473,399 Members | 2,858 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

home > topics > .net framework > questions > best practice for web service design - method parameters and datatype validation

Join Bytes to post your question to a community of 473,399 software developers and data experts.

Best Practice for Web Service Design - Method Parameters and DataType Validation

Hi all.

I'm confused as to what the best or expected approch is to Web Service
design under .Net, mainly with regards to Methods and Parameters.
This is a bit awkward to explain so please bear with me.

I have a web service that needs to be accessed via GET, POST and
SOAP. The method expects an interger, a CustomerId for example, does
some processing and returns an error codeor 0 if no errors occurred.

Here's an example method declaration:

[WebMethod]
public int Test(int CustomerId)
{
return 0;
}

I noticed that if i pass a string to my method it would generate an
error:

System.ArgumentException: Cannot convert X to System.Int32.
Parameter name: type ---System.FormatException: Input string was not
in a correct format.
at System.Number.StringToNumber(String str, NumberStyles options,
NumberBuffer& number, NumberFormatInfo info, Boolean parseDecimal)
at System.Number.ParseInt32(String s, NumberStyles style,
NumberFormatInfo info)
at System.String.System.IConvertible.ToInt32(IFormatP rovider
provider)
at System.Convert.ChangeType(Object value, Type conversionType,
IFormatProvider provider)
at System.Web.Services.Protocols.ScalarFormatter.From String(String
value, Type type)
--- End of inner exception stack trace ---
at System.Web.Services.Protocols.ScalarFormatter.From String(String
value, Type type)
at
System.Web.Services.Protocols.ValueCollectionParam eterReader.Read(NameValueCollection
collection)
at
System.Web.Services.Protocols.HtmlFormParameterRea der.Read(HttpRequest
request)
at
System.Web.Services.Protocols.HttpServerProtocol.R eadParameters()
at
System.Web.Services.Protocols.WebServiceHandler.Co reProcessRequest()

This error description is returned with an HTTP error code of 500
which the client can trap and react to.

However the error doesn't say which parameter was passed the erroneous
data and as this all occurs before the method is entered and other
than the IIS web logs there is no way for the developer to log/review
what data is being sent to the method.

I've taken to declaring all the Method paramters as strings and
validating the data manually, a small and trvial step, and returning
the error (if any) as part of my XML response.

Is there anything especially wrong in building web services this way?
Any comments or suggestions appreciated.

Ben

Nov 5 '08 #1
2 5613
"Ben Joyce" <be*******@gmail.comwrote in message
news:d7**********************************@a17g2000 prm.googlegroups.com...
Hi all.

I'm confused as to what the best or expected approch is to Web Service
design under .Net, mainly with regards to Methods and Parameters.
This is a bit awkward to explain so please bear with me.

I have a web service that needs to be accessed via GET, POST and
SOAP. The method expects an interger, a CustomerId for example, does
some processing and returns an error codeor 0 if no errors occurred.

Here's an example method declaration:

[WebMethod]
public int Test(int CustomerId)
{
return 0;
}
I've taken to declaring all the Method paramters as strings and
validating the data manually, a small and trvial step, and returning
the error (if any) as part of my XML response.

Is there anything especially wrong in building web services this way?
Any comments or suggestions appreciated.
Yes. Don't do that.

Your parameters should be typed appropriately. If the method operates on an
int, then the parameter should be of type int.

How did the client even manage to send "X" to the service? By directly
manipulating XML? Most clients won't do that.

If you will have clients sending random XML, then you can implement schema
validation and return details of the schema validation errors in a SOAP
Fault message. BTW, you should not be using return codes in a Web Service
any more than you should be using them in your code. It's too easy for code
to not check the return code, or to check it but do the wrong thing.
Instead, a Web Service should use the SOAP Fault mechanism, which will
translate to an exception in the client for most modern clients.
--
John Saunders | MVP - Connected System Developer

Nov 7 '08 #2
On Nov 7, 2:01*am, "John Saunders" <n...@dont.do.that.comwrote:
"Ben Joyce" <ben.jo...@gmail.comwrote in message

news:d7**********************************@a17g2000 prm.googlegroups.com...
Hi all.
I'm confused as to what the best or expected approch is to Web Service
design under .Net, mainly with regards to Methods and Parameters.
This is a bit awkward to explain so please bear with me.
I have a web service that needs to be accessed via GET, POST and
SOAP. *The method expects an interger, a CustomerId for example, does
some processing and returns an error codeor 0 if no errors occurred.
Here's an example method declaration:
[WebMethod]
public int Test(int CustomerId)
{
return 0;
}
I've taken to declaring all the Method paramters as strings and
validating the data manually, a small and trvial step, and returning
the error (if any) as part of my XML response.
Is there anything especially wrong in building web services this way?
Any comments or suggestions appreciated.

