70-310: Servicing The Web
You can build Web services and the components that keep them running with Visual Basic. This exam pushes you to know your tools really well.
Although the words "Web service" make up the latest buzz-phrase in IT,
it's tough to agree on a definition. Here's the definition I offer: A
Web service offers a way to access components remotely over virtually
any kind of transport medium. A great example of a functional Web services
is Microsoft's Passport service (http://www.passport.net
which allows sites to authenticate users without having the overhead of
maintaining the actual database of users. All you have to do is put the
login form on your site, send the values to the Passport Web service,
get the authentication response back, and pay the fee for the service.
Wait a minute, did I say pay for the service? The new Web services model
is structured just perfectly not only to allow data to be accessed in
a distributed fashion, but also to permit the providers to charge a fee.
After all, it must be worth something to lower the overhead of site maintenance.
So this begs the question, how do we leverage the power of .NET to create
a Web service? This exam tests you on the ins and outs of doing so.
A Method to the Madness
Creating a Web service isn't as complicated as cranial surgery.
All you need to do is create a class that inherits from the WebService
class of the .NET Framework. Then you must have at least one method that
will be able to be called from an external client. This is called a WebMethod.
Each method that will be available to be called by the client must be
marked as a WebMethod or it will not be accessible. The method can return
either a primitive datatype like an integer or a string or a more complex
object like a DataSet.
If you're returning data of a sensitive nature, you might want to incorporate
a technology like SSL to encrypt the data. Also, make sure that you understand
that the .NET Framework has some built in encryption classes that can
be used as well. Review how to use some of these classes.
"This exam challenges your abilities to do new things
with your old favorite-Visual Basic."
70-310 Developing XML Web Services and Server Components
with Visual Basic.NET and Visual Studio.NET
Live as of August 14, 2002
Who Should Take It
Core credit for MCAD.NET and MCSD.NET
What Courses Prepare You
Programming with the Microsoft .NET Framework (Microsoft
Visual Basic .NET)
Building COM+ Applications Using Microsoft .NET Enterprise
Introduction to Visual Basic .NET Programming with Microsoft
Developing Microsoft .NET Applications for Windows (Visual
Application Upgrade and Interoperability Using Visual
Studio .NET (Visual Basic .NET),
Programming with XML in the Microsoft .NET Framework,
In addition to being able to encrypt sensitive data, you need to be aware
of how to add custom authentication methods to the Web service. By default,
a Web service will accept calls from anyone who has a reference to it.
This could be a bad thing if you want the service to be for subscribers
only. One way to add authentication to a Web service is to allow it to
accept custom SOAP headers. You do this by allowing the client to send
a login ID and password in the SOAP request and validate the client itself.
Make sure you're familiar with how this works.
Tip: Make sure you know how to restrict specific users from specific
content areas of your Web service.
The World of Data
Chances are that the most important facet of your application development
career will be centered on retrieving, formatting and displaying data.
This exam poses no exception. After all, the function of a Web service
is to provide data in some form to a consumer. Make sure you know the
data technologies inside and out.
You should pay special attention to the usage of the DataReader classes
and the DataSet classes. Make sure you know when to use each of these
classes. Remember, the DataReader is much faster than the DataSet, but
offers nothing in the way of editing and sorting. Also, pay attention
to which namespaces you include in your code. For example, if you're using
SQL Server 7.0 or higher, you need to be using the System.Data.SqlClient
namespace for data access.
XML also plays a large role in data access as well, as is shown by its
consistent appearance on this exam. You need to know how XML integrates
with the .NET Framework's paradigm of data access. Know how to create
a strongly typed dataset by using an XSD schema. Make sure you know how
to use the appropriate methods of a DataSet object to extract its contents
as XML or vice versa. Also, spend some time with the other XML objects,
especially the XPathNavigator objects. XPath, although a relatively new
technology, is rather useful for performing queries on XML documents.
