locked
Windows Service + web reference RRS feed

  • Question

  • Hi everybody!!

     

    I´m developing a windows server that have a web reference to a server of other enterprise, and I´d like some advices.

    This Windows Services will work every xx hours or days, and I believe it´s not a good way, when you think on security, to let the connection on with this server in this meanwhile, so I pretend to create a new object of this web reference every elapse of my timer, use the methods that I need to do, and then dispose it at the end. Is this a good way?

     

    Best regards,

    Pedro

    Monday, March 26, 2007 3:29 PM

Answers

  • If your server is simply hooking up with a web service, it is just an http /soap request to the web service. There is no resource you are holding onto at the other end. (There may be a state process in place which has an operational status in the web service...but that does not matter). The web service on the other end is free to accept other requests.

    You may hold onto an object that initiated the call to the web service for another call and that is fine, or dispose of it and create another on the next tick of the timer. But reuse is a good thing.

    The only thing in terms of security is the message going back and forth. If the messages are clear text, you may want to look into encryption for the message or have the message go across on a https message. Of course that is dependent on the owner of the web service implementing such items.

    Does this answer your question?
    Wednesday, March 28, 2007 2:01 AM

All replies

  •  Pedro A. G. Carvalho wrote:
    This Windows Services will work every xx hours or days, and I believe it´s not a good way, when you think on security, to let the connection on with this server in this meanwhile, so I pretend to create a new object of this web reference every elapse of my timer, use the methods that I need to do, and then dispose it at the end. Is this a good way?


    Hi Pedro, This is one long run-on sentence which makes it hard to understand what the true issue is...could you break this down into multiple sentences which might explain what you are looking for? Thanks.
    Monday, March 26, 2007 6:06 PM
  • Sure!!

     

    My issue is about security, and I want to know if this is the best practice I can do to make my connection safe.

     

    I´m developing a windows Service that will run every xx hours or days.

    This service will use a timer, using the property interval, to make my functions in time to time.

     

    For each timer_elapsed, I will open a connection to a web service from a server of another enterprise, so I will access it by internet.

     

    After my functions is done, I pretend to close this connection to that server, and just open a new connection on the next timer_elapsed

     

     

    Do you think this process is a good practice??

    Because my intention is not let my connection open all the time. do you think this precaution is useless??

     

    To make this, I will define an object of a type of the web service.

     

    For each elapsed event I´ll create a new object of the web service and use it.

     

    On the end of the elapsed event, I´ll use object.Dispose();

    Is my idea right???

     

    Best regards.

    Pedro

    Tuesday, March 27, 2007 1:47 PM
  • If your server is simply hooking up with a web service, it is just an http /soap request to the web service. There is no resource you are holding onto at the other end. (There may be a state process in place which has an operational status in the web service...but that does not matter). The web service on the other end is free to accept other requests.

    You may hold onto an object that initiated the call to the web service for another call and that is fine, or dispose of it and create another on the next tick of the timer. But reuse is a good thing.

    The only thing in terms of security is the message going back and forth. If the messages are clear text, you may want to look into encryption for the message or have the message go across on a https message. Of course that is dependent on the owner of the web service implementing such items.

    Does this answer your question?
    Wednesday, March 28, 2007 2:01 AM