Considerations for setting up a desktop ObjectServer architecture
When configuring a desktop ObjectServer architecture, a set of guidelines is available for your consideration.
These guidelines are as follows:
- One ObjectServer must be designated as the master ObjectServer.
- One or more ObjectServers can be designated as desktop ObjectServers.
- A unidirectional ObjectServer Gateway must connect the master ObjectServer with each of the desktop ObjectServers.
- If you use the ObjectServer Gateway to replicate security
data (including users, groups, roles, and restriction filters) between
the master and desktop ObjectServers, you must maintain the security
data in the master ObjectServer. Do not add ObjectServer objects directly
to the desktop ObjectServers because when resynchronization occurs,
any permissions in the desktop ObjectServers for objects maintained
by the master ObjectServer are lost. Lost permissions can include
permissions that are granted to roles, or roles that are granted to
groups.Attention: If you want to resynchronize security data when your ObjectServers are running in secure mode, run the gateway as the root user. If you fail to do this, when you attempt the resynchronization the gateway quits and the destination ObjectServer will have no security data. This is because the gateway deletes the destination permissions and so cannot insert rows copied from the source table. Running the gateway as the root user overcomes this problem because it does not require permissions to be set explicitly.