1

.NET Web Forms

Web Services© 2002 by Jerry Post

2

Web Service Principles

Primary goal: small independent programs that can be called to perform a task or deliver data by other programs on diverse machines, all using Web transfers and standard protocols. Accessible by URL Data transfer by XML, preferably over HTTP

XML Schemas to define data structures SOAP to handle activation

Registered on a public registry, with descriptive information to enable its use

Universal Description, Discovery, and Integration (UDDI) Web Services Description Language (WSDL)

Esposito, Ch. 9, p. 285-315; Short, 2002.

3

Web Services Perspective

User: Browser

Primary application

Legacy data

Service: data analysis

HTML

XML

4

Web Service Structure

Your Web service Receives a request via HTTP It might contain data within an XML transfer Your code performs some action (e.g., look up data) And returns an XML result

It will be name something.ASMX

5

.NET Web Services

Create a new class that inherits from System.Web.Services.WebService

WebService Attribute Not required, but used by WSDL to document your service. Name = “” Description=“” Namespace=“” usually your url, but could be anything unique

<%@ WebService Language=“VB” Class=“MyService1” %>[WebService(Namespace=“something/whatever”, Name=“MyService”,

Description=“Sample test service”)]Public Class MyService1

Inherits WebService…End Class

6

WebMethod

A Web Method is a function performed by your service. It must be declared as a WebMethod to be accessible.

[WebMethod(MessageName=“GetProductList”, CacheDuration=60, Description=“Main item list.”)]Public Function GetProducts() As DataSet…End Function

[WebMethod(MessageName=“GetOneProduct”, Description=“Detailed information about one item.”)]Public Function GetProducts(ByVal ItemID As Integer) As DataSet…End Function

7

WebMethod Properties

BufferResponse (true by default) CacheDuration (seconds to hold in memory) Description (mostly for WSDL) EnableSession (false by default, avoid because it might require

cookies) MessageName (Lets you expose a different name to the public) TransactionOption (activates transaction support)

8

Invoking a Web Service

Three methods POST command that contains a SOAP request POST command specifying method name and parameters GET command with URL specifying method name and parameters

POST URL, etc<soap: Envelope …><soap:Body>

<GetOneProduct xmlns=« unique name »><ItemID>15</ItemID>

</GetOneProduct></soap:Body></soap:Envelope>

POST URL/MyService.asmx/GetOneProductItemID=15

GET URL/MyService.asmx/GetOneProduct?ItemID=15

9

Handling the Response

Your calling application receives a response as an HTTP return packet. If you use SOAP, you get SOAP back, otherwise, straight XML.

HTTP/1.1 200 OKContent-Type: text/xml; charset=utf-8Content-Length: (some number)<?xml version=“1.0” encoding=“utf-8”?><DataSet xmlns=“your service name”>

<schema xmlns=“http://www.we.org/2001/XMLSchema”>(schema info)

</schema>(XML version of the DataSet)

</DataSet>

10

Proxy Class within .NET

Once the service is created (or known), you can create a proxy class and install it in your application. Your application will then build all of the code needed to cal the Web service and process the results. You treat it as if it were a simple class (but remember the round-trip delay to go get the data). Find or build the original service. On your application machine, create a proxy class--command line:

wsdl.exe /out:MyService1Proxy.vb /namespace:ServiceNameSpace /language:VB url

Add the resulting class to your project, by adding a Reference within the page where you want to use it

<%@ Assembly Name=“MyService1Proxy” %>

Dim ds As DataSet = New DataSet()

Dim srv As Namespace.MyService1 = new Namespace.MyService1()

Ds = srv.GetOneProduct(15)

11

Web Service Security: Authentication

Three built-in possibilities by inheriting from WebService, and can be set in web.config file: Windows integrated (default) Form-based Microsoft passport (requires payment to Microsoft)

Usually easier (and cheaper) to create your own table of users and authenticate against it. As a service, users would have to call a logon method first, which would give them an encrypted token. Other method requests would require (and test) the token.

12

Summary

Web service technologies are relatively standardized and can be built using diverse technologies.

Authentication is still an issue because there are no accepted standards.

Finding useful commercial ideas appears to be difficult. Charging for commercial services is going to be a nightmare for a

while (except maybe as a monthly service).

But Web Services are great for internal use, because it separates applications, and makes it much easier to centralize some data. Academic example: there should be only one student database. All

other applications should be able to send a Student ID and get whatever student data they need and are authorized to see.