Library tutorials & articles

Data Integrity in Web Services

By David Talbot, published on 18 Nov 2001
Page 1 of 4
  1. Introduction
  2. Creating the web service
  3. The Test Client
  4. Conclusion

Introduction

Abstract

Web Services bring with them great possibilities and with these possibilities are some pitfalls. One such pitfall is passing complex data types to and from Web Services without losing data integrity. The clearest thing to keep in mind when passing objects to Web Services is the data is passed for your object's fields, but the code is not.

What happens when I have an object that my web service passes as a return value?

WSDL does some magic when a programmer creates a referance to your web service. Visual Studio.NET creates wrapper objects around foreign data types.

The struct you create inside your Web Service looks like this:

public  struct PersonData
{
	private int yearsExperience;
	public int YearsExperience
	{
		get { return yearsExperience; }
		set
		{
			if(value<2) { throw new Exception("You're unemployable!"); }
			yearsExperience = value;
		}
	}


	public String FirstName;
	public String LastName;
}

...Which then gets translated into WSDL which looks like this:

<s:complexType name="PersonData">
	<s:sequence>
		<s:element minOccurs="1" maxOccurs="1" 
		name="FirstName" nillable="true" type="s:string" />
		<s:element minOccurs="1" maxOccurs="1" 
		name="LastName" nillable="true" type="s:string" />
		<s:element minOccurs="1" maxOccurs="1" 
		name="YearsExperience" type="s:int" /> 
	</s:sequence>
</s:complexType>

... to the client of the web service, Visual Studio creates a wrapper based upon the WSDL that looks like this:

public  struct PersonData
{
	public int YearsExperience;
	public String FirstName;
	public String LastName;
}

And to make matters worse, when this struct gets passed to the server with YearsExperience=1 (A value that PersonData.YearsExperience should not have) it will be passed silently and without an exception! The solution to this bug, I mean feature, is to wrap all data that you want passed to and from a web service inside a struct and then in turn a validator class.

The struct is the carrier of the data between the points and the object does all of the range checking required to keep your data clean.

Comments

  1. Developer Fusion Bot
    01 Jan 1999 at 00:00

    This thread is for discussions of Data Integrity in Web Services.

Leave a comment

Sign in or Join us (it's free).

Related tags

.net, web services
David Talbot David Talbot is an experienced Software Architect with a diverse background including creating network applicances, working with television set top boxes, building Billing/CRM systems, Web Portals ...
AddThis

Related articles

Ask a question

Related discussion

Related podcasts

  • Remoting Pt. 2

    Podcast (MP3): Download Hosts: Markus Michael Guests: Recording venue: This is the second part of the remoting infrastructures discussion started in Episode 9. We take a look at how remoting infrastructures such as CORBA, .NET Remoting or Web Service...

Events coming up

  • Nov 18

    15 Minutes of Fame

    Dresher, United States

    This is a yearly tradition. We select 10 of the favorite speakers from monthly meetings, code camps, and hands on labs. Each one does a 15 minute talk on their favorite .NET technology. This is our 10th anniversary so we plan a gala event with special prizes and refreshments.

Languages

Web Development

Frameworks & Architecture

Other major sections

Cancel
We'd love to hear what you think! Submit ideas or give us feedback