Introduction

intraPerson is feature rich and yet very easy to use. It does not compromise functionality for the sake of easy interface. It is written completely in C and uses web interface.

As any web application, intraPerson started as PHP project. After months of work, It was scraped because of simple but very serious issue -- necessity to store ldap user name and passwords in clear text in /tmp for so called session management.

In the era where encrypted Unix passwords are kept in shadow file and that file is made root readable only, this storing of passwords in /tmp or in any other directory in clear text, is an overkill.

It is not fault of PHP but the way present day web servers run. They are designed for serving static and dynamic web pages but not for true web applications. They excel at what they are supposed to do but they are not suitable for this purpose.

There is no option but resort to different architecture and to write everything under 'C'andles instead of with latest LAMPs.

Web browsers does not need slightest change. They all happily live with this architecture as this confirms to HTTP protocol.

Because of this architecture, intraPerson does not need to store user names and passwords on the disk or in memory or anywhere else in any other form.

And more over, SSL is not an option with intraPerson. It is must. Without SSL certificates it does not even start running.

Following section explains about its architecture in detail.

	+---------------+				  +---------------+
	|		|				  |		  |
	| intraPerson   |	web page request	  |  Web browser  |
	| daemon	|<--------------------------------|		  |
	|		|-------------------------------->|		  |
	| port 8082     |	redirect to new ssl port  |		  |
	+---------------+				  +---------------+
		|				     	       /
		|				  	      /
		|f				  	     /
		|o					    /
		|r			        	   /
		|k			      		  /
		|			     		 /	
		|	     		    		/
	+---------------+   		   	       /
	|		|  		  	      /
	| intraPerson	| 		 	     /
	| daemon	|	      		    /
	|		|<-------------------------+
	| ssl port	|	new redirected request
	| 10000		|
	+---------------+

It is run as daemon and waits for web connections like any other web server. For any web requests from a browser, it first forks and creates new SSL port. it redirects the browser to the newly created SSL port.

The forked process will remain alive for throughout the session to serve all the requests from a single browser. It means it does not serve single web page and terminate but it will stay alive for all the requests generated from that particular browser.

In simple words, for every connected user, there will be a corresponding forked intraPerson process and a separate SSL port.

The newly forked process will terminate only when the user logs out or session's maximum web requests reached or it is idle for specified time.

If an another user tries connect to the intraPerson daemon, it again forks and creates unique SSL port for this browser. This port again is used only for requests from this particular browser only.