Home > .NET, .NET User Groups > WSE 2.0 at the DC .NET UG

WSE 2.0 at the DC .NET UG

Todd Barr presented on Web Service Architecture and WSE 2.0 at the DC .NET UG tonight. The session was very interesting especially seeing the new features involving security and policy.

We have just completed the web service phase ofa project at my current client. It involved a challenging problem that was happily solved using an old MSDN article by Aaron Skonnard.

The problem:

Our web service takes in a large complex data structure which has various business rules regarding the validity of the data. If we begin using our business layer objects to create the corresponding data and child objects then we run the risk of violating a business rule which would throw an exception and then leave parent objects lying around in the database. Yuck!

The solution:

We first developed a schema which expressed all the data limitations but we needed this to fire before we attempted the business layer logic. We could have simply accepted a string of XML as input to ourWebMethod and then validated it against the schema but that seems so archaic in a world ofgenerated web references which rich client proxy objects representing web service input and output.Aaron’s article (link above) describes using a SoapExtensionAttribute and SoapExtensionto enable schema validation of WebMethod input parameters. This allows us to ensure that the input datameets the schema before even attempting processingby the business layer.

Note that this validation against schema incurs a performance penalty whichcould beproblematic for web services experiencing very heavy load. There are “XML firewall” hardware appliances that can be usedto validate XML web service input against schema in such extreme circumstances. MarkO’Neill’s book Web Service Securitymentions such hardware solutions and also gives a good discussion on security best practices for web services.

It appears that policy may be an alternate solution provided by WSE 2.0 for the above problem although I have yet to dabble with it. 😀

Categories: .NET, .NET User Groups
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: