?
Solved

How to handle custom HttpWebRequest in a web sever

Posted on 2009-04-26
7
Medium Priority
?
477 Views
Last Modified: 2012-05-06
Hello,

I want to implement a system with a desktop application (with C#) and a web server (C# and ASP.NET) where desktop application creates a request periodically and web server receives and handles it ( updates a record in the database).

I've tried make use of a HttpWebRequest in the desktop application and sent it to the web server with POST. I'm sending a a simple string containing user name and password, and trying to handle it in a class implementing IHttpModule interface but clearly it is not working.

I want to parse this string in the web server, search for the appropriate record in the database and update it.

I've started windows form application and web site projects for this purpose. I've put the necessary parts of the code. If this is the wrong way I'm following can you please inform me a better way to do this.

Thanks in advance.
class ConnectionChecker
    {
        private string response;
        private bool connected;
        private HttpWebRequest req;
        private HttpWebResponse resp;
        
        public bool sendUsernameAndPassword()
        {
            String result, postString;
            StreamWriter myWriter = null;
            StreamReader myReader = null;
            HttpWebResponse objResponse;
            HttpWebRequest objRequest = (HttpWebRequest)WebRequest.Create("http://localhost:49446/WebSite1/subscription.aspx"); //this url can change i want to to send a request to the server not to the specific page
 
            postString = AccountManager.username;
            postString += " ";
            postString += AccountManager.password;
 
            objRequest.Method = "POST";
            objRequest.ContentLength = postString.Length;
            objRequest.ContentType = "application/x-www-form-urlencoded";
 
            try
            {
                myWriter = new StreamWriter(objRequest.GetRequestStream());
                myWriter.Write(postString);
            }
            catch (Exception e)
            {
                Console.WriteLine(e.Message);
                return false;
            }
            finally
            {
                myWriter.Close();
            }
 
            try
            {
                objResponse = (HttpWebResponse)objRequest.GetResponse();
                myReader = new StreamReader(objResponse.GetResponseStream());
                result = myReader.ReadToEnd();
                myReader.Close();
            }
            catch (WebException e)
            {
                result = "";
                //result = e.Message;
            }
            response = result;
 
            return true;
        }
    }
 
 
 
public class PingModule:IHttpModule
{
    private HttpContext _current = null;
	public PingModule()
	{
		//
		// TODO: Add constructor logic here
		//
	}
    public void Dispose()
    {
        throw new Exception("The method or operation is not implemented");
    }
    public void Init(System.Web.HttpApplication context)
    {
        _current = context.Context;
 
        context.BeginRequest += new EventHandler(context_BeginRequestContent);
 
    }
    void context_BeginRequestContent(object sender, EventArgs e)
    {
     //
    }
}

Open in new window

0
Comment
Question by:guveniscan
  • 3
  • 3
7 Comments
 
LVL 22

Expert Comment

by:cj_1969
ID: 24242467
Without fully reading and figuring out your code ...
What exactly are you trying to do in the code above?
It looks like you are trying to grab user credentials, ID & PW and send them to the server in a text string.

I don't think any application is going to let you do this.

You can write code to pass the security token or to pass the credentials to the server from a browser but obtaining a clear text version of the users PW is a HUGE security risk.  There should not be any way that MS would allow this.
0
 

Author Comment

by:guveniscan
ID: 24245824
I can send the user name pw in the beginning and then periodically send just the user name. Or I can send encrypted string from the application and decrypt it in the web server it does not matter. Can tell me a way to send a string from the desktop application and receive/handle it in the web server, that is what I'm trying to do in fact. And also I don't think it is an uncommon way, I think it is the logic behind online games etc.
0
 
LVL 51

Accepted Solution

by:
Ted Bouskill earned 750 total points
ID: 24247330
Why all the extra complexity?  Why can't the desktop application simply write directly to the database?

"Complexity kills. It sucks the life out of developers, it makes products difficult to plan, build and test, it introduces security challenges and it causes end-user and administrator frustration." Ray Ozzie (Chief Architect at Microsoft)

"The purpose of software engineering is to control complexity, not to create it." Dr Pamela Zave
0
Get free NFR key for Veeam Availability Suite 9.5

Veeam is happy to provide a free NFR license (1 year, 2 sockets) to all certified IT Pros. The license allows for the non-production use of Veeam Availability Suite v9.5 in your home lab, without any feature limitations. It works for both VMware and Hyper-V environments

 
LVL 22

Assisted Solution

by:cj_1969
cj_1969 earned 750 total points
ID: 24249824
Take a look at this page, I think this might be what you are asking for ... http://www.w3.org/TR/XMLHttpRequest/

particularly the section titled "If you just want to log a message to the server:"

As for using a web server instead of writing directly to the database, I thnk you are on the right track.
yes, you could write just a straight client app that goes directly to the database but then all of your processing would have to be done from the client and any time there is a change in the data or processing procedures you have to push a new client to every machine that has the client.  This way it gives you some flexibility in being able to control and modify the code and process without affecting every machine where the client is installed.  Of course if a change is required to the client code then you are back to step 1  :)  But this is kind of a 3 tier architecture, which is a good thing, if you use it properly.
0
 
LVL 51

Expert Comment

by:Ted Bouskill
ID: 24257115
cj_1969: I completely disagree.  You are simply adding another interface that has to be maintained along with the overhead and actually aren't saving anything.  If the stored procedure has to change because the business requirements have changed and the old procedure MUST be changed, then the web interface MUST change.  If the web interface changes then the client code MUST change to use a different web interface.

Oddly enough I'm rebuilding a system at my company that used the technique you recommend and I have been instructed to remove the web interface and go directly against the database.  Because the system has been running for a couple of years people realized that every time the system and database changed, the web interface had to change which forced the clients to change and the web interface only added work.  It didn't save any development time at all and added complexity.

Besides, tools like LanDesk can make redeploying new clients trivial.
0
 
LVL 22

Expert Comment

by:cj_1969
ID: 24269681
The complexity of a problem depends on the skill set of the person trying to solve the problem and what they know and are familiar with.

If you have the toold in-house to handle the deployment of code to the desktops or there are not a lot of desktop machine to deploy to then this makes sense.

If you do not have these tools and are familiar with web development but not strong on stored procedure and maintaining a desktop then this is going to be the simpler solution.

To quote MS to state that "Complexity kills..." is kind of ironic ... coming from MS  ;)
0
 
LVL 51

Expert Comment

by:Ted Bouskill
ID: 24274274
Ah, exactly my point.  Complexity kills.  I think it's less complex to go directly against the database.  Sometimes people move complexity around without eliminating it.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When it comes to write a Context Sensitive Help (an online help that is obtained from a specific point in state of software to provide help with that state) ,  first we need to make the file that contains all topics, which are given exclusive IDs. …
Color can increase conversions, create feelings of warmth or even incite people to get behind a cause. If you want your website to really impact site visitors, then it is vital to consider the impact color has on them.
The viewer will learn how to count occurrences of each item in an array.
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…
Suggested Courses
Course of the Month16 days, 7 hours left to enroll

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question