Big jump in blog visitors today. Up from a comfortable relaxed, no pressure 0 to the dizzy heights of 15! Big thanks to Savas for the link.
I had an interesting e-mail exchange recently regarding my initial protoype design. I didn’t make it entirely clear how my various services accesed the data stored within the system. The very reasonable point was made that it would be best to transfer pointers (URIs) to the data and not ship massive quantities of information around the system. This was always my intention, what I didn’t get across was that I am trying to abstract as much of the physical details of the data storage as possible. I am aiming (for want of a better word) for a type of “virtualised” data store, whereby one of my services can perform an operation like:
byte[] dataChunk = store.readChunk(uri);
without caring where that data is stored. Ideally, if I follow the CARMEN CAIRN philosophy this data will be held extremely closely to the computer hosting the service. However, and this is the important bit, it need not be if that is impractical. For example, one of the services might use a licensed piece of software that cannot be moved to be near the data. In this case, the server will just have to accept the hit of shifting the data. The point is that the individual services will not have to be rewritten. If the distribution of services and data changes later on, everything will still work. I guess this is a fairly obvious point, but it has helped me by writing it down. Maybe I’ll draw another diagram soon.
Back to my Visual Studio and .NET studies. I have written my first web service which was, once again, embarassingly easy. I like the way the the .NET and J2EE worlds are converging on using Annotations to describe web service methods in code. It made it much easier to get my head around things. The next step, and I suspect this might be more of a struggle, will be to pass a Windows LiveID token (via a Header?) from a client application to my web service. I’m sure this should be possible, but there doesn’t seem to be a lot of documentation around yet. Plenty on the client side and some good stuff about protecting web pages, but not much about protecting individual Web Services. Maybe I’m missing something, and it will be very similar to securing a web site. More reading. Again.
Hugo's Weblog 
Leave a comment