Description of work

The MONK project requires a middleware layer between the back end (data store, analytics) and front end clients (javascript in browser.) The javascript client makes REST calls to the proxy for data or analysis results. The middleware layer queries the data store or analytics routines and returns the results to the js client. The middleware layer will also manager user session/project information. There are three reasons for using the middleware layer:

1. SIMPLIFIED CLIENT INTERFACE. More than one datastore may be used, each of which may run on a different machine, and use a different api or protocol. More than one set of analytics may be used, each of which may sit on a different machine, and use a different protocol. The middleware layer simplifies access for the js client, making it appear as though the data is coming from one location, with a single, standard api for accessing data and analytics.
2. REMOTE/MULTIPLE AUTHENTICATION. The middleware layer can potentially simplify authentication issues if the middleware acts as a proxy user for the end user, authenticating the user for each datastore / analytic set.
3. BROWSER SECURITY RESTRICTIONS. The XMLHttpRequest that the browser uses to pull data from the server apparently only allows requests to the server from which the client originated. The proxy effectively allows the client to pull data from distributed servers, by funneling everything through the one server; provided that the js client originates from the same server as the proxy of course.
4. LAYER OF INDIRECTION. Using a single stable point of access for js clients allows us to vary the data store and services used on the back end. We can, in theory, substitute one datastore or analytic for another without affecting the client.
5. USER/PROJECT MANAGEMENT. The middleware layer will manage user sessions and projects, independent of any one datastore or analytic.
6. MULTIPLE PROTOCOLS/DATA FORMATS. The middleware layer can provide the same data in different formats and use different protocols for access. In particular for now: SOAP, REST, JSON.
7. SECURITY. The middleware layer provides a role based security system, which can be used to protect data or analytics that don't have an existing security system.