Editing Web portal (section)

===Overview===
The main concept is to present the user with a single Web page that brings together or aggregates content from a number of other systems or servers. The application server or architecture performs most of the crucial functions of the application. This application server is in turn connected to database servers, and may be part of a clustered server environment. High-capacity portal configurations may include [[Load balancing (computing)|load balancing]] strategies. For portals that present application functionality to the user, the portal server is in reality the front piece of a server configuration that includes some connectivity to the application server. For early Web browsers permitting HTML frameset and iframe elements, diverse information could be presented without violating the browser same-source security policy (relied upon to prevent a variety of cross-site security breaches). More recent client-side technologies rely on JavaScript frameworks and libraries that rely on more recent Web functionality such as [[WebSocket]]s and asynchronous callbacks using [[XMLHttpRequest]]s.

The server hosting the portal may only be a "pass through" for the user. By use of [[portlet]]s, application functionality can be presented in any number of portal pages. For the most part, this architecture is transparent to the user. In such a design, security and concurrent user capacity can be important issues, and security designers need to ensure that only authenticated and authorized users can generate requests to the application server. If the security design and administration does not ensure adequate authentication and authorization, then the portal may inadvertently present vulnerabilities to various types of attacks.