Where should I store the SQLLite file when it is shared between a web and a desktop app?

Question

I am developing an application that can be simplified as follows:

The application is basically a mailing list.

Users browse to http://mysite/subscribe. It's on the intranet, and the site is using Windows Auth, so I can retrieve their email adress from Active Directory. This email adress is stored in an SQLLite DB, on the webserver.

Every hour, on the same server, a scheduled task runs a .exe console app. It reads the email adresses from the DB, and sends a report by mail.

My question is:

Where should I save the DB file, in a way that is easily configured in both apps?

In the wwwroot/mysite folder? In the console App folder? In some other folder dedicated for this I don't know about?

Answer 1

You mentioned the external application and the website exist on the same server, so in some respects, it really doesn't matter where it is stored. The only thing that matters is what permissions the applications have to the file.

In most cases, the website is going to be the application with the most constraints for permissions. It depends on how/if your app server sandboxes your access to the file system. You'll want to make sure your web application has read/write access, and you want to limit your external app to have read-only access. This minimizes the risk of database corruption due to multiple processes accessing the file. Make sure your web application is opening the database in a way that does not exclusively lock the file.

So to summarize:

• File location only matters if your app is sandboxed in any way
• Make the location configurable in your console app
• Web app needs to open the database with nolock=1 (i.e. can be opened by multiple processes)
• Console app needs to open the database in read-only mode

Any steps you can take to minimize the time that your console app has a handle to the database file will help. You can open a memory database and import the data from the file into it, or you can make a copy of the file on disk and open a reference to that.

Answer 2

Users browse to mysite/subscribe. It's on the intranet ... This email adress is stored in an SQLLite DB.

Your Users do not require any access to the database.
Indeed, putting a copy of this Personal Data on the user's local machine might well get you into hot water with your local Data Protection legislature.

Your application is "on the Intranet" - that's a web application running on a web server. That will require access to the database.

Your hourly "report" program may or may not require access to the database itself; you might prefer to make the data available through a Web [REST] API that the program reads from instead. YMMV.