external Dragnet Web App is only serving AddItemExternal pages, and external users do not authenticate against Vault, everything should take the FQDN to VaultService.

HTH
Jeff Clausius
SourceGear

rcwalden
Posts: 22
Joined: Thu Jan 13, 2005 8:38 am

Post by rcwalden » Thu Apr 07, 2005 1:33 pm

Okay, so how would I configure the external Dragnet server to point to the web service on the internal Dragnet server? I haven't seen anything in the config files that would allow you to point to another Dragnet web service.

mskrobul
Posts: 490
Joined: Wed Jan 14, 2004 10:22 am
Location: SourceGear
Contact:

Post by mskrobul » Thu Apr 07, 2005 2:00 pm

You wouldn't use the same web service for both servers. You would point to the same database for both dragnet servers. Each Dragnet server would use it's own web service to connect to the database.

Please email me directly and include your phone number in the email (use the link at the bottom). Someone here will call you to discuss what you are wanting to do.
Mary Jo Skrobul
SourceGear

rcwalden
Posts: 22
Joined: Thu Jan 13, 2005 8:38 am

Post by rcwalden » Tue Apr 26, 2005 3:31 pm

Mary Jo,

Just to let you, and everyone else know, we did install Dragnet on on two seperate servers, one internal and one external, and had them both point to the same db server and it does appear that all is well with this configuration.

I would, however, would like to put on the wish list, the ability for multiple instances of Dragnet to use a central Dragnet web service. It is much easier to open up port 80 over HTTP then to convience my network guys to open up a TCP port through our firewall between our data center and our internal network.

Thanks for your help.

Richard

Locked