Administration section advice

Hi all,

I am looking for some advice on where to put the administrative
interfaces for an ecommerce site we are planning for. The debate right
now is with the idea of having the administrative portion as part of the
public application. Here are the two trains of thought:

  1. The admin section should be part of the full application. The primary
    argument against this is security. Having the admin section as part of
    the public application would provide an access point to backend of the
    application and increases the risk of someone breaking into the site.

  2. The admin section should be it own standalone application that shares
    the models with the public application. This would allow the admin to
    be run on the company intranet which is more secure than login form that
    would exist in 1. However, separating the apps would make caching more
    difficult as all model updates would happen in one application, but it
    would affect caches in both applications.

I have simplified things here. In the first choice there are a large
number of options for securing the application to prevent evil users
from accessing it. In the second, we may misunderstand caching and the
problem outlined may not be a problem at all. That said, it would be
great to hear from anyone on what they would do. I am always curious as
to the community’s opinion on architectural matters.

Thanks!

Peer

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs