0

So I am to build a web based Point of Sale system.

I've been used to developing ASP.NET web applications in the past but I want to avoid postbacks and page reloads therefore I have decided the best method would be HTML5, CSS and JavaScript.

The part I'm not too sure about is how to handle multiple customers accessing the same website.

Lets say we have 100 individual businesses who want to buy a license.

My thoughts on how this would work is the following :

(1) 1 Server ( for now )

(2) SQL Database as the backend

(3) IIS to host websites

(4) Create a virtual directory for each customer which will have the same website in each folder

(5) Each customer would then navigate to https://xxx.xxx.xx.xx/Customer1, https://xxx.xxx.xx.xx/Customer2 etc...

(6) The next thought to deal with security is to assign a username and password to each customer so that when they navigate to https://xxx.xxx.xx.xx/Customer1, the username and password is sent with the request ( hashed of course for security ) and then checked against the username and password in their record within the SQL database.. then their stock data will be retrieved once the username and password is authenticated.

I could handle this through a method in my API or an aspx handler page or something. I could use the role provider in ASP.Net to keep all the pages which require authentication in their own folders to control user access. The username and password functionality could also be managed using the Microsoft Membership Provider, so once the user is authenticated and sent to their home page, the HTML5 pages take over.. no more aspx pages... just an initial aspx page for logging users in.

This of course would increase the maintainabilty and time required to update and deploy new code / fixes to each folder if each customer had their own site in their own folder.

The only other way I can think is to have a single web application where EVERY customer logs into to authenticate themselves.. again maybe using the Microsoft membership provider. I've used this before and it works well.. but then you have to start thinking about session state and if session should be InProc or OutProc to store session state information in the SQL database.. it also means there is one Application Pool... other items come into the equation too but there is always just one update to be made if there is new code or a bug fix..

Would anyone have any better ideas or care to comment on the pros and cons of my suggested approach above?

pnuts
  • 58,317
  • 11
  • 87
  • 139
Kev
  • 743
  • 2
  • 14
  • 32
  • If you won't spend a year learning all new stuff for you - find a full-stack framework which fits yours needs. Spend one week to find right one for you and few more weeks to get into it. – dr.dimitru Sep 26 '15 at 16:46
  • I don't really understand your answer... I've been a desktop application developer with some web development experience... however that experience is limited... I have already decided on using HTML5, Javascript and CSS for the building of the web application... what I am not sure of is if my approach is the best idea in terms of scalability and maintenance. Just looking a few pointers from experience web developers, not trying to ask any one to learn stuff for me :) thanks – Kev Sep 26 '15 at 16:56
  • That is what I recommend to you take a years of experience of other developers and use it. – dr.dimitru Sep 26 '15 at 16:58
  • I am the only developer for this project and in my workplace. I would like to hear from other experienced web developers which is the reason for my question:) I want to poach some experience from some of the developers on this site :) Thanks dimitru – Kev Sep 26 '15 at 17:04

0 Answers0