In earlier sections of the tutorial you successfully built and deployed a web application to the cloud. The application makes use of a number of CenturyLink Cloud Platform products to provide a document management and review system. CenturyLink Object Storage catalogs the documents, while document metadata and user credentials are stored in CenturyLink Orchestrate. The application is deployed to, and hosted from, CenturyLink AppFog.
Here are the links to the other tutorials:
- Part 1 - Store and Authenticate User Credentials
- Part 2 - Build a Document Storage System
- Part 3 - Include Powerful Search Capabilities
- Part 4 - Add a Customized PDF Viewer and Comment System
This is the last part in the series, so we will discuss future directions you can take with your web application. Some of these directions include integrating further cloud services, while others are best practices for web application development.
Making Your Application More Robust
Building a robust web application is a useful skill, and the next step in mastering web development. Your document reader is a good start, but it will benefit from improvements that we didn't have space to cover in the previous tutorials. Here are a few suggestions for enhancing and improving your application by simply integrating other CenturyLink Cloud capabilities.
Restrict Account Creation
Currently, your application allows anyone to create an account. While this works for systems with unlimited resources, you may want to restrict yours to a limited set of users. The limitation can be done by IP address, or perhaps by creating a separate administration section where only certain users can create new accounts.
If you are part of an enterprise system with its own account storage and authentication methods, then you can link into that using Passport and remove the account creation section of the application altogether.
Control File Uploads
The document reader system is only able to read and display PDF files. However, your application doesn't place any restrictions on what types of files can be uploaded to cloud storage. There are a number of changes you can make to have more control and restriction over the types of files uploaded.
- Check document filenames to ensure that ".pdf" is the only extension.
- Restrict document upload sizes.
- Check document contents to make sure they're really PDFs.
Web Application Security
It seems like a new web application breach is announced every day. Luckily, if you approach web application security early and keep it in mind throughout the lifecycle of your application, you can stop most of the easier problems. The OWASP Top 10 Project keeps track of the most important web vulnerability types.
Here are some areas to watch in your application:
- Lock down the reverse proxy you created in Part 4.
- Check all HTTP
POSTvariables to ensure they match expected data.
Learning More About AppFog
Your application runs on Cloud Foundry, which is the technology behind AppFog. By learning more about it, you can tune your application's performance and resource usage. This can lead to a better user experience and more cost and resource control. Here are some places to get started.
Additional Cloud Services
Cloud platforms have introduced a new level of flexibility and power to application development. As we have seen throughout the course of the tutorial, provisioning new cloud services and integrating them into an application is pretty easy and fast. Other cloud services can be used to bring more power and flexibility to your web application.
Enhanced Authentication with Active Directory
CenturyLink offers a managed Active Directory solution that adds the full power of enterprise-level authentication and authorization to your web applications. Using Passport for Node.js, an application can manage users via an LDAP interface to CenturyLink Active Directory services.
More Performance with CenturyLink Cloud
Your application is built to be hosted by CenturyLink AppFog, a Platform-as-a-Service (PaaS) solution. However, with some retooling, it can run on an Infrastructure-as-a-Service (IaaS) product. CenturyLink Hyperscale is a high-performance, high-availability IaaS solution that offers rapidly deployed cloud servers backed by 100% flash storage.
When your application scales to the point where rapid content delivery is needed across a broad geographical area, CenturyLink CDN delivers better performance and lower latency for web applications. This solution would be particularly effective if your document system stored large, frequently accessed PDFs.
Increased Security and Application Monitoring
Enterprise applications need tight security and robust monitoring to ensure high availability for users across the globe. CenturyLink Cloud offers solutions for both of these requirements. For instance, CenturyLink Intrusion Prevention Service (IPS) monitors virtual machines for suspicious activity and takes appropriate action based on an IPS policy.
CenturyLink Cloud Servers also offer full resource usage monitoring and alerts. This built-in monitoring tracks CPU, memory, and disk usage activity over time from your virtual machines at no additional charge.
Other Cloud Management and Orchestration Tools
CenturyLink Cloud offers a variety of cloud management and cloud orchestration capabilities that facilitate deployment of best-practice cloud environments. By building on the CenturyLink Cloud Platform, you can stop worrying about infrastructure and remain focused on delivering amazing applications and solutions.
Now you've had a taste of what CenturyLink Cloud can offer. Learn more about the products and services we have to offer at our home page. When you're ready to leverage the power of the cloud, we're here to help.