How to Get Out from Under an Obsolete Legacy Technology
Hi Duncan, CGIDEV2 is not optimized for best performance because it requires you to call the APIs to 'standard out' and to CGI output repeatedly, unless you write lots of code to cache your calls. Also, it uses IFS files to read the HTML. A Java servlet or a JSP writes to an output stream to generate the response. How is that any different from RPG writing to standard output? And CGIDEV2 only re-reads a given HTML file off the IFS if the file date/time has changed. Otherwise, it's cached in memory in the service program for subsequent responses. How would you make that faster? Also, there is parsing code involved for substituting variable values in at placeholders in the static HTML that potentially slows things down. This is all done in memory. That won't be the bottleneck. The bottleneck will be any database I/O from DASD. My comparisons of performance were related to calling an RPG program from either a PHP script or a CGI program. Are you using the PHP i5_connect function to call RPG on the back-end? This gets to my point on authentication. What general purpose user id and password do you connect with? If that user id becomes disabled, does your i5_connect fail? With CGI, the jobs are already running, ready to handle requests, no connection needed. Your models are sort of the way I envision things, although you can just as easily have this: Browser --> HTTP Server --> PHP Engine --> PHP and Browser --> HTTP Server --> RPG program I thought your PHP called RPG on the back-end? Like this... Browser --> HTTP Server --> PHP Engine --> PHP --> RPG I'm still wondering why we need the PHP middle man in that equation. The only answer I can come up with is if you need the PHP on a separate LPAR. (RPG could use DDM Data queues from a different LPAR I guess, but that's probably a stretch). PHP also has its own native authentication functionality that allows you to reference a hidden password file and allow login via HTML pages, although that's not the most robust security solution. What is a robust security solution? Just use SSL? Thanks. Chris
Hi Duncan, CGIDEV2 is not optimized for best performance because it requires you to call the APIs to 'standard out' and to CGI output repeatedly, unless you write lots of code to cache your calls. Also, it uses IFS files to read the HTML. A Java servlet or a JSP writes to an output stream to generate the response. How is that any different from RPG writing to standard output? And CGIDEV2 only re-reads a given HTML file off the IFS if the file date/time has changed. Otherwise, it's cached in memory in the service program for subsequent responses. How would you make that faster? Also, there is parsing code involved for substituting variable values in at placeholders in the static HTML that potentially slows things down. This is all done in memory. That won't be the bottleneck. The bottleneck will be any database I/O from DASD. My comparisons of performance were related to calling an RPG program from either a PHP script or a CGI program. Are you using the PHP i5_connect function to call RPG on the back-end? This gets to my point on authentication. What general purpose user id and password do you connect with? If that user id becomes disabled, does your i5_connect fail? With CGI, the jobs are already running, ready to handle requests, no connection needed. Your models are sort of the way I envision things, although you can just as easily have this: Browser --> HTTP Server --> PHP Engine --> PHP and Browser --> HTTP Server --> RPG program I thought your PHP called RPG on the back-end? Like this... Browser --> HTTP Server --> PHP Engine --> PHP --> RPG I'm still wondering why we need the PHP middle man in that equation. The only answer I can come up with is if you need the PHP on a separate LPAR. (RPG could use DDM Data queues from a different LPAR I guess, but that's probably a stretch). PHP also has its own native authentication functionality that allows you to reference a hidden password file and allow login via HTML pages, although that's not the most robust security solution. What is a robust security solution? Just use SSL? Thanks. Chris
Comment