Web 2.0 Meets the Mainframe

I had lunch with one of our development teams today and they are working on a really cool project.  Basically they are putting a Web 2.0 front-end using ASP.NET 2.0 and Microsoft Atlas on top of legacy applications and databases running on Sybase and an ooooolllllddddd mainframe.

Interesting points that came out of our discussion:

  • Mainframes aren’t always as reliable as they ought to be.  And the ISAM/file-based databases they use don’t necessarily translate well to the usage patterns required by web-based applications.
  • It is possible to create automated functional tests for AJAX-based applications, but you have to work around some issues.  We use WATiR (Web Application Testing in Ruby) and what our folks have discovered is that you sometimes have to add delays in the tests to deal with the client to server roundtrips AJAX is running in the background.
  • Incremental SOA is a “Good Thing”  Now that we have provided service-oriented wrappers around a number of legacy functions (via .NET Web Services) the organization is excited to start consuming those services from other applications.  SOA is addictive once folks gets a taste of it – so if you are going to go down that road it pays to pay at least a little bit of attention to API usability and maintainability because once a service gets exposed all of a sudden everybody wants to use it.

No matter how much I cry and how much I beg legacy systems don’t seem to be going away.  But today I saw a specific example of how organization can make the most of what they have and keep their systems moving forward.

–Dan
dan _at_ denimgroup.com

About Dan Cornell

A globally recognized application security expert, Dan Cornell holds over 15 years of experience architecting, developing and securing web-based software systems. As the Chief Technology Officer and a Principal at Denim Group, Ltd., he leads the technology team to help Fortune 500 companies and government organizations integrate security throughout the development process. He is also the original creator of ThreadFix, Denim Group's industry leading application vulnerability management platform.
More Posts by Dan Cornell

Categories: Information Security

Leave a Reply

Your email address will not be published. Required fields are marked *