Subprovider

From regify WIKI
Jump to navigation Jump to search

The Subprovider feature

A Subprovider is a way to host multiple regify-provider instances on a single system (multi-tenant). In fact, all Subprovider instances of a regify-provider, each visible with different customizing to the customers, are running on the same hardware / virtual host.

Subprovider Scheme.jpg

Subprovider decision

If a regify provider starts having big customers, the decision to create a new group or even a subprovider is needed. In order to help, please follow this guide:

  1. Does the customer need to have his data on his own infrastructure or are there security concerns if you have the data?
    • YES: He needs to become a provider by himself. A Subprovider runs on the same infrastructure as the main provider.
    • NO: continue
  2. Are there plans of the customer to become a regify provider in the future by himself?
    • YES: Consider setting up a new regify provider for this customer. If complexity and costs prevent this while starting then consider having him as a group or eventually a Subprovider but be aware that migration of users will be a manual process that involves loss of transaction data and forces the users to reset their regify client. A Subprovider might be easier to migrate than a group. If the users also will use regibox, there is no way to transport and extract their data to a new system!
    • NO: continue
  3. Does the customer need his own corporate identity (logos, templates, domain) and is willing to pay for?
    • YES: Subprovider
    • NO: continue
  4. Does the customer need enhanced administration capabilities (eg full control over users, groups, imports, authentication etc)?
    • YES: Subprovider
    • NO: continue
  5. Is the customer having more than 500 users and he is willing to pay for some separation?
    • YES: Maybe a Subprovider, but a group will be the best solution.
    • NO: Use groups only.

Individual Subprovider features

The following settings are customizable individual for each Subprovider:

  • internet domain name
  • SSL certificate
  • page-Design by using individual CSS files and images for each Subprovider
  • header and footer content
  • e-mail templates are completely individual (css-design, layout and text-content)
  • customized logo in regify-client (logo in right upper corner)
  • customized standard-template for all mails sent using standalone-client, Outlook addin, Thunderbird addin, Lotus Notes addin
  • shop-pages for premium-membership of single users and group-administrators and regichat users
  • payment options (PayPal, others)
  • blacklist for mail-addresses, domains and sub-domains that are rejected from registering
  • Terms and Conditions (German 'AGB')
  • customizable authentication form (Subprovider authentication-level can vary)
  • used HTTP header meta-information
  • individual configuration as community-provider or corporate-provider
  • selection of active and inactive portal-options for end-users
  • language-specific sentences (limited usage recommended)
  • regigate connectors to limit access to Subprovider users only

Shared features

The following functions and settings are shared between all Subprovider (not individual):

All Subprovider share...

  • the same local database.
  • the same assigned regibox storage and regibox quota defaults.
  • regibox enabling/disabling by default for new users.
  • maintenance-state.
  • the clearing-connection of a system.
  • proxy-settings.
  • the currency settings.
  • local time-settings (difference to UTC-0).
  • premium-time offered as trial period.
  • the number of days a registration, invitation or added mail-address is active/valid.
  • the length of passwords, ciphers and unlock-codes.
  • any PDF settings.
  • SMS settings (for sending text messages).
  • some specific authentication-settings (like maximum authentication level).
  • the settings for intrusion detecting system (IDS).

Subproviders are also somehow limited in functionality:

  • The definition of any administrative accounts is only available to master role administrators of the main provider.
  • A Subprovider is able to administrate many functions inside of his domain (user-data, groups etc.), but some functions are still only available to the main providers master role administrators.
  • A Subprovider is not able to see the appliance log-file entries (eg technical issues and warnings).

Prerequisites

In order to manage a Subprovider, the following prerequisites are needed on the hosters side:

  • individual IP address for each Subprovider
  • individual domain for each Subprovider (A record in DNS entry and , if appropriate, a reverse-DNS entry)
  • specific SSL certificate for the desired domain

Sometimes we get asked about the possibility to host multiple subproviders on one IP address only. The short answer is: no, the regify provider software appliance does not support this. It is only IP based.

We also get asked frequently if it is possible to host multiple designs on one single domain (corporate identities). In fact, with no different domains, the portal does not know which design to show. We need this differentiator to determine the correct design. We also do not want the user to add some additional subfolder to its domain (regify.company.com/design1/ or regify.company.com/design2/). Most users are simply typing the main domain. This solution will cause a lot of confusion at the customers.

Other important information

  • A Subprovider stores his user-data and transaction information in the same database as the main provider. There is no physical separation of the data.
    • Upon this, a later separation into a new independent provider-instance needs extreme effort.
    • Upon this, the main provider is able to access customer address data of his Subproviders users.
  • Subproviders share the regibox storage. There is no way to separate the data later. Users with enabled regibox can not get transferred to another provider later.
  • Subproviders are sharing their physical resources (CPU power and RAM). A heavy load caused by a single Subprovider will affect all other Subprovider-instances and the main provider.
  • In order to allow emergency help to subproviders, every regify provider should have at least one account with master administration role at his Subproviders.

If you are looking for technical information on creation of a new sub-provider, please check here: Setting up a new sub-provider