Yes. Don't do that.

Your parameters should be typed appropriately. If the method operates on an
int, then the parameter should be of type int.

How did the client even manage to send "X" to the service? By directly
manipulating XML? Most clients won't do that.

If you will have clients sending random XML, then you can implement schema
validation and return details of the schema validation errors in a SOAP
Fault message. BTW, you should not be using return codes in a Web Service
any more than you should be using them in your code. It's too easy for code
to not check the return code, or to check it but do the wrong thing.
Instead, a Web Service should use the SOAP Fault mechanism, which will
translate to an exception in the client for most modern clients.
--
John Saunders | MVP - Connected System Developer
Hi John.

Thanks for the reply, most appreciated.

You asked:
How did the client even manage to send "X" to the service? By directly
manipulating XML? Most clients won't do that.
Well, the client app can send whatever they want via GET or POST so
what is to stop them sending "X" to a parameter defined as in int?
It'll generate the Exception and return text back to the client rather
than a specific error that could be handled. I see with SOAP this is
not the case, but for non-SOAP? What advised?

I'll look into SOAP in the mean time.

Cheers,

Ben
Nov 11 '08 #3
New Post

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

131
Font sizes - Best practice... px vs. em
by: Peter Foti | last post by:
Simple question... which is better to use for defining font sizes and why? px and em seem to be the leading candidates. I know what the general answer is going to be, but I'm hoping to ultimately...
HTML / CSS
16
Data/Business Object Tier Best Practices
by: D Witherspoon | last post by:
I am developing a Windows Forms application in VB.NET that will use .NET remoting to access the data tier classes. A very simple way I have come up with is by creating typed (.xsd) datasets. For...
.NET Framework
11
Object test = new Object() <-- Java, best way in C++
by: DrUg13 | last post by:
In java, this seems so easy. You need a new object Object test = new Object() gives me exactly what I want. could someone please help me understand the different ways to do the same thing in...
C / C++
0
ASP.NET Forms Authentication Best Practices
by: Anonieko Ramos | last post by:
ASP.NET Forms Authentication Best Practices Dr. Dobb's Journal February 2004 Protecting user information is critical By Douglas Reilly Douglas is the author of Designing Microsoft ASP.NET...
ASP.NET
14
best practices on the creation of webmethods
by: Bert Vandenberghe | last post by:
Hi, I was wondering if there are any best practices on the creation of webmethods? I'll try to explain this a little more: My problem is that we are changing an existing (large) DCOM application...
.NET Framework
10
Best place to use AND how to validate a Version
by: Mike Logan | last post by:
I am using the "contract first" design methodology. Contract First is design the WSDL first then design the server and client. However I must design my XSD/XML Schema before anything. I am...
.NET Framework
3
Smart client - general data access best practice question
by: Marc Gravell | last post by:
Kind of an open question on best-practice for smart-client design. I'd really appreciate anyones views (preferably with reasoning, but I'll take what I get...). Or if anybody has any useful links...
C# / C Sharp
2
Best Practice for Inserting Data into SQL in 2.0
by: hooterbite | last post by:
I have a simple form. I would like to insert the values from the form into a SQL table. What is the best way to do it? I assume that using a stored procedure is preferable to using the...
ASP.NET
3
Parameters aren't received by the .NET web service listener
by: =?Utf-8?B?UGllcnJl?= | last post by:
Hello, I have a .NET 2.0 web service that is consumed by a Delphi application. The Delphi application calls a method from the .NET web service with parameters. Theses parameters are in the...
.NET Framework
0
How to turn on java script in a villaon keypad mobile phone
by: Charles Arthur | last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
Java
0
Migrating Website to Cloud - Emmanuel Katto
by: emmanuelkatto | last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud. Please let me know. Thanks! Emmanuel
General
1
Looking to do Android software development, any suggestions? Is flutter better?
by: nemocccc | last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
General
0
How to build RAID in BIOS?
by: Hystou | last post by:
There are some requirements for setting up RAID: 1. The motherboard and BIOS support RAID configuration. 2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
Computer Hardware
0
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
Changing the language in Windows 10
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
Windows Server
0
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
0
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
Career Advice

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes:
Post a Job
Sponsored Posts
Platinum & Gold Sponsors
Hire Now!