Say I have an application that wants to return information from an online database, it's a public application which anyone has free access to. What is a safe approach for these clients to communicate with the database?
I am interested in how this is done in professional environments. When I tried to do research all I could find were examples of clients connecting directly to the database themselves, leaving their connection strings in the code, these examples I'm sure were for server sided/private applications. But in my scenario I assume there has to be a proxy in between.
Do I set up a web server with PHP scripts that returns results or do I program a server that listens for TCP/IP connections? I feel there is a better way but can't lay my finger on it.
What my question boils down to is essentially..
What technique is used for this 'proxy' and client to communicate? What does the setup look like? Even a diagram would be great. Assume I am working in C#.
Related
I have been doing much research into this and was wondering what the best approach is, imagine the scenario where you have a WPF application that is being distributed to many users, this application has to connect to a database server. Connecting to a database is not a problem its how secure the connection is as external users will have access to the application.
within the app.config file connection strings can be pointed to the server, however releasing the password and server IP address is not a good idea. from research, other people recommended encrypting the data, but sure this is still got a degree of vulnerability.
the next approach is to use WCF, this i have limited knowledge on and not sure if this approach is correct.
Am I safe in encrypting the connection strings or is there more to it than that, I just want to be extra careful when dealing with sensitive data.
A common way is to add a server layer between your wpf app and the database. It can be a REST api or other web services as you like. In terms of technologies you can choose, wcf is one. But wcf is not easy to get started with if you do not have experience of dealing with services. I suggest to try Asp.Net's Web Api project to quickly establish a Rest Service (http://www.asp.net/web-api/overview/data/using-web-api-with-entity-framework/part-1 ).
This server layer will protect your database information (connection string etc). Also, allowing your application directly querying the database will potentially prevent the database from evolving -- for example, the insert query may break on the client side when you add a constraint on a table. Having a server in between can solve this future headache as you can update the server side implementation and database simultaneously.
In case of data sensitive, I would like to prefer SOA architecture will most suitable to you. WCF will be good option but think about RestFulWCF or WebApi2.0 (popular for multi platform support).
Hope this will help :)
My group in the university are working on a project, which includes us making a C# program. We have a vision of making a server side console program that is constantly calculating data and then make a client side program that can fetch the data from our server side program. The client side program will then be able to display the data and the user is able to navigate forth and back around the data. Both of these programs will be run on the same computer solely for exercise purpose.
I am wondering how I can get data from the server side program and be able to display it on the client side program.
If both client and server are always on the same machine, there is no need at all to use WCF or Sockets. You can use named pipes for the interprocess communication.
If you're trying to do a more serious client/server application, I recommend you to try Redis which provides a lot of remote features like pub/sub and caching, so you'll avoid reinventing the wheel.
As mentioned in the comments that sounds like you would like to create a "server" like application which you could do with WCF.
http://tech.pro/tutorial/855/wcf-tutorial-basic-interprocess-communication
There are also some workarounds if you wish to do so, using a Database or use a folder containing Text Files,that would include a folder watcher, which you than read, but they are not that elegant.
You can get data to the client program by configuring it by using web.api self hosting. Here is a great link. The server app can be configured to use the same thing. They can both listen and answer one another.
http://www.c-sharpcorner.com/UploadFile/b1df45/Asp-Net-web-api-self-hosting/
Why don't you give ASP.NET Web API a chance?
You'll be creating a REST API that not only a C# program can talk to (any language/implementation - even another server) can talk to your server as long as the end point is correct (in your case would be your IP address and port number) & of course, you don't need both programs to be on the same computer as well :)
My existing scenario is below:
I have an SQL server which resides in a main company office. The company has another branch which is 60 miles apart.
I have a WPF application installed in computers in the main office and the branch which connects to the SQL server in the main office for printing records etc.
I am specifying the connection parameters in the app.config file as below:
<add name="CompanyEntities" connectionString="metadata=res://*/LabModel.csdl|res://*/LabModel.ssdl|res://*/LabModel.msl;provider=System.Data.SqlClient;provider connection string="Data Source=publicIPaddress of remote SQL here;Initial Catalog=databasename;Persist Security Info=True;User ID=sa;Password=password;MultipleActiveResultSets=True"" providerName="System.Data.EntityClient" />
My problem is that the application in the branch hangs for ever at certain times. So my question is whether its the best practice to use WCF for connecting to the remote SQL server?
Which is the best way to go about it? Is there any links which best discribes this?
In your current scenario, WCF is useless to you. If you write a server side application, that manages the database connection, you can use WCF to send the data to your clients. However that requires your client side software adapted to the use of WCF also, but in that case your clients wouldn't access the database (you would change from a two-layer architecture to a three-layer architecture). It might solve your problems, and it might introduce some other problems.
The hanging problem you describe could be caused by many things. For example you can run out of database connections, get into a deadlock (altough that transaction would be terminated by the server normally), or just simply have a lock on data being edited, and the employee using it going for a break.
It is also possible, that the problem is not with the database connection, but something in the client side code. Since I have no details, I can not tell you anything more specific.
Picking on the wording you chose, I don't think you'll be "connecting to the remote SQL server" using WCF. However, you can certainly use WCF to host a service that provides your client (WPF app) with secure access to your data, though it will do so indirectly. This approach will be quite different from the approach you currently have: accessing the server directly from the WPF app.
Although I haven't used it myself, I believe one approach may be WCF Data Services. If you only need a few operations in your service (e.g. GetRecord) for printing you may also be able to just roll your own WCF service that just provides "Records" to your client app. Any introductory book or tutorial on WCF will probably get you on your way.
The above answers the questions you seemed to be asking. However, WCF doesn't solve connection issues for you: if you say "the application [...] hangs forever at certain times" you should investigate that no matter what. But that's a different question.
