Data Integrity in Web Services (转一)
2024-07-21 02:21:28
供稿:网友
注册会员,创建你的web开发资料库,abstract
web services bring with them great possibilities and with these possibilities are some pitfalls. one such pitfall is passing complex data types to and from web services without losing data integrity. the clearest thing to keep in mind when passing objects to web services is the data is passed for your object's fields, but the code is not.
what happens when i have an object that my web service passes as a return value?
wsdl does some magic when a programmer creates a referance to your web service. visual studio.net creates wrapper objects around foreign data types.
the struct you create inside your web service looks like this:
public struct persondata
{
private int yearsexperience;
public int yearsexperience
{
get { return yearsexperience; }
set
{
if(value<2) { throw new exception("you're unemployable!"); }
yearsexperience = value;
}
}
public string firstname;
public string lastname;
}
...which then gets translated into wsdl which looks like this:
<s:complextype name="persondata">
<s:sequence>
<s:element minoccurs="1" maxoccurs="1"
name="firstname" nillable="true" type="s:string" />
<s:element minoccurs="1" maxoccurs="1"
name="lastname" nillable="true" type="s:string" />
<s:element minoccurs="1" maxoccurs="1"
name="yearsexperience" type="s:int" />
</s:sequence>
</s:complextype>
... to the client of the web service, visual studio creates a wrapper based upon the wsdl that looks like this:
public struct persondata
{
public int yearsexperience;
public string firstname;
public string lastname;
}
and to make matters worse, when this struct gets passed to the server with yearsexperience=1 (a value that persondata.yearsexperience should not have) it will be passed silently and without an exception! the solution to this bug, i mean feature, is to wrap all data that you want passed to and from a web service inside a struct and then in turn a validator class.
the struct is the carrier of the data between the points and the object does all of the range checking required to keep your data clean.
the web service below is a simple web service that simply passes the struct persondata back and forth assigning it to a static member. a useful extention of this example is to build up some object-relational mapping between our person object and a database, but that is beyond the scope of this article.
the areas of note in this object are the persondata struct and the person object. please note that yearsexperience does indeed have an accessor method. also note that the person object does a complete range checking on the struct as it is passed in before allowing an assignment.
to start this project go to file->new project and then choose a asp.net web service from the selection menu. the complete code listing is below:
using system;
using system.collections;
using system.componentmodel;
using system.data;
using system.diagnostics;
using system.web;
using system.web.services;
namespace remoteobjectpasser
{
public class personservice : system.web.services.webservice
{
static person person;
public personservice()
{
initializecomponent();
if(person==null)
{
person = new person();
persondata servicedata = new persondata();
servicedata.firstname="david";
servicedata.lastname="talbot";
servicedata.yearsexperience=5;
person.currentdata=servicedata;
}
}
private void initializecomponent() {}
protected override void dispose( bool disposing ) { }
[webmethod]
public persondata getpersondata()
{ return person.currentdata; }
[webmethod]
public void setpersondata(persondata pd)
{ this.person.currentdata = pd; }
}//end of personservice object
public struct persondata
{
private int yearsexperience;
public int yearsexperience
{
get { return yearsexperience; }
set
{
if(value<2) { throw new exception("you're unemployable!"); }
yearsexperience = value;
}
}
public string firstname;
public string lastname;
}
public class person
{
private persondata persondata;
public persondata currentdata
{
get { return persondata; }
set
{
if(value.firstname.length > 20)
{ throw new exception("firstname must be less than 20 characters"); }
if(value.lastname.length > 20)
{ throw new exception("lastname must be less than 20 characters"); }
if(value.yearsexperience < 2)
{ throw new exception("people with less than 2 years exp are unemployable in it."); }
persondata=value;
}
}
//other useful methods to operate on a person
}//end of person object
}//end of remoteobject passer namespace