Finally, make sure you know the tried and true SQL queries. Be familiar
with the SELECT, UPDATE, INSERT and DELETE statements. Learn how to perform
the different kinds of JOIN operations to retrieve the appropriate result
sets. Also, be aware that in SQL Server 2000, you can retrieve data in
the XML format.
Of course, we can't forget about the role that COM plays in our
programming! Did you really expect COM-based technologies to disappear
immediately with the release of Visual Studio.NET? After all, a majority
of the shops out there still runs Visual Studio 6.0 code, and that means
dealing with integration issues. First, you should know that any component
that will end up being housed in COM+ Services must inherit from the ServicedComponent
class. This allows the object to participate in transactions, object pools
and other functions of COM+ Services.
There may also come a time when you find that you need to allow a COM
component to be able to use a .NET assembly. In this case, you need to
create a type library for the assembly so it can be registered. You also
need to ensure that you mark each needed method as [COMVisible] to ensure
that the method's definition is exported to the type library. If you're
not a Visual Studio 6.0 MCP or MCSD, I'd recommend looking over COM components
and how they work before taking this test. You'll get a good deal of information
on this topic wrong if you don't have a solid background in COM.
Last, a solid foundation with COM+ Services (previously known as MTS)
is a great benefit. Understand the differences between the transaction
isolation levels and how that affects your objects. Be able to recognize
examples of each one and know whether it is appropriate or not for the
given situation. It's also important to have a strong foundation in how
Windows Authentication works and how your user account can play a role
in the access you get to a specific COM+ Application.
Tip: Understanding what's different about object transactions in .NET
will probably gain you a few points.
A Remote Chance
One of the neatest things about the .NET technology is the advent
of .NET Remoting. .NET Remoting changes Microsoft's entire strategy for
distributed application development. Back in the days of Visual Studio
6.0, distributed applications across the Internet were difficult propositions,
indeed. COM and DCOM were proprietary technologies not accepted by the
industry. Their existence required specific firewall ports to be opened
for remote procedure calls (RPCs), and most large companies weren't willing
to allow the security risk.
Now that .NET Remoting has come into play, applications can send their
data through SOAP calls over HTTP, through binary streams, or even by
serializing classes. .NET makes distributed applications doable under
normal security protocols; however, the discussion of implementing .NET
Remoting on a large scale is beyond the scope of this article. There are
entire books that focus on .NET Remoting alone.
In order to implement .NET Remoting, you need to be familiar with the
two different types of objects that can be created: SingleCall and Singleton.
SingleCall objects are objects that are called one time and then destroyed.
Good candidates for SingleCall objects are those that will perform a stateless
task, return the data, and then be destroyed. On the other hand, Singleton
objects have the ability to maintain state for a client; however, the
state of a Singleton object is across all clients, not just a single one.
This can prove to be a disadvantage as well.
You also need to have more than a passing familiarity with calling methods
asynchronously. Normally, methods are synchronous. This means that they
execute code line by line until completion. If a particular line of code
is "hung up" on a particular lengthy task, it may slow your program. .NET
Remoting affords you the ability to call a method and continue processing
in your program. When the method is finished, it will perform a callback
to your application, letting it know that the work has finished.
Tip: .NET Remoting and multithreading are two separate issues. Although
they may seem to be the same thing, they aren't. Don't confuse them.
In addition to knowing the types of objects to create in your .NET Remoting
applications, it's also imperative that you know how to work with channels.
Channels are exactly what they sound like: a communication path from the
client to the server. There are several different kinds of channels such
as TCP and HTTP. You will choose TCP if you're using a different port
than 80 for your requests. With each channel, you must also have a formatter.
Available formatters are SOAP and binary. If you want your calls made
in an XML-based message, SOAP is the choice. Making the choice between
the different channels and formatters has a great deal to do with the
security measures that your company may have in place.
Once you've picked the technologies that you're going to use, it's time
to begin implementing them. You should know all about the machine.config
and web.config files. All of your .NET Remoting settings will be going
into these configuration files. The machine.config file governs the entire
machine, while the web.config manages just the subdirectory it's in. There
can be multiple levels of web.config files that inherit from the parent.
