guveniscan
asked on
How to handle custom HttpWebRequest in a web sever
Hello,
I want to implement a system with a desktop application (with C#) and a web server (C# and ASP.NET) where desktop application creates a request periodically and web server receives and handles it ( updates a record in the database).
I've tried make use of a HttpWebRequest in the desktop application and sent it to the web server with POST. I'm sending a a simple string containing user name and password, and trying to handle it in a class implementing IHttpModule interface but clearly it is not working.
I want to parse this string in the web server, search for the appropriate record in the database and update it.
I've started windows form application and web site projects for this purpose. I've put the necessary parts of the code. If this is the wrong way I'm following can you please inform me a better way to do this.
Thanks in advance.
I want to implement a system with a desktop application (with C#) and a web server (C# and ASP.NET) where desktop application creates a request periodically and web server receives and handles it ( updates a record in the database).
I've tried make use of a HttpWebRequest in the desktop application and sent it to the web server with POST. I'm sending a a simple string containing user name and password, and trying to handle it in a class implementing IHttpModule interface but clearly it is not working.
I want to parse this string in the web server, search for the appropriate record in the database and update it.
I've started windows form application and web site projects for this purpose. I've put the necessary parts of the code. If this is the wrong way I'm following can you please inform me a better way to do this.
Thanks in advance.
class ConnectionChecker
{
private string response;
private bool connected;
private HttpWebRequest req;
private HttpWebResponse resp;
public bool sendUsernameAndPassword()
{
String result, postString;
StreamWriter myWriter = null;
StreamReader myReader = null;
HttpWebResponse objResponse;
HttpWebRequest objRequest = (HttpWebRequest)WebRequest.Create("http://localhost:49446/WebSite1/subscription.aspx"); //this url can change i want to to send a request to the server not to the specific page
postString = AccountManager.username;
postString += " ";
postString += AccountManager.password;
objRequest.Method = "POST";
objRequest.ContentLength = postString.Length;
objRequest.ContentType = "application/x-www-form-urlencoded";
try
{
myWriter = new StreamWriter(objRequest.GetRequestStream());
myWriter.Write(postString);
}
catch (Exception e)
{
Console.WriteLine(e.Message);
return false;
}
finally
{
myWriter.Close();
}
try
{
objResponse = (HttpWebResponse)objRequest.GetResponse();
myReader = new StreamReader(objResponse.GetResponseStream());
result = myReader.ReadToEnd();
myReader.Close();
}
catch (WebException e)
{
result = "";
//result = e.Message;
}
response = result;
return true;
}
}
public class PingModule:IHttpModule
{
private HttpContext _current = null;
public PingModule()
{
//
// TODO: Add constructor logic here
//
}
public void Dispose()
{
throw new Exception("The method or operation is not implemented");
}
public void Init(System.Web.HttpApplication context)
{
_current = context.Context;
context.BeginRequest += new EventHandler(context_BeginRequestContent);
}
void context_BeginRequestContent(object sender, EventArgs e)
{
//
}
}
ASKER
I can send the user name pw in the beginning and then periodically send just the user name. Or I can send encrypted string from the application and decrypt it in the web server it does not matter. Can tell me a way to send a string from the desktop application and receive/handle it in the web server, that is what I'm trying to do in fact. And also I don't think it is an uncommon way, I think it is the logic behind online games etc.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
cj_1969: I completely disagree. You are simply adding another interface that has to be maintained along with the overhead and actually aren't saving anything. If the stored procedure has to change because the business requirements have changed and the old procedure MUST be changed, then the web interface MUST change. If the web interface changes then the client code MUST change to use a different web interface.
Oddly enough I'm rebuilding a system at my company that used the technique you recommend and I have been instructed to remove the web interface and go directly against the database. Because the system has been running for a couple of years people realized that every time the system and database changed, the web interface had to change which forced the clients to change and the web interface only added work. It didn't save any development time at all and added complexity.
Besides, tools like LanDesk can make redeploying new clients trivial.
Oddly enough I'm rebuilding a system at my company that used the technique you recommend and I have been instructed to remove the web interface and go directly against the database. Because the system has been running for a couple of years people realized that every time the system and database changed, the web interface had to change which forced the clients to change and the web interface only added work. It didn't save any development time at all and added complexity.
Besides, tools like LanDesk can make redeploying new clients trivial.
The complexity of a problem depends on the skill set of the person trying to solve the problem and what they know and are familiar with.
If you have the toold in-house to handle the deployment of code to the desktops or there are not a lot of desktop machine to deploy to then this makes sense.
If you do not have these tools and are familiar with web development but not strong on stored procedure and maintaining a desktop then this is going to be the simpler solution.
To quote MS to state that "Complexity kills..." is kind of ironic ... coming from MS ;)
If you have the toold in-house to handle the deployment of code to the desktops or there are not a lot of desktop machine to deploy to then this makes sense.
If you do not have these tools and are familiar with web development but not strong on stored procedure and maintaining a desktop then this is going to be the simpler solution.
To quote MS to state that "Complexity kills..." is kind of ironic ... coming from MS ;)
Ah, exactly my point. Complexity kills. I think it's less complex to go directly against the database. Sometimes people move complexity around without eliminating it.
What exactly are you trying to do in the code above?
It looks like you are trying to grab user credentials, ID & PW and send them to the server in a text string.
I don't think any application is going to let you do this.
You can write code to pass the security token or to pass the credentials to the server from a browser but obtaining a clear text version of the users PW is a HUGE security risk. There should not be any way that MS would allow this.