locked
Accessing data via different methods and security RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote
    User265788195 posted

    We have a central repository of data in sql server. Whole state should be able to access this data. Sometimes the result set is as simple as one row of data and sometimes it might be millions of records. What is the best way to provide this data. I need to come up with some solutions. Web services or any other technology and what kind of security considerations. I am not sure at this point what kind of questions to ask as well. Can you guide me on how to proceed with this.

    Monday, June 6, 2016 4:41 PM

Answers

  • Question
    Sign in to vote
    0
    Sign in to vote
    User36583972 posted

    Hi nissan,

    As far as I know, you can use the following methods to provide your data.

    1: Web Serveice

    Understanding the Basics of Web Service in ASP.NET

    http://www.codeproject.com/Articles/337535/Understanding-the-Basics-of-Web-Service-in-ASP-NET

    If you have some questions about Web Serveice, you can visit the following forum.

    http://forums.asp.net/28.aspx/1?WCF+ASMX+and+other+Web+Services

    2: WCF

    WCF has the following features:

    •Provides a varying array of communication across several platfrms: HTTP, HTTPS, TCP, MSMQ, and Etc.

    •It provides additional Security.

    •It has a better means of Serialization and Deserialization.

    •It provides more code re useability. •Different forms of hosting.

    A Beginner's Tutorial for Understanding Windows Communication Foundation (WCF)

    http://www.codeproject.com/Articles/406096/A-beginners-tutorial-for-understanding-Windows

    If you have some questions about WCF, you can visit the WCF forum for getting better support.

    http://forums.asp.net/28.aspx/1?WCF+ASMX+and+other+Web+Services

    3: Web API

    ASP.NET Web API is a framework that makes it easy to build HTTP services that reach a broad range of clients, including browsers and mobile devices. ASP.NET Web API is an ideal platform for building RESTful applications on the .NET Framework.

    http://www.asp.net/web-api

    You can visit the Web API forum for getting more support.

    http://forums.asp.net/1246.aspx/1?Web+API

    You determine what technology should be used based on your environment.

    Best Regards,

    Yohann Lu

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Tuesday, June 7, 2016 7:27 AM
  • Question
    Sign in to vote
    0
    Sign in to vote
    User895691971 posted

    To me only WCF seems to be viable in the list. Any others please?

    I start from this line of yours, quite accurate because WCF is a highly extensible and efficient programming environment. But in my own opinion, I think ASP.NET Web API would suffice for your needs here. Since you said that your data source may return a record or a number of records (sending a million records is never efficient). Now, consider this, 

    The solution that I provide should be able to be used by several types of systems – Mainframe, JAVA based system, .NET based system,

    WCF would require you to build up client systems against which you can communicate through WCF servers. On multiple platforms you will have to create multiple clients and some of them (even most of them) won't be supported at all. In such case, best solution is ASP.NET Web API. Why?

    1. It works on HTTP protocol. 
    2. Mainframes, Java applications, .NET framework programs and everything else can still communicate using HTTP protocol. Nothing special. 
    3. It is a part of your web application. 
    4. Simple MVC pattern is required to be known. 

    So in my opinion, Web API would suffice. I have built very robust and "real-time" (real-time in a sense where communication is two-way, not that real-time) applications and Web API has been what I wanted it to be. 

    Security considerations

    Now for your security considerations, ASP.NET allows your controllers to be set up in such a way that only authorized clients and users are able to access the data otherwise there is an error. For example, the following code would be accessible by the members, who are logged in. 

    [Authorize]
public class DataController : Controller // Can be an API controller
{
    // Actions
}

    This way, you can control who accesses the data. You can also use ASP.NET Identity to provide even more security and control who is accessing the data once they are logged in and log the details of those actions on your own system. 

    For more: https://msdn.microsoft.com/en-us/library/system.web.mvc.authorizeattribute%28v=vs.118%29.aspx.

    Tip: Do not push million of records on the network, unless you really have to. Push a bunch of data and then, if needed, send more. 100 records are enough. You can encode your data in JSON and then send them to the clients. I am writing a guide about JSON in C# and once I have done publishing that I will share the link to the free guide here, you can learn how ASP.NET Web API can send the data on the network in JSON formatted document. 

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Thursday, June 9, 2016 12:10 PM

All replies

  • Question
    Sign in to vote
    0
    Sign in to vote
    User36583972 posted

    Hi nissan,

    As far as I know, you can use the following methods to provide your data.

    1: Web Serveice

    Understanding the Basics of Web Service in ASP.NET

    http://www.codeproject.com/Articles/337535/Understanding-the-Basics-of-Web-Service-in-ASP-NET

    If you have some questions about Web Serveice, you can visit the following forum.

    http://forums.asp.net/28.aspx/1?WCF+ASMX+and+other+Web+Services

    2: WCF

    WCF has the following features:

    •Provides a varying array of communication across several platfrms: HTTP, HTTPS, TCP, MSMQ, and Etc.

    •It provides additional Security.