Note that if a child directory inherits the settings of the parent's web.config
file, changing the value in the child file can override the parent's value.
Regardless of the technology you choose, make sure you use appropriate
security measures in your applications. You don't just want to throw an
application out there with no means to protect your data! I recommend
using SSL as the security solution to encrypt data that passes between
your .NET Remoting objects. Remember, you never know who's out there with
a packet sniffer!
Tip: You really need to devote a large amount of time to studying
.NET Remoting before taking this exam. It's quite complicated and requires
a good bit of time to master fully.
"Oh No … it's RAID!"
Note that the RAID I'm referring to is not the variety that involves
disks or the systems engineer. It involves catching those pesky bugs in
your application and squishing the life out of 'em! Visual Studio.NET
includes a good number of tools to help you win the war against bugs.
In order to pass this test, you need to be familiar with all of them.
Be sure you know how to use the Trace and Debug objects provided to you
by the .NET Framework. The Debug object is used to print out values or
take specific action when necessary (such as an assert), while the Trace
object is used to write specific information to a log file or even the
Event Log if necessary. Remember that code written with the Debug object
won't be compiled into a release version; so writing to logs is probably
a better long-term troubleshooting solution.
You can also take advantage of tools like the Immediate, Quick Watch,
and Watch windows. The Immediate window allows you to print variable values
and execute statements on the fly when you're sitting at a breakpoint.
The various versions of the Watch window allow you to "watch" a variable
and break at a specified condition. This tool is an excellent candidate
for loops that execute for a lengthy period of time.
Things To Practice
- Examine the web.config and machine.config files
for remoting settings. Make sure you understand the
- Create a simple Web service that adds two numbers
together. Create an ASP.NET client to display the
- Create an XSD schema by using XSD.EXE for an existing
XML file. Create a strongly typed DataSet with the
- Practice writing "FOR XML" queries on SQL Server
2000. Use "AUTO" and "RAW" modes.
- Deploy an application by using the XCOPY method
to a Web server with the .NET Framework installed.
- Write conditional code that will write errors to
the event log in Windows 2000 and XP, and to a text
file in Windows 98.
- Create a basic .NET Remoting component that retrieves
data from a SQL Server database.
- Using the same component from #7, but make the SQL
query take an extended period of time. Then make the
call to the component asynchronously.
- Write a simple Windows Service that gives the system's
- Use the Visual Studio.NET debugger to debug a Windows
Service in realtime.
(Exam objectives can be found at www.microsoft.com/traincert/exams/70-310.asp.)
The final part of our voyage leads us to deployment of the application.
This can be a rather arduous process, especially if you have a great deal
of distributed components to place on different machines. If all of your
components are of a .NET nature, deployment is actually easy. Just make
sure the target machine has the .NET Framework installed and you're ready
to go. You can literally copy the files over (depending on the type of
application) and you're ready to go!
If you have some components that need to reside in COM+ Services or that
are integrated with COM in some fashion, deployment becomes a little more
hairy. COM components need to be registered in the Windows registry. Sure,
the REGSVR32 command isn't all that hard to deal with, but you may need
to use some of the .NET utilities involved here. For example, REGSVCS.EXE
registers an assembly with COM+ Services.
Finally, deploying a Web service is easy as well. Simply copy the files
to the appropriate Web server, and you're done! Of course, you need to
handle the issue of discovery appropriately. In case you weren't aware,
discovery is the process of making your Web service available to the public.
Make sure you understand how the DISCO and VSDISCO files work.
Wrapping It Up
All in all, this test isn't easy. Microsoft has cranked up its
demands for establishing yourself as a certified developer-in smart ways.
But if you use this article as a jumping off point for exploring the capabilities
of Visual Studio.NET and spend the appropriate time studying each facet
of the technology, you'll become a true expert! Good luck!