Silverlight works on client side so putting any sensitive data like connection strings, passwords etc. in the code seems not to be a good thing. I want to build whole web app in Silverlight doing lots of authorization and database quering things. How to make it safe? Any tips&tricks and what things should I avoid?
I have never developed / used a silverlight app, but I would assume you would use a webservice to broker communication between your app and the database.
This is at least how Flex works.
Edit: This is how Silverlight works as well
Related
I am building an application that needs to connect to a server to send and retrieve data constantly.
at first i was going to use mysql, by mysql is far from what i want. using this would force users to connect to the database constantly.
CAN C# silverlight connect to a server and send a message?
here is an example to something in C# console, VERY similar to what i am trying to achieve
https://www.youtube.com/watch?v=9kcrTKj7Jpk
Any documentation would also be helpful.
To be more specific my server will be written with C# console, but i want my c# silverlight to send the message.
Yes.
CAN C# silverlight connect to a server and send a message?
Traditionally, the way that Silverlight has connected to a server to send a message is with WCF services. This still works well, but the other option is REST.
What you will need to do is write a layer (or use an ORM like Entity Framework) to persist data from whichever database platform you choose (MySQL or otherwise). Then you will need to write REST, or WCF services on top of this. You will then need to consume the services from your Silverlight application.
There are many articles on this if you Google. Here is one of the ones that comes up instantly:
http://www.dotnetcurry.com/ShowArticle.aspx?ID=228
One thing you must consider with Silverlight, is that by default, Silverlight will only talk to the server that the Xap package is hosted on. So, if you need the Silverlight app to talk to a different server, you will need to set up and expose a clientaccesspolixy.xml from the server where the WCF/REST services are hosted. This is a stupid limitation that Microsoft made a big mistake on in the first place. Here is an article about it:
https://msdn.microsoft.com/fr-fr/library/cc197955(v=vs.95).aspx
I want to build some sort of interface that will monitor our real time routing/switching system. I would like to give a lot of visual feedback to be able to monitor its status visually. Our system and clients are not co-located so they would need to connect via TCP/IP.
I would like to be able to service any number of monitoring clients (although this will probably only ever be about 4-6 clients). I thought of using SilverLight but there appears to be one or two tricks involved in getting SilverLight to connect back to an application running on a different port.
I have also thought of using HTML5 canvas and websockets. Another alternative is to just create the clients using normal Window Forms and perhaps WPF. But this means that to monitor the application the client will have to be downloaded before. I would prefer something that is as easily accessible as web app?
What are some of the more common application stacks to achieve this? What should I watch out for?
EDIT:
Just to add: This will be an internal tool only. But we have offices in a couple of locations.
any choice in this direction could be subjective and arguable, surely somebody could suggest any possible web framework or language...
I would consider, however because of your .NET and C# tags, ASP.NET MVC 3, so basically web based plugin-less ( NO Silverlight ) HTML 5 solution.
Consider that StackOverflow is done in same way (MVC, ASP.NET, SQL Server... ) and outperforms as we all know.
the way you grab the underlying events from TCP, so the way you capture and provide the data from TCP, it's another thing from the front end, I would probably write a Windows Service if the traffic is so high and you want to grab and store data anything regardless any active client connection.
There are plenty of real time charting controls out there also for MVC, MS Chart Control. DevExpress, ExtJS integrated ones...
"real time" and Browser is bothering me.
I would indeed go WPF or WinForms. Using the ClickOnce-Deployment you can make this a no-pain for the user and you can roll-out new versions just by redeploying them and having the user restart the application.
In my company this works really fine and we have no problems whatsoever. The only problem with this is, that the app.config is somewhat hard to find and keep current/valid (redeploy) but in your case this won't change per client (or so I guess).
I agree with #Davide - I would go for a WebService that will obtain all routing/switching data in realtime. You will have a web application and on the client side you will have JQuery/AJAX fetching realtime data from the WebService component.
I've seen cool demo's of Web Orb doing something similar to what you want. http://www.themidnightcoders.com/
If you are starting from scratch, it would be good to check out WCF (Windows Communication Foundation). It's great because it can expose your functionality in many ways, using nothing more than modifying a config file.
If you want a Windows client app, you can host it in a Windows Service, or simply include it as a side assembly. For web apps, you can choose between various formats (JSON, XML), channels (HTTP, TCP) and protocols (SOAP, ODP).
If I got it right, there will be a server-side application which will collect information from the devices and expose it to clients as a service. In that case, a WCF application might be hosted in a Windows Service or IIS on a server machine, and expose the data though one or more endpoints (HTTP, TCP).
I am not aware of problems in connecting a SilverLight app to a service, but I would rather go for a HTML5/JavaScript combo instead, for easier deploying and compatibility with a wider range of devices (no plugins needed). ASP.NET MVC should be the best choice for the web app.
I have a code written in C# I would like to use as the back-end of a site I'm building.
I would prefer not to build the site front-end in ASP.NET (which integrates nicely with C#), and to use PHP or Python instead.
Is that reasonable? Should I re-consider using ASP.NET?
How can I achieve that?
Just use asp.net mvc framework for the frontend instead of plain asp.net. It's easy to learn. And if you know php it will be easy to you undestand asp.net mvc.
I don't see the reasons if you are using c# backend use php frontend. For sure you can create service layer on c# and communicate with php through it, but it does not make sence for me.
You can do whatever you like. Personally i wouldnt use php because i dont know very much php.
But you can do it, you could expose a soap web service and there are libraries that will let php talk to it.
No one here will be able to tell you what you haven't already told us. Asp.Net will probably be easier because of how everything integrates and you can share classes etc - but that does not mean you HAVE to use it.
Both of them are fairly passive server side technologies that present html to browsers though. why do you need 2 servers?
You have to ask why you are doing it .. if you are playing and want to learn then of course you can do it just to see how it all works. But if you are on a commercial project then id suggest that you dont need both a php and a c# server ... or if you do perhaps you want to go asp.net for your web server and if you need another layer of services behind then use WCF if you want to go a microsoft route. Howver it is usually possible to host all services in the same IIs instance.
You can do this i have done this for a web site my self use a database server or files,
http://dtpgroup.co.uk/
Your C# application can connection to your store save the info it needs to then php can read them if it file just use a formatted file E.G
if your using Database php can connect to MySQL or MSSQL so your C# application can use MySQL if you know what your doing in C# if not and your more comfortable in php then use MSSQL (also php have the superior documentation )
I work in both frequently
Ugh, in normal instances, reading data with C# writing it to files and loading up with PHP sound slow, inefficient and down wright crazy. I believe these terms are being used wrongly.
Client Server - user machine - database great for private networks where you connect to the DB without going over the internet
vs n-Tier
Client - Browser programming html, css, javascript connects to middleware over the internet
Middleware - inside your firewall, connects browser to database could be called part of backend - php and C# are middleware languages
Database final (generally 3rd) tier
With php and c# you are creating multiple middleware layers
why why why would you do this for a web app pick one
now if you have a web app with PHP and sneakerware in house client server apps that are controlled ie shipping, accounting that are not exposed - maybe but you have added complexity that you would not need (generally)
Gary
We have a multi user product prototype in WPF which works fine as a prototype. Now we want to build the complete product.
In our product we have scenarios where 2 - 3 users might have to use same data. Say one us editing and the other user is viewing the continuos edits. And also whenever a user changes a common itemm updates should go to all the other users on that same item, and they need to refresh their information. And this should happen without polling continuously.
Is there any advantage of going towards web based product development i.e in Silverlight.
There's