    •It has a better means of Serialization and Deserialization.

    •It provides more code re useability. •Different forms of hosting.

    A Beginner's Tutorial for Understanding Windows Communication Foundation (WCF)

    http://www.codeproject.com/Articles/406096/A-beginners-tutorial-for-understanding-Windows

    If you have some questions about WCF, you can visit the WCF forum for getting better support.

    http://forums.asp.net/28.aspx/1?WCF+ASMX+and+other+Web+Services

    3: Web API

    ASP.NET Web API is a framework that makes it easy to build HTTP services that reach a broad range of clients, including browsers and mobile devices. ASP.NET Web API is an ideal platform for building RESTful applications on the .NET Framework.

    http://www.asp.net/web-api

    You can visit the Web API forum for getting more support.

    http://forums.asp.net/1246.aspx/1?Web+API

    You determine what technology should be used based on your environment.

    Best Regards,

    Yohann Lu

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Tuesday, June 7, 2016 7:27 AM
  • Question
    Sign in to vote
    0
    Sign in to vote
    User265788195 posted

    Thank you taking time in replying.

    The solution that I provide should be able to be used by several types of systems – Mainframe, JAVA based system, .NET based system,

     To me only WCF seems to be viable in the list. Any others please?

    Tuesday, June 7, 2016 7:12 PM
  • Question
    Sign in to vote
    0
    Sign in to vote
    User895691971 posted

    To me only WCF seems to be viable in the list. Any others please?

    I start from this line of yours, quite accurate because WCF is a highly extensible and efficient programming environment. But in my own opinion, I think ASP.NET Web API would suffice for your needs here. Since you said that your data source may return a record or a number of records (sending a million records is never efficient). Now, consider this, 

    The solution that I provide should be able to be used by several types of systems – Mainframe, JAVA based system, .NET based system,

    WCF would require you to build up client systems against which you can communicate through WCF servers. On multiple platforms you will have to create multiple clients and some of them (even most of them) won't be supported at all. In such case, best solution is ASP.NET Web API. Why?

    1. It works on HTTP protocol. 
    2. Mainframes, Java applications, .NET framework programs and everything else can still communicate using HTTP protocol. Nothing special. 
    3. It is a part of your web application. 
    4. Simple MVC pattern is required to be known. 

    So in my opinion, Web API would suffice. I have built very robust and "real-time" (real-time in a sense where communication is two-way, not that real-time) applications and Web API has been what I wanted it to be. 

    Security considerations

    Now for your security considerations, ASP.NET allows your controllers to be set up in such a way that only authorized clients and users are able to access the data otherwise there is an error. For example, the following code would be accessible by the members, who are logged in. 

    [Authorize]
public class DataController : Controller // Can be an API controller
{
    // Actions
}

    This way, you can control who accesses the data. You can also use ASP.NET Identity to provide even more security and control who is accessing the data once they are logged in and log the details of those actions on your own system. 

    For more: https://msdn.microsoft.com/en-us/library/system.web.mvc.authorizeattribute%28v=vs.118%29.aspx.

    Tip: Do not push million of records on the network, unless you really have to. Push a bunch of data and then, if needed, send more. 100 records are enough. You can encode your data in JSON and then send them to the clients. I am writing a guide about JSON in C# and once I have done publishing that I will share the link to the free guide here, you can learn how ASP.NET Web API can send the data on the network in JSON formatted document. 

    • Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
    Thursday, June 9, 2016 12:10 PM
  • Question
    Sign in to vote
    0
    Sign in to vote
    User265788195 posted

    When you say webapi, then I should build web application correct? So for that a person should interact with website and retrieve the data. How can a process or other website retrieve data from web api? I am unclear.

    Friday, June 10, 2016 7:34 PM
  • Question
    Sign in to vote
    0
    Sign in to vote
    User36583972 posted

    Hi nissan,

    How can a process or other website retrieve data from web api? I am unclear.

    May be the following ways can help you better understand.

    1: Calling a Web API From a .NET Client in ASP.NET Web API 2 (C#)

    http://www.asp.net/web-api/overview/advanced/calling-a-web-api-from-a-net-client

    2:  Using HttpClient to Consume ASP.NET Web API REST Services

    http://johnnycode.com/2012/02/23/consuming-your-own-asp-net-web-api-rest-service/

    3: JQuery Consume ASP.NET Web API

    http://sylvester-lee.blogspot.sg/2014/08/jquery-consume-aspnet-web-api.html

    Best Regards,

    Yohann Lu

    Friday, June 17, 2016 9:18 AM
  • Question
    Sign in to vote
    0
    Sign in to vote
    User-1034726716 posted

    So for that a person should interact with website and retrieve the data.

    Hi,

    You would basically interact with the API URLs. Keep in mind that HTTP is not just for serving up web pages. You can also build APIs that expose services and data.  I would recommend you to start looking at ASP.NET Web API to clear things out: http://www.asp.net/web-api

    Monday, June 20, 2016 7:38 PM