70-320: Component Complexities
Proving your expertise with XML and server components will get you through this Web services exam for developers.
At its essence, a Web service is a component that resides on a Web server,
which provides access to some kind of data. It can be invoked from virtually
anywhere, whether from a computer in the next cubicle or one that’s halfway
around the world. In and of itself, that’s a powerful concept. But the
better news is that it doesn’t require extensive proprietary technology
When invoked, a Web service acts as any other object would, so developers
won’t have to treat it differently. What is different, however, is that
a Web service returns XML data to the calling component. XML is rapidly
becoming the standard for data interchange between platforms and disparate
systems. By returning XML from a method call, a Web service can be invoked
from virtually any platform. This allows for great flexibility in development.
To prove yourself an expert in .NET, you have to conquer Microsoft’s
Web services. Whether you’re pursuing the Microsoft Certified Application
Developer (MCAD) or Microsoft Certified Solution Developer (MCSD), you
need to pass a components exam. Microsoft will offer two, one specializing
in C# (70-320) and the other in Visual Basic (70-310). The version of
the exam I’m evaluating here demands in-depth understanding of the .NET
Framework and the technologies that go along with Web services.
Obviously, the integral part of understanding Web services is creating
them. All Web services must inherit from the Webservice class in the System.Web.services
namespace. Also, each method that will be available to be invoked by a
client must be prefixed with the [WebMethod] attribute. If you don’t do
this, the method will be internal only and can’t be called from the external
“Passing this exam demands in-depth understanding
of the .NET Framework and the technologies that go along
with Web services.”
70-320: Developing XML Web Services and Server Components
with Microsoft Visual C# and the Microsoft .NET Framework
Beta in June; live version expected in September.
Who Should Take It
Core credit for MCAD and MCSD.
What Courses Prepare You
2557: Developing Component-Based Applications
Using Microsoft .NET Enterprise Services
2663: Programming with XML in the Microsoft .NET
Self-paced: Developing XML Web Services and
Once you have the basics down, you need to learn SOAP (Simple Object
Access Protocol). SOAP allows us to serialize XML data on an HTTP connection.
You see, back in the proprietary COM and DCOM days, distributing an application
over the Internet wasn’t feasible due to security issues. Most companies
weren’t willing to open the TCP ports on the firewall that were necessary
for such applications to exist. So, necessity being the mother of invention,
SOAP was created.
SOAP allows a request to be sent via an XML stream through TCP port 80
(HTTP), a port that’s probably already open on a great number of company
firewalls for Web traffic. This allows us to have the ideal distributed
application. When a client invokes a Web service, a SOAP request (called
an envelope) is sent to the Web service. The Web service then performs
its magic and spits out a response.
Make sure you understand that SOAP headers are unencrypted by default.
You can extend the SoapHeader class to send customized information to
a Web service, however. For example, if you want to have a fee-based Web
service to provide a credit report, you could add a SOAP header to provide
authentication information. Make sure you know how this information must
be passed to the service. Also, know how to use the appropriate encryption
technologies to secure a SOAP message.
Tip: Learn all you can about the SoapHeader object and how it can
There are times in our lives when we wish the old technologies
would just disappear. But alas, they usually linger for quite some time
and introduce a completely new world of headaches when it comes time to
integrate the old with the new. This is the case for .NET and COM. Sometimes
we want COM components to be visible to .NET assemblies and vice versa,
so we need to know how to implement these types of solutions when necessary.
Serviced components are objects that reside in COM+ services. These objects
support transactions and object pooling. Writing components in Visual
Studio 6.0 for use in COM+ services was easy. With .NET, it’s a little
more harrowing. Make certain you know all about the System.EnterpriseServices
namespace and which objects are important.
Much like Web services, serviced components have attributes that are
placed before methods, as well. Take some time to learn the [COMVisible]
and [AutoCommit] attributes and when to use them. If you’re a Visual Studio
6.0 developer, your knowledge of Microsoft Transaction Server (MTS) will
serve you well here. Thoroughly review the ContextUtil class, as well
as its properties and methods.
Finally, a good once-over of role-based security would be a wise use
of your time. Understand what a role is and who can be a member.
Tip: Know the IsCallerInRole( ) method of the ContextUtil object.
Another technology important to .NET development is .NET Remoting.
I’m going to issue a caveat here: .NET Remoting isn’t a concept for the
amateur. It can get very complicated and takes a good deal of time to
master. I’m only going to cover an overview of what you need to be able
to do with it. There are entire books written just about this one topic.
.NET Remoting is the concept of having different layers of components
run on different machines. This can be done in myriad ways. There are
two general types of objects: well-known and client activated. Well-known
objects don’t maintain state (with one exception), so they’re usually
good for one use only and need to be re-created every time. Client-activated
objects can maintain state but require significantly more resources.
