Intranets: How To Cut Through The Cob Webs of Internal Information Client-Side Development Options Java As another excellent addition to the Internet arsenal, Java, on the surface brings only a new programming language to the game. But, with the addition of a byte code compiler and interpreter, Java can be used to generate secure, platform-independent applets. In contrast to the server-enabled applications, Java applets currently run on the client station. Applets are small byte code packages that run under the Java run time engine. Depending on the runtime engine, applets may have access to a limited amount of resources on the client computer, such as graphics and network routines. Using the network routine, the Java applet may access many network resources, including databases. Most Java coding is completely at the programmer's mercy. There are no quick routines to fetch a record from a database. It is much like programming in C or C++. Like CGI and server API programming, all of the detail work is left up to you. Coming to market quickly are quite a few tools that will extend the function of Java. For instance, Sun has already added a CORBA extension that is itself written in Java and exposed to Java. So, CORBA object calls are handled within that applet and data is passed back to the caller in a structured data set. To sweeten the pot, JDBC will be released this summer and offer ODBC connectivity for Java. Following current trends, almost everything should be available under Java. Most vendors are scrambling write APIs for use by Java. ActiveX The re-bundling of OLE and OCX Controls has been Internet-enabled and renamed ActiveX. This technology should offer great functionality to Windows applications. The promise of Internet-enabled applications should be as simple as dragging and dropping the appropriate ActiveX control in the Visual Basic development environment. Any application will be able to become "Internet-aware." Microsoft is promising FTP, HTML and other components for free. It means you can add FTP to your application as easily as you now add a "Save" dialog box. All of the FTP functionality is built into that ActiveX component. The promise is simply that you will be able to build your own ActiveX components on top of Microsoft's framework and add that new functionality to any application you wish, including your Web browser. Currently, ActiveX is only going to be available for Windows 95 and NT, so before leaping, be sure you won't need any to support any other platforms. When developing ActiveX, you probably always will be tied to the Windows environment. Microsoft has stated that it will have no part of CORBA. For cross-platform solutions, the CORBA/OpenDoc solution is going to be your only choice. In addition, Java already has the CORBA access engine in place. More than likely, Java will be able to give you access to OpenDoc and ActiveX as well. Security and Access Restrictions Regardless of the platform you choose, be aware of the security issues that can affect your server. Although you may see external Web servers as the major security concern, more information is compromised from the inside than from an outside threat. More than likely, you will be putting more sensitive data on your intranet server than your external Web server. If you anticipate giving users access to their human resource information, you don't want to have anyone accessing other employee data. Not only is it necessary to make sure the physical machine is secure, but you must make sure that users cannot hack it. ( For more on secure Web servers, come back to our site on September 15 and check out our feature on secure Web servers. ) Making the physical machine secure can be done using a private network. Most importantly, the data access software on the server must be secure. Be sure that there are multiple levels of authentication, so users are only given information they have rights to. Poorly written CGI programs and scripts can compromise machines and data. To complete the security, be sure to implement an over-the-wire solution, such as SSL or SHTTP, for sensitive data. In a perfect world, you wouldn't have to worry about the integrity of your internal staff. In reality, those assumptions can't be made and there are many freeware packages out there to capture packets off the network. Maintenance: Empower Your Users This may come as a small shock but consider liberaliz ing access to many of the public, non-critical areas of information. By this we mean give writeable and changeable permissions to a large part of your Web tree. After all, your users hold the collective knowledge. Allow them to freely make changes and updates where appropriate. Maintenance of corporate information can be a huge burden beyond the capability of a single person or even small department. Network Computing covers intranet and connecting organizations to the Internet regularly in Network Computing Online as well as in the pages of our print publication. Be sure to check out corporate.net, our new hands-on product and how-to section starting August 15, that will focus on building the applications and the infrastructure for intranets and Internet connectivity. Designing Your Intranet . Implementing Your Intranet . Return to Intranets: How To Cut Through The Cob Webs of Internal Information Rob Kohlhepp , is Technology Editor at Network Computing. He can be reached at rkohlhepp@nwc.com. Anthony Frey , is Associate Technology Editor at Network Computing. He can be reached at afrey@nwc.com. Updated July 15, 1996 Print This Page E-mail this URL