Go Premium for a chance to win a PS4. Enter to Win


Web Services - Use many specific or fewer more encompassing Web Services

Posted on 2011-02-24
Medium Priority
Last Modified: 2012-05-11
I am new to using web services, so bear with me.

I have a vb.net application with a SQL Server database.  I need this to update data on a Mainframe with Adabase.  Updates will be triggered on each update to the SQL Server.

My question is this: (In this example, I am using an Inventory Management Application with tablles "tblInventory" and "tblTransaction")

I perform an operation in the application which:
1. Adds a new record to tblInventory
2. Updates an existing record in tblInventory
3. Adds a new record to tblTransactions

These are all recorded in the SQL Server now I need to pass them to the mainframe.

How many web services should I use to accomplish updating the mainframe (Adabase)?

Another way of putting it is "Would I just pass all of the data at once to 1 web service and let the mainframe decipher how to handle it?" or "Would I call 3 different but transaction specific web services?"

It seems like the latter would require less data being passed and less processing overhead on the mainframe, but what is the desired way?  Or I am way off base and there is a completely different way I haven't though of?
Question by:PSCTECH
  • 2
  • 2
  • 2
LVL 28

Accepted Solution

Ryan McCauley earned 1000 total points
ID: 34981119
Either way, you're managing web service sprawl - just of a different type. Put another way, do you:

Create a moderate number of fine-grained web services, and then call a couple for every activity you have (for example, the three-step call you have in your example)
Or do you create a medium number of highly specific web services that can only be used by a single process because their so specific. For your example above, say you make that one call - then, when a client needs to add a record, update a record, and then update two records in tblTransactions (for some reason), you'll have to create a completely new service call, instead of just calling existing services differently.

If you have a small number of possible reasons you'd be calling the service, then the second option is better, but I've seen a number of times where specific cases are continually added and the ultra-specific nature of these servers causes sprawl. If you have a handful of core activities, but there are multiple things that could happen as part of any single call, I'd go with the first option, since you can call fine-grained services in any order (and with any frequency) you like.

As with most things, the answer is "It Depends" :) If you want to describe your scenario in a little more detail (reason for creating services instead of just doing the updates directly, number of apps using the services, different possible reasons they could call them, etc), then I can give you a more tailored recommendation.
LVL 111

Assisted Solution

by:Ray Paseur
Ray Paseur earned 1000 total points
ID: 34997404
Given what you have described above, I would use a single web service on the mainframe.  I would also use a RESTful web service (avoiding the complexity of SOAP).  Since you will be changing the data model on the mainframe with INSERT and UPDATE verbs, you need to use the POST method or otherwise protect the interface with some kind of API key.  If you need security you might want to consider using HTTPS.

If you use XML to send the information to the mainframe you will be able to have a very easy-to-understand code set.  Your XML tags can be quite descriptive.  You might also consider using a CSV or JSON data scheme, but whatever you choose you want it to be accomplished in plain text - do not send binary data (it is too hard to debug) if you can avoid it.

I can envision something like the code snippet to add a record to inventory.  If you have any more specifics, please post back and we can discuss.
XML like this...

<apikey>[your key here]</apikey>

Generates SQL like...

INSERT INTO tblInventory ( name, size, gender, color, style ) values ( 'Shoe', '8', 'f', 'red', '80224' )

Open in new window

LVL 28

Expert Comment

by:Ryan McCauley
ID: 34997514
If you're going to go the plain-text route, make sure you take care with SQL Injection - concatenating text like that into a SQL Statement involves a number of risks - though you have an API key to help ensure that only authorized sources use the service, a malicious user could cause problems by passing a malformed request to the server - that's why I prefer hard-coded statements and specific web service calls instead in generic ones.

In any case, you'll want to make sure you've read about SQL Injection and you understand how to mitigate it. You can Google any number of articles, but here's somewhere to start:


Open in new window

Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

LVL 111

Expert Comment

by:Ray Paseur
ID: 34998048
Good point about the risk of SQL injection (or for that matter, any kind of data pollution).  If this is really something that needs to be secured, the PayPal model handshake is an excellent solution.  It works whether or not you choose to use HTTPS.

1. Mainframe app receives a post to update the data model.
2. It takes the entire data string and posts it back to the VB.net app.
3. VB.net app checks its logs for a matching message to the mainframe
4. VB.net app responds with VERIFIED if the message actually came from the VB.net app

This design pattern puts the burden of trust on the VB.net app, and reduces the risk that the mainframe data can be contaminated.

Author Comment

ID: 34998824
Ryan, Ray,  Thanks for the info.  Ryan, you asked for detail.  The customer has a legacy system, which they don't want us to interact with directly.  The specified in the statement of work that we pass info to their mainframe via web services, so our hands a a bit tied.
Sorry for the confusion in my scenario.  I mistyped.  What is should have said is:

I perform a RECEIVE operation in the application which:
1. Adds a new record to tblInventory or Updates an existing record in tblInventory
2. Adds a new record to tblTransactions


Author Closing Comment

ID: 34999742
Thank you both for the help.  Any additional information you may think of or links to samples would be appreciated.

Featured Post

Ask an Anonymous Question!

Don't feel intimidated by what you don't know. Ask your question anonymously. It's easy! Learn more and upgrade.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you have heard of RFC822 date formats, they can be quite a challenge in SQL Server. RFC822 is an Internet standard format for email message headers, including all dates within those headers. The RFC822 protocols are available in detail at:   ht…
In order to have all security and back ups taken care of, WordPress users can sign up for services with WP Engine.
The purpose of this video is to demonstrate how to set up the WordPress backend so that each page automatically generates a Mailchimp signup form in the sidebar. This will be demonstrated using a Windows 8 PC. Tools Used are Photoshop, Awesome…
Is your OST file inaccessible, Need to transfer OST file from one computer to another? Want to convert OST file to PST? If the answer to any of the above question is yes, then look no further. With the help of Stellar OST to PST Converter, you can e…

824 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question