AJAX-Tools
An Ajax based application provides rich user interface and experience for users. By combining the power of JavaScript and XML, developers are able to build applications that asynchronously streams data. The result is an application or a website wherein users will receive real time updates without any command from the user.
Since the term’s inception it has come a long way as developers now has access to different tools such as frameworks that would aid them in the development of the application without writing a single line of JavaScript. Strong community support for Ajax has also ensured starting developers will have the ability to build applications with little to no experience.
However, one of the key flaws of Ajax is security. As it uses mainly client side interaction, the website could be easily attacked since codes could be easily injected to the application. That code will refer the application to website wherein it could launch an attack to extract information.
The result is a cross site scripting which result to data loss and access to sensitive user information. This is only one of the security problems of Ajax that developers would have to face when they plan to build an Ajax based application.
A good solution for addressing the security problems in Ajax is by integrating it with WSRP (Web Services for Remote Portlets). Developers can build Ajax in a regular manner but the client and the server side communication is done through WSRP.
By using remote portlets, developers will have a screening process between the client and the server. Remote portlets can also provide better customization for security. For example, a single portlet will only allow a number of users.
Since direct communication of client to server is interrupted by a portlet, it is possible that the application will experience slower execution. Intensive screening especially for secured websites will be very slow as secured websites will have more portlet security.
To answer this problem, developers could change the general architecture of the application using ESB or Enterprise Service Bus. Using ESB, developers could find useful middleware components that directly bridge the server to the client. The portlet will still be there but it will not be hampering the speed of the operations.
ESB is an event driven which optimizes the messaging engine of the server. Another key benefit of ESB is that can optimize the application when the application is developed for offline use.
With the use of WSRP, developers could ensure that their Ajax based application by using remote portlets. The customization of responses is possible with the use of this web service as well as implementing stricter security policy especially for using online access.
On the other hand, ESB ensures the speed of the application is optimized as well as access to information even though it is developed for offline usage. Although it is a longer route for Ajax development, developers could be rest assured that their Ajax based application or website has been optimized for security and customization.
