The Virtual Laboratory is not confined to individual machines and local file systems. The user may also invoke browsers or hyperbrowsers on different data base hierarchies, on the same local area network or over the Internet. Most operations available locally can be also performed on remote data bases, provided that proper permissions are given by their owners. For example, the user may browse a remote data base of objects, experiment with a remote object (which is transferred to the local lab table for fast experimentation), or copy objects and object hierarchies between various data bases. These transfer operations are performed by dragging and dropping, or copying and pasting, between browsers open on different data bases.
Access to remote data bases is accomplished using the remote access server, which runs as a daemon on a remote machine, and performs operations on behalf of the client browser. The underlying mechanism can be viewed as a simplification of UNIX Remote Procedure Calls. The format of messages exchanged between the browser and the remote access server has been optimized to reduce response times. For example, the browser can ask the server for information regarding an entire subhierarchy of objects in a single message, and this information is also returned in a single message. The communication flow between two VLAB applications and RAserver is graphically illustrated below:
When a VLAB application needs to access a database on a remote computer, it does so through raserver running on the remote computer. When the VLAB application has a direct access to the database, it does not go through raserver.
The level of access to remote files granted to VLAB applications connected to raserver is determined by two factors. First, since raserver is run as a user's process, raserver cannot provide functions on files that would not be granted directly to the user that invoked raserver. The second factor that determines file access permissions is the level of access granted to the remote user, as specified by the user running raserver.
The user running raserver can set up two different levels of access for each remote user: read-only and read-write. When a new VLAB application connects to raserver, it has to identify its user by a login and password. raserver then looks up the corresponding account in its own database and determines its level of access. If the account is associated with read-only level of access, raserver will refuse to perform any operation which would result in modifications to the filesystem.
To illustrate how the level of file access using raserver is determined, consider the following example. User A has set up two accounts for raserver: account one with write permissions, and account two with read-only access. There are three files on user A's computer: file1, file2 and file3. User A has read/write access for file1, read-only access for file2 and no access to file3. VLAB applications connected to RAserver using account one will have the same permissions to all three files as user A: read/write for file1, read-only for file2 and no access for file3. VLAB applications connected to raserver using account two have read-only access for file1 and file2, and no access for file3. Write access for file1 has been effectively removed for all VLAB applications connected to raserver using account two.
The user wishing to provide remote access to his/her databases invokes RAserver in the daemon mode, by issuing the following command at the shell prompt:
raserver
RAserver then listens for connections from VLAB clients, establishes multiple connections and provides services to all authorized connections.
To invoke RAserver in setup mode, the following command is typed at the shell prompt:
raserver -pe