I am have tremendous trouble with this.
What I want to do is: I want to create a system (in C#) that will (amongst other things) allow users to send simple messages to each other. So I want to create a MySQL database which will rest on a server. Other computers running the system will then have to connect remotely to this database and read a certain table to see if they have any new messages.
I want the client computer to connect via the internet to the database on the server.
But how do I do this?
How do I create a database that can be connected to through the internet?
How should my connection string look like on the client computer?
What configurations do I need to do on both client and server computers?
Any assistance is deeply appreciated, and if you could suggest how I can go about achieving my objective. I am a quite competent programmer, but HATE these network things!
I am developing in C# using WPF to access the database. So it's a desktop app!
Here's how you do what you're asking to do.
Use the MySQL Connector/NET ADO.NET connector. It is here.
http://dev.mysql.com/downloads/connector/net/5.1.html
Follow the directions for setting it up. It works very well.
Put your MySQL server on a public IP address.
Get your client software assembly to connect to that public IP through the ADO.NET connector.
But, PLEASE!
Ask yourself whether this is the right thing to do. It probably isn't, because MySQL servers (and all table servers) work much more safely and predictably when they are behind firewalls and accept connections from a limited number of client packages.
Consider doing what Mike Christensen suggested. Use ASP.NET and WCF, or whatever stack you like, to build a server-resident interface to your MySQL database. That server-resident interface can then be accessed by the client software you push out to your end users.
That interface can have just the methods you need. WCF or any other stack for building server components can do this easily and robustly. For example.
Client 1: This is moe. Here's a message for curly: "Look at the grouse, look at the grouse".
Server: OK
Client 2: This is curly: any new messages?
Server: moe says "Look at the grouse, look at the grouse".
Client 1: This is moe. When did curly last collect my messages?
Server: ten minutes ago.
Client 2: This curly. any new messages?
Server: NO
This is far safer and more scalable than just making the MySQL interface available on the internet, and it will perform much better.
By the way, it looks like you want an instant messaging protocol. You may want to look into using the open-source system at http://jabber.org . This stuff can be tricky to get right if you build it all yourself.
I would like to have a client-server application written in .NET which would do following:
server is running Linux
on the server there is SQL database (mySQL) containing document URLs
What we want:
- server side would regularly crawl all URLs and create a full text index for them
- client side would be able to perform a query into this index using GUI
The client application is written in .NET using C#. Besides of searching in documents it will be able to do a lot of other things which are not described here and which are done client-side very well.
We would like to use C# for the server side as well, but we have no experience in this area. How are things like this usually done?
Clarifying question now based on some answers:
The thing which is most unclear to me is how client-server communication is usually handled. Is client and server usually using sockets, caring about details like IP addresses, ports or NAT traversal? Or are there some common frameworks and patters, which would make this transparent, and make client-server messaging or procedure calling easy? Any examples or good starting points for this? Are there some common techniques how to handle the fact a single server is required to server multiple clients at the same time?
To use c# on Linux you will need to use Mono. This is an open source implementation of the CLR specification.
Next you need to decide on how to communicate between server and client, from the lowest level of just opening a TCP/IP socket and sending bits up and down, to .Net remoting, to WCF, to exposing webservices on the server. I do not know how compleat WCF implementation is on mono, also I think you may have issue with binary remoting between mono and MS .Net .
I would suggest RPC style WebServices offer a very good solution. WebServices also have the advantage of alowing clients from other platforms to connect easily.
EDIT
In response to the clarification of the question.
I would suggest using mono/ASP.NET/WebServices on the server, if you wish to use c# on both server and client.
One assumption I have made is that you can do a client pull model, where every message is initiated by the client. Using another approach could allow the server to push events to the client. Given the client has the ability to pole the server regularly I don't consider this much of a draw back but it may be depending on the type of application you are developing.
Mono allow execution of c# (compiled to IL) on a Linux box. Mono ASP.NET allows you to use the standard ASP.NET and integrate into Apache see http://www.mono-project.com/ASP.NET and finally WebServices allow you to communicate robustly in a strongly typed manner between you client and your server.
Using this approach negates most of the issues raised in your clarification and makes them someone else's problem.
Sockets/SSL - is taken care of by standard .Net runtime on the client and Apache on the server.
IPAddress/ports/NAT traversal - Is all taken care of. DNS look up will get the servers IP. Open socket will allow the server to respond through any firewall and NAT setup.
Multiple Clients - Apache is built to handle multiple clients processing at the same time as is ASP.NET, so you should not encounter any problems there.
As many have already mentioned there are a number of thing that you have mentioned which are going to cause you pain. I'm not going to go into those, instead I will answer your original question about communication.
The current popular choice in this kind of communication is web services. These allow you to make remote calls using the HTTP protocol, and encoding the requests and responses in XML. While this method has its critics I have found it incredibly simple to get up and running, and works fine for nearly all applications.
The .NET framework has built in support for web services which can definitely be called by your client. A brief look at the mono website indicates that it has support for web services also, so writing your server in C# and running it under mono should be fine. Googling for "C# Web Service Tutorial" shows many sites which have information about how to get started, here is a random pick from those results:
http://www.codeguru.com/Csharp/Csharp/cs_webservices/tutorials/article.php/c5477
have a look at Grasshopper:
"With Grasshopper, you can use your favorite development environment from Microsoft® to deploy applications on Java-enabled platforms such as Linux"
Or see here
The ideea is to convert your app to Java and then run it on Tomcat or JBoss.
Another approach: use the Mod_AspDotNet module for Apache, as described here.
This Basic Client/Server Chat Application in C# looks like a kind of example which might be a starting point for me. Relevant .NET classes are TcpClient and TcpListener