OneGate is an enterprise-class universal Common Gateway Interface (CGI) engine that allows communication between web browsers and "applications" of any kind.

 

The CGI specification defines a mechanism for encoding and transfering the data on the browser end, and decoding and parsing the data on the server end of a transaction. Originally, CGI was what it is called, a "gateway" to another application. More and more programs have been written with their own parsing routines to accomodate the standard, as well as include the code to do the actual work desired. Many of these applications are designed exclusively for use on the web.

 

OneGate goes back to the gateway approach and generalises it. It is a configurable gateway that allows you to focus on writing and using your basic application, while making it easy to enable it for use on the web.

 

Instead of using many different task-specific gateway programs (one for emailing contents of a form, one for populating a database, one for running votes, etc.), OneGate lets you use one engine to drive all of these tasks and more, conveying the submitted data to your application via XML in a file stored to local disk on the server. If your application can handle XML data, you can utilise the submitted data as your needs dictate, and write a response file to be sent back to the client.

 

"Application" is a broad term in the sense that OneGate allows you to call as many commands as you need within your processing of the CGI request. You can call a database to store the data, then an email program to send the data to a recipient, followed by a program to generate a nice graph based on the data, if that's what you need. All these components, which I refer to as a program set are what I consider part of any given "application". The word application does not denote a single call within the context of OneGate.

 

Unlike other engines, OneGate is not limited to sending HTML pages back to the client. If you want, you can define the MIME type of your response file and send back a graphic, a sound file, a compressed archive, or whatever else is needed.

 

OneGate is also scalable in the sense that you may limit how many instances are allowed to run concurrently. If you interface to software that has only a five user license, you can allow only five instances of OneGate to run concurrently, and it will attempt to try for a configurable amount of time before giving up. You can author the HTML page that is returned if OneGate is forced to abandon a request due to user limits.

 

OneGate will also track use of your applications, logging when they were used, from what hosts, which application was requested, and what the end result of the request was.

 

OneGate also supports HTTP File Upload, and you can mix and match regular data and file uploads at-will, including multiple file uploads at once. If your application needs to receive whole files, OneGate fits the bill. The files are stored separately, and the information about the (safe) filename and the original remote filename are passed to your application within the XML data set that describes the query submission.

 

With simple yet powerful configuration, OneGate can ease the migration of existing applications into web-enabled functionality, or you can design powerful applications for use with OneGate from the ground up, without having to worry about the CGI getting in the way.

 

Additionally, OneGate allows you to access cookies as easily as you can the other CGI data.

 

On the security front, besides the usual precautions that all CGI programs should take, OneGate provides for a virtual application firewall for each specific application, capable of denying and allowing both wildcarded subnets and specific IP addresses. Also available for each application is the ability to limit use by user and/or group. Both the subnet and IP restrictions and the user authentication are configurable at the application level, meaning you can have different sets of rules for each application. For an inventory listing, you could let anyone access the application except abusive sites. For data entry into the inventory, you could limit access to only machines on the VPN of a multi-interface machine, and you could even allow only certain users from those machines. Unlike traditional firewalls, you allow or deny access to each application, not the whole machine or site--all without having to enlist the help of your network or system administrators. The security is as flexible as you want it to be.

 

For those situations where you must temporarily disable either individual applications, or all applications running under OneGate, you may disable it at either level with a single message file with which you also notify the users of the situation. This functionality is great for evening backup periods and the like.

 

OneGate has been further expanded to conform with AJAX methodology for more robust web development.