Creating a multi-tier client/server application

[Jeff]

> You could explore something like a custom-made GUI client app
> communicating thru the http protocol with a web-server app. http is just
> a protocol, and it doesn't necessarily imply using html and a browser...
> IIRC, some GUI toolkits uses XML description files for the UI.

That, or something similar, may be what I do.  It would mean, however,
developing my own method for transferring objects across the network,
which, as far as I can tell, is what things like Pyro are supposed to
take care of.


> > 3) Easier to "lock down" who's using the program by only
> > installing it on certain machines.
>
> Not a very reliable security scheme IMHO !-)

You are 100% correct.  That will most certainly *not* be the only
means of security.  There will be user authentication against a
central LDAP server, SSL for all connections, and possibly IP address
based blocking as well.  I need to clarify what I meant (I didn't want
to bore everyone with the tedious details)--while this system will
mostly be used by supervisors/managers, the employees will also be
using it to sign into their shifts.  The managers want the employees
to only be able to sign in from designated machines, while at the same
time they want them to be able to look up their schedules from a web
interface, but *not* use that to sign in.  That wasn't the best point,
but I think there's something to be said of the *perceived* security
of desktop vs. web apps.

> Extreme Programming doesn't mean "no preparation", and makes heavy use
> of use cases. Of course you need to have some - hopefully accurate -
> functional specs. The point was mostly along the lines of "don't try to
> have full-featured detailed design before you start coding, because
> chances are it will be wrong".
>
> > Hopefully, the amount of planning will be somewhere in between that
> > and the bureaucratic nightmare of documenting up front what each
> > module, class and function will do.
>
> Which would be totally non-sensical. I don't believe anyone on earth
> could come up with such a thing - done right - *before* the application
> is written.

I'm not looking to layout how the GUI should look, or even how
individual parts of it should work.  What I need to do, though, is
write very detailed specs with my clients on the data that will be
used, and plan out as thoroughly as possible the architecture of the
project as far as tiers and such.  I don't have much choice in this
aspect, sadly.  But, in my experience, the more detail (and agreement
on those details) I have up front, the less painful the rest of the
process will be.

Thanks again!