Solved

Web Services - Use many specific or fewer more encompassing Web Services

Posted on 2011-02-24
6
279 Views
Last Modified: 2012-05-11
I am new to using web services, so bear with me.

I have a vb.net application with a SQL Server database.  I need this to update data on a Mainframe with Adabase.  Updates will be triggered on each update to the SQL Server.

My question is this: (In this example, I am using an Inventory Management Application with tablles "tblInventory" and "tblTransaction")

I perform an operation in the application which:
1. Adds a new record to tblInventory
2. Updates an existing record in tblInventory
3. Adds a new record to tblTransactions

These are all recorded in the SQL Server now I need to pass them to the mainframe.

How many web services should I use to accomplish updating the mainframe (Adabase)?

Another way of putting it is "Would I just pass all of the data at once to 1 web service and let the mainframe decipher how to handle it?" or "Would I call 3 different but transaction specific web services?"

It seems like the latter would require less data being passed and less processing overhead on the mainframe, but what is the desired way?  Or I am way off base and there is a completely different way I haven't though of?
0
Comment
Question by:PSCTECH
  • 2
  • 2
  • 2
6 Comments
 
LVL 28

Accepted Solution

by:
Ryan McCauley earned 250 total points
ID: 34981119
Either way, you're managing web service sprawl - just of a different type. Put another way, do you:

Create a moderate number of fine-grained web services, and then call a couple for every activity you have (for example, the three-step call you have in your example)
Or do you create a medium number of highly specific web services that can only be used by a single process because their so specific. For your example above, say you make that one call - then, when a client needs to add a record, update a record, and then update two records in tblTransactions (for some reason), you'll have to create a completely new service call, instead of just calling existing services differently.

If you have a small number of possible reasons you'd be calling the service, then the second option is better, but I've seen a number of times where specific cases are continually added and the ultra-specific nature of these servers causes sprawl. If you have a handful of core activities, but there are multiple things that could happen as part of any single call, I'd go with the first option, since you can call fine-grained services in any order (and with any frequency) you like.

As with most things, the answer is "It Depends" :) If you want to describe your scenario in a little more detail (reason for creating services instead of just doing the updates directly, number of apps using the services, different possible reasons they could call them, etc), then I can give you a more tailored recommendation.
0
 
LVL 108

Assisted Solution

by:Ray Paseur
Ray Paseur earned 250 total points
ID: 34997404
Given what you have described above, I would use a single web service on the mainframe.  I would also use a RESTful web service (avoiding the complexity of SOAP).  Since you will be changing the data model on the mainframe with INSERT and UPDATE verbs, you need to use the POST method or otherwise protect the interface with some kind of API key.  If you need security you might want to consider using HTTPS.

If you use XML to send the information to the mainframe you will be able to have a very easy-to-understand code set.  Your XML tags can be quite descriptive.  You might also consider using a CSV or JSON data scheme, but whatever you choose you want it to be accomplished in plain text - do not send binary data (it is too hard to debug) if you can avoid it.

I can envision something like the code snippet to add a record to inventory.  If you have any more specifics, please post back and we can discuss.
XML like this...

<?xml>
<apikey>[your key here]</apikey>
<action>add</action>
<table>tblInventory</table>
<item>
  <name>Shoe</name>
  <size>8</size>
  <gender>f</gender>
  <color>red</color>
  <style>80224</style>
</item>

Generates SQL like...

INSERT INTO tblInventory ( name, size, gender, color, style ) values ( 'Shoe', '8', 'f', 'red', '80224' )

Open in new window

0
 
LVL 28

Expert Comment

by:Ryan McCauley
ID: 34997514
If you're going to go the plain-text route, make sure you take care with SQL Injection - concatenating text like that into a SQL Statement involves a number of risks - though you have an API key to help ensure that only authorized sources use the service, a malicious user could cause problems by passing a malformed request to the server - that's why I prefer hard-coded statements and specific web service calls instead in generic ones.

In any case, you'll want to make sure you've read about SQL Injection and you understand how to mitigate it. You can Google any number of articles, but here's somewhere to start:

http://articles.sitepoint.com/article/sql-injection-attacks-safe

Open in new window

0
Free Gift Card with Acronis Backup Purchase!

Backup any data in any location: local and remote systems, physical and virtual servers, private and public clouds, Macs and PCs, tablets and mobile devices, & more! For limited time only, buy any Acronis backup products and get a FREE Amazon/Best Buy gift card worth up to $200!

 
LVL 108

Expert Comment

by:Ray Paseur
ID: 34998048
Good point about the risk of SQL injection (or for that matter, any kind of data pollution).  If this is really something that needs to be secured, the PayPal model handshake is an excellent solution.  It works whether or not you choose to use HTTPS.

1. Mainframe app receives a post to update the data model.
2. It takes the entire data string and posts it back to the VB.net app.
3. VB.net app checks its logs for a matching message to the mainframe
4. VB.net app responds with VERIFIED if the message actually came from the VB.net app

This design pattern puts the burden of trust on the VB.net app, and reduces the risk that the mainframe data can be contaminated.
0
 

Author Comment

by:PSCTECH
ID: 34998824
Ryan, Ray,  Thanks for the info.  Ryan, you asked for detail.  The customer has a legacy system, which they don't want us to interact with directly.  The specified in the statement of work that we pass info to their mainframe via web services, so our hands a a bit tied.
Sorry for the confusion in my scenario.  I mistyped.  What is should have said is:

I perform a RECEIVE operation in the application which:
1. Adds a new record to tblInventory or Updates an existing record in tblInventory
2. Adds a new record to tblTransactions

0
 

Author Closing Comment

by:PSCTECH
ID: 34999742
Thank you both for the help.  Any additional information you may think of or links to samples would be appreciated.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

In this article I will describe the Backup & Restore method as one possible migration process and I will add the extra tasks needed for an upgrade when and where is applied so it will cover all.
Online collaboration is quickly becoming embedded in the workplace, and its benefits are tangible. See what the current landscape looks like and what the future holds for collaboration tools and the future of work.
The purpose of this video is to demonstrate how to set up the WordPress backend so that each page automatically generates a Mailchimp signup form in the sidebar. This will be demonstrated using a Windows 8 PC. Tools Used are Photoshop, Awesome…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now