Exam Reviews

70-310: Servicing The Web

You can build Web services and the components that keep them running with Visual Basic. This exam pushes you to know your tools really well.

Although the words "Web service" make up the latest buzz-phrase in IT, it's tough to agree on a definition. Here's the definition I offer: A Web service offers a way to access components remotely over virtually any kind of transport medium. A great example of a functional Web services is Microsoft's Passport service (http://www.passport.net), which allows sites to authenticate users without having the overhead of maintaining the actual database of users. All you have to do is put the login form on your site, send the values to the Passport Web service, get the authentication response back, and pay the fee for the service.

Wait a minute, did I say pay for the service? The new Web services model is structured just perfectly not only to allow data to be accessed in a distributed fashion, but also to permit the providers to charge a fee. After all, it must be worth something to lower the overhead of site maintenance.

So this begs the question, how do we leverage the power of .NET to create a Web service? This exam tests you on the ins and outs of doing so.

A Method to the Madness
Creating a Web service isn't as complicated as cranial surgery. All you need to do is create a class that inherits from the WebService class of the .NET Framework. Then you must have at least one method that will be able to be called from an external client. This is called a WebMethod. Each method that will be available to be called by the client must be marked as a WebMethod or it will not be accessible. The method can return either a primitive datatype like an integer or a string or a more complex object like a DataSet.

If you're returning data of a sensitive nature, you might want to incorporate a technology like SSL to encrypt the data. Also, make sure that you understand that the .NET Framework has some built in encryption classes that can be used as well. Review how to use some of these classes.

Visual Basic .NET
Web Services

Reviewer's Rating
"This exam challenges your abilities to do new things with your old favorite-Visual Basic."

Exam Title
70-310 Developing XML Web Services and Server Components with Visual Basic.NET and Visual Studio.NET

Live as of August 14, 2002

Who Should Take It
Core credit for MCAD.NET and MCSD.NET

What Courses Prepare You
2415: Programming with the Microsoft .NET Framework (Microsoft Visual Basic .NET)
2557: Building COM+ Applications Using Microsoft .NET Enterprise Services
2559: Introduction to Visual Basic .NET Programming with Microsoft .NET
: Developing Microsoft .NET Applications for Windows (Visual Basic .NET)
2571: Application Upgrade and Interoperability Using Visual Studio .NET (Visual Basic .NET),
2663: Programming with XML in the Microsoft .NET Framework,

In addition to being able to encrypt sensitive data, you need to be aware of how to add custom authentication methods to the Web service. By default, a Web service will accept calls from anyone who has a reference to it. This could be a bad thing if you want the service to be for subscribers only. One way to add authentication to a Web service is to allow it to accept custom SOAP headers. You do this by allowing the client to send a login ID and password in the SOAP request and validate the client itself. Make sure you're familiar with how this works.

Tip: Make sure you know how to restrict specific users from specific content areas of your Web service.

The World of Data
Chances are that the most important facet of your application development career will be centered on retrieving, formatting and displaying data. This exam poses no exception. After all, the function of a Web service is to provide data in some form to a consumer. Make sure you know the data technologies inside and out.

You should pay special attention to the usage of the DataReader classes and the DataSet classes. Make sure you know when to use each of these classes. Remember, the DataReader is much faster than the DataSet, but offers nothing in the way of editing and sorting. Also, pay attention to which namespaces you include in your code. For example, if you're using SQL Server 7.0 or higher, you need to be using the System.Data.SqlClient namespace for data access.

XML also plays a large role in data access as well, as is shown by its consistent appearance on this exam. You need to know how XML integrates with the .NET Framework's paradigm of data access. Know how to create a strongly typed dataset by using an XSD schema. Make sure you know how to use the appropriate methods of a DataSet object to extract its contents as XML or vice versa. Also, spend some time with the other XML objects, especially the XPathNavigator objects. XPath, although a relatively new technology, is rather useful for performing queries on XML documents.

Finally, make sure you know the tried and true SQL queries. Be familiar with the SELECT, UPDATE, INSERT and DELETE statements. Learn how to perform the different kinds of JOIN operations to retrieve the appropriate result sets. Also, be aware that in SQL Server 2000, you can retrieve data in the XML format.

COM Confusion
Of course, we can't forget about the role that COM plays in our programming! Did you really expect COM-based technologies to disappear immediately with the release of Visual Studio.NET? After all, a majority of the shops out there still runs Visual Studio 6.0 code, and that means dealing with integration issues. First, you should know that any component that will end up being housed in COM+ Services must inherit from the ServicedComponent class. This allows the object to participate in transactions, object pools and other functions of COM+ Services.

There may also come a time when you find that you need to allow a COM component to be able to use a .NET assembly. In this case, you need to create a type library for the assembly so it can be registered. You also need to ensure that you mark each needed method as [COMVisible] to ensure that the method's definition is exported to the type library. If you're not a Visual Studio 6.0 MCP or MCSD, I'd recommend looking over COM components and how they work before taking this test. You'll get a good deal of information on this topic wrong if you don't have a solid background in COM.

Last, a solid foundation with COM+ Services (previously known as MTS) is a great benefit. Understand the differences between the transaction isolation levels and how that affects your objects. Be able to recognize examples of each one and know whether it is appropriate or not for the given situation. It's also important to have a strong foundation in how Windows Authentication works and how your user account can play a role in the access you get to a specific COM+ Application.

Tip: Understanding what's different about object transactions in .NET will probably gain you a few points.

A Remote Chance
One of the neatest things about the .NET technology is the advent of .NET Remoting. .NET Remoting changes Microsoft's entire strategy for distributed application development. Back in the days of Visual Studio 6.0, distributed applications across the Internet were difficult propositions, indeed. COM and DCOM were proprietary technologies not accepted by the industry. Their existence required specific firewall ports to be opened for remote procedure calls (RPCs), and most large companies weren't willing to allow the security risk.

Now that .NET Remoting has come into play, applications can send their data through SOAP calls over HTTP, through binary streams, or even by serializing classes. .NET makes distributed applications doable under normal security protocols; however, the discussion of implementing .NET Remoting on a large scale is beyond the scope of this article. There are entire books that focus on .NET Remoting alone.

In order to implement .NET Remoting, you need to be familiar with the two different types of objects that can be created: SingleCall and Singleton. SingleCall objects are objects that are called one time and then destroyed. Good candidates for SingleCall objects are those that will perform a stateless task, return the data, and then be destroyed. On the other hand, Singleton objects have the ability to maintain state for a client; however, the state of a Singleton object is across all clients, not just a single one. This can prove to be a disadvantage as well.

You also need to have more than a passing familiarity with calling methods asynchronously. Normally, methods are synchronous. This means that they execute code line by line until completion. If a particular line of code is "hung up" on a particular lengthy task, it may slow your program. .NET Remoting affords you the ability to call a method and continue processing in your program. When the method is finished, it will perform a callback to your application, letting it know that the work has finished.

Tip: .NET Remoting and multithreading are two separate issues. Although they may seem to be the same thing, they aren't. Don't confuse them.

In addition to knowing the types of objects to create in your .NET Remoting applications, it's also imperative that you know how to work with channels. Channels are exactly what they sound like: a communication path from the client to the server. There are several different kinds of channels such as TCP and HTTP. You will choose TCP if you're using a different port than 80 for your requests. With each channel, you must also have a formatter. Available formatters are SOAP and binary. If you want your calls made in an XML-based message, SOAP is the choice. Making the choice between the different channels and formatters has a great deal to do with the security measures that your company may have in place.

Once you've picked the technologies that you're going to use, it's time to begin implementing them. You should know all about the machine.config and web.config files. All of your .NET Remoting settings will be going into these configuration files. The machine.config file governs the entire machine, while the web.config manages just the subdirectory it's in. There can be multiple levels of web.config files that inherit from the parent. Note that if a child directory inherits the settings of the parent's web.config file, changing the value in the child file can override the parent's value.

