Exposing the Data Access Layer via a Web API or .net Assembly. RRS feed

  • Question

  • Hi

    Having a debate at work about whether it is a better design to have a WEB (emphasis on WEB) API or simply a portable dll file as the access to an underlying Data Source (SQL typically). The Client is extremely Data sensitive.



    Friday, November 18, 2016 12:45 PM

All replies

  • Hi Jody,

    I would say that it depends mainly on the non-functional requirements in the project:

    • Performance - Web API has an overhead since the request is send over the web with a bunch of stacked protocols. In most cases this will not be the case with a single library. Nonetheless if the API is going to be used by many users, caching and other server techniques might increase the performance.
    • Security - Everything accessible through the web is inherently insecure. Nevertheless, if the computer the DLL is used is connected to the internet, it might be hacked.  But in general, the web API has more exposure and it is an easier target. So if there is really no need for web access and the security is important, you should go with the dll.
    • Availability - The Web API might not be working because of technical issues (or DDOS for example)
    • Maintenance - Arguably the web API might be easier to maintain (on a coding level), since you do not deal with many versions of the same library, but rather with a single instance.
    • Portability (in terms of access) - If you want to use the same functionality on different software/hardware platforms, then the web API is much better solution - you have a single point which can be used by every authorized application without having to port any of the functionality (trying to keep all versions in sync can be a nightmare).

    These are just some important general points. There are a lot other things to be considered. So it really depend on your particular needs. Neither the web API nor the dll are universally applicable.

    Friday, November 18, 2016 2:16 PM
  • Whilst I agree with much said, you haven't explained where the data access code lives. I.e. if the DA code lives in the PCL then how you front the access to it could be Web Api or not. You wouldn't typically put all the DA code in the Web Api.


    Saturday, November 26, 2016 8:25 AM
  • If I want to encapsulate just data access, then I prefer portable dll file.

    If I want to encapsulate a re-usable functionality then I would expose them as Web API.

    Wednesday, December 14, 2016 2:28 AM
  • Can you please specify , please to freeze the software requirements from the software customer. Please do contact Microsoft.

    Let the software architects in Microsoft deal with requirements after u 100% sure that the software requirements are frozen , Microsoft has headaches in selecting the technologies to develop your customized software product on Microsoft platform

    Friday, February 3, 2017 4:32 AM