最近的项目采用了基于WEBSERVICE的三层架构,仔细想想,这种方式还是扩展性蛮好的。本来担心WEBSERVICE的瓶颈问题,现在发现,担心是多余的,微软的东西还不会那么差劲。下面来一个总结:
使用WEBSERVICE的优点:
1.系统扩展性增强
2.便于集中统一控制
3.屏蔽数据层(安全性)
webservice功能总结:
1.用户的身份认证
?? WEBSERVICE是采用SOAP通讯协议,使用WSDL定义语言,以XML为传输数据格式,SOAP信息包括SOAPHEADER 和 SOAPBODY两个部分。
?? 在项目中,我们也用到了soapheader:
?? public class SecurityHeader :??? System.Web.Services.Protocols.SoapHeader
? {
??? private SecurityInfo _securityinfo;
? //验证信息
??? public SecurityInfo SecurityInfo
??? {
????? get
????? {
??????? return _securityinfo;
????? }
??? }
??? public ClientUserInfo Check()
??? {
????? try
????? {
??????? if (_securityinfo == null)
??????? {
????????? errinfo = "无效的验证信息,错误代码 1001";
????????? return null;
??????? }
??????? //检测缓存中是否存在,并且合法
??????? ClientUserInfo lc_UserInfo = ClientUserInfo.GetClientUserInfo(_securityinfo);
??????? if (lc_UserInfo != null)
??????? {
????????? if (_securityinfo.Seq >= lc_UserInfo.Seq)
????????? {
??????????? lc_UserInfo.Seq = _securityinfo.Seq;
??????????? return lc_UserInfo;
????????? }
????????? else
????????? {
??????????? //直接打回
??????????? errinfo = "无效的验证信息,错误代码 1002";
??????????? return null;
????????? }
??????? }
??????? //到期,或者是新登录
??????? ServerDataAccess lc_da = new ServerDataAccess();
??????? try
??????? {
????????? if (string.IsNullOrEmpty(_securityinfo.UserCode))
????????? {
??????????? errinfo = "没有找到登录信息";
??????????? return null;
????????? }
????????? //检测用户名密码
????????? string lc_SQL = "Select fPassword From T_User Where fUserCode=@UserCode";
????????? DbParameter[] lc_Pam = new DbParameter[1];
????????? lc_Pam[0] = ServerDataAccess.CreateParameter("@UserCode",_securityinfo.UserCode);
????????? string lc_DbPassStr = Convert.ToString(lc_da.GetScalar(lc_SQL,lc_Pam));
????????? if (string.IsNullOrEmpty(lc_DbPassStr))
????????? {
??????????? errinfo = "没有找到该用户";
??????????? return null;
????????? }
????????? byte[] lc_DBPass = Convert.FromBase64String(lc_DbPassStr);
????????? if (!ServerFun.CompDBPass(lc_DBPass,_securityinfo.UserPass,_securityinfo.UserCode))
????????? {
??????????? errinfo = "用户名密码错误";
??????????? return null;
????????? }
????????? lc_UserInfo = ClientUserInfo.Create(_securityinfo);
????????? if (lc_UserInfo == null)
????????? {
??????????? errinfo = "用户验证失败";
??????????? return null;
????????? }
????????? return lc_UserInfo;
??????? }
??????? finally
??????? {
????????? lc_da.Close();
??????? }
????? }
????? catch (Exception exp)
????? {
??????? errinfo = "验证失败,错误原因:" + exp.Message;
??????? return null;
????? }
??? }
???? }
SecurityHeader类作为webservice类的一个属性公开
?
2.数据访问接口
? 在项目中,由于所有的数据都通过WEBSERVICE取得,那么在WEBSERVICE里会定义很多相关的WEBMthod。
[WebMethod,SoapHeader("header")]
? public int QueryToDataSet(int pm_Type,string pm_SQL,byte[] pm_Params,bool pm_NeedCompress,
??? out DataSet pm_DataSet,out string pm_ErrorInfo)
? {
??? pm_DataSet = null;
??? pm_ErrorInfo = string.Empty;
??? ClientUserInfo lc_Info;
??? if (!ClientUserInfo.CheckHeader(header,out lc_Info,out pm_ErrorInfo)) return -100;
??? try ??? { ????? DbParameter[] lc_Params = ServerDataAccess.BufferToDbParameters(pm_Params); ????? pm_DataSet = ServerDataAccess.DoQuery(pm_Type,pm_SQL,lc_Params); ????? pm_ErrorInfo = string.Empty; ????? return 0; ??? } ??? catch (Exception exp) ??? { ????? pm_DataSet = null; ????? pm_ErrorInfo = exp.Message; ????? return -1; ??? } ? }