There are also two kinds of well-known objects: SingleCall and Singleton
objects. SingleCall objects are exactly what the name indicates: They’re
called once and then destroyed. Singleton objects are the only kind that
can maintain any kind of state, but they do so for all clients at once,
not individual clients. You need to be familiar with these types of objects
and when to use them. Also, know how to use the Activator object to instantiate
.NET Remoting components.
In addition to knowing the different kinds of objects, it’s important
to understand what channels are and how to use them. Channels are the
network-oriented paths that can be used to connect machines that have
.NET Remoting components on them. There are two main kinds of channels:
HTTP and TCP. As a developer, you choose which protocol to use for your
applications. SOAP over HTTP is usually the type that requires the least
amount of coding; but you may want more control and choose TCP as your
protocol. The choice is yours.
Tip: Make sure to study .NET Remoting thoroughly before you take this
exam. It’s incredibly complicated.
Data, Data and More Data
As with any certification exam, Microsoft expects you to be razor-sharp
with data access code. You need to be familiar with all aspects of .NET
data management. For example, know when to use the System.Data.SqlClient
namespace vs. the System.Data.OleDbClient namespace. Also be familiar
with how to issue a query to a SQL Server 2000 box and receive XML as
Learn about the DataSet object and how to work with it. Strongly typed
datasets allow you to refer to individual tables and objects by their
name rather than through the Tables collection. Know how to create this
type of dataset and what can and can’t be accessed with familiar names.
Also be able to work with the XML-based features of the DataSet object.
Be able to use the ReadXml ( ) and WriteXml ( ) methods to import and
export XML appropriately into a DataSet object. Know how to use the XmlDataDocument
object to provide the appropriate view of data as needed.
Having a solid foundation in the basics is important. Know how to write
SQL statements that retrieve the appropriate data from a table. You should
also know how to generate XSD schemas from a SQL Server database schema
and apply that to a DataSet object.
Tip: Take a little time to familiarize yourself with the FOR XML clause
that can be added to a SQL query with SQL Server 2000.
It’s important to understand how to deal with XML documents in general.
Make sure you know the System.Xml namespace thoroughly. For instance,
an XmlTextReader object is much more efficient than an XmlDocument object
when you’re attempting read-only access. Get a good working knowledge
of the XmlValidatingReader object and what its functionality buys you
in an application. Finally, make sure you can issue a few simple XPath
queries to retrieve specific nodes from an XML document.
Tip: Spend time reacquainting yourself with SQL statements. This should
win you a few extra points.
Get the Bug Zapper!
Once you’ve written your application, it’s natural to have to debug.
Make sure you know how to use the Trace and Debug objects provided by
the .NET Framework. Remember that any Debug statements that are in the
code when you set the Configuration Manager to “Release” mode won’t compile
into the final version.
Tip: The Trace object is what should be used to write error messages
to text files or the Event Log.
Windows services can run on Windows 2000 Professional and Server or Windows
XP Professional, but not on Windows 95 or 98. A Windows service is a good
choice when an application needs to run unattended, regardless of whether
users are logged on or not. Spend time learning how to debug a Windows
service in the Visual Studio.NET IDE. Also know the order of events associated
with a Windows service and when each will occur.
Finally, know the security rights associated with event logs. For instance,
what level of security do you need to create a new type of event log?
What do you need to write to an existing event log? Also, know the levels
of file permissions that may be required to write a log to a physical
file on the hard drive.
The Big Push
Of course, the last cycle in the development process is deployment.
Although the .NET Framework eliminates “.DLL Hell,” it also adds some
complexities, especially when deploying applications that integrate with
COM. For example, know which command-line utilities are used for specific
tasks associated with deployment. REGASM.EXE registers an assembly in
the registry for use within a COM object and REGSVCS.EXE registers an
assembly with COM+ services.
You should be intrinsically aware of component versions, as well. If
you have two versions of a component, one local and one in the global
assembly cache, which one is your application going to use? On that topic,
how do you get an assembly into the global assembly cache, anyway? All
of these questions should be answered before attempting this test.
In the realm of Web services, know how to configure discovery. Familiarize
yourself with the .DISCO and .VSDISCO files and how they’re used to make
a Web service available to clients. Also be able to create a setup project
that will deploy your Web service with as little user intervention as
Finally, know your security models. This means studying up on IIS security
as well as Windows security and knowing which model should be used in
which situation. This information may seem like more of a systems engineering
task, but it’s important for you as a developer to understand what’s going
on and how to secure your application.
Wrapping It Up
No, this exam isn’t easy. It covers a vast amount of material that
should be carefully studied beforehand. Spend a good amount of your study
time focusing on .NET Remoting and the many different uses for Web services.