Regardless of the technology you choose, make sure you use appropriate security measures in your applications. You don't just want to throw an application out there with no means to protect your data! I recommend using SSL as the security solution to encrypt data that passes between your .NET Remoting objects. Remember, you never know who's out there with a packet sniffer!

Tip: You really need to devote a large amount of time to studying .NET Remoting before taking this exam. It's quite complicated and requires a good bit of time to master fully.

"Oh No … it's RAID!"
Note that the RAID I'm referring to is not the variety that involves disks or the systems engineer. It involves catching those pesky bugs in your application and squishing the life out of 'em! Visual Studio.NET includes a good number of tools to help you win the war against bugs. In order to pass this test, you need to be familiar with all of them.

Be sure you know how to use the Trace and Debug objects provided to you by the .NET Framework. The Debug object is used to print out values or take specific action when necessary (such as an assert), while the Trace object is used to write specific information to a log file or even the Event Log if necessary. Remember that code written with the Debug object won't be compiled into a release version; so writing to logs is probably a better long-term troubleshooting solution.

You can also take advantage of tools like the Immediate, Quick Watch, and Watch windows. The Immediate window allows you to print variable values and execute statements on the fly when you're sitting at a breakpoint. The various versions of the Watch window allow you to "watch" a variable and break at a specified condition. This tool is an excellent candidate for loops that execute for a lengthy period of time.

10 Things To Practice
  1. Examine the web.config and machine.config files for remoting settings. Make sure you understand the sections.
  2. Create a simple Web service that adds two numbers together. Create an ASP.NET client to display the results.
  3. Create an XSD schema by using XSD.EXE for an existing XML file. Create a strongly typed DataSet with the schema.
  4. Practice writing "FOR XML" queries on SQL Server 2000. Use "AUTO" and "RAW" modes.
  5. Deploy an application by using the XCOPY method to a Web server with the .NET Framework installed.
  6. Write conditional code that will write errors to the event log in Windows 2000 and XP, and to a text file in Windows 98.
  7. Create a basic .NET Remoting component that retrieves data from a SQL Server database.
  8. Using the same component from #7, but make the SQL query take an extended period of time. Then make the call to the component asynchronously.
  9. Write a simple Windows Service that gives the system's time.
  10. Use the Visual Studio.NET debugger to debug a Windows Service in realtime.

(Exam objectives can be found at www.microsoft.com/traincert/exams/70-310.asp.)

Anchors Away!
The final part of our voyage leads us to deployment of the application. This can be a rather arduous process, especially if you have a great deal of distributed components to place on different machines. If all of your components are of a .NET nature, deployment is actually easy. Just make sure the target machine has the .NET Framework installed and you're ready to go. You can literally copy the files over (depending on the type of application) and you're ready to go!

If you have some components that need to reside in COM+ Services or that are integrated with COM in some fashion, deployment becomes a little more hairy. COM components need to be registered in the Windows registry. Sure, the REGSVR32 command isn't all that hard to deal with, but you may need to use some of the .NET utilities involved here. For example, REGSVCS.EXE registers an assembly with COM+ Services.

Finally, deploying a Web service is easy as well. Simply copy the files to the appropriate Web server, and you're done! Of course, you need to handle the issue of discovery appropriately. In case you weren't aware, discovery is the process of making your Web service available to the public. Make sure you understand how the DISCO and VSDISCO files work.

Wrapping It Up
All in all, this test isn't easy. Microsoft has cranked up its demands for establishing yourself as a certified developer-in smart ways. But if you use this article as a jumping off point for exploring the capabilities of Visual Studio.NET and spend the appropriate time studying each facet of the technology, you'll become a true expert! Good luck!


comments powered by Disqus

Subscribe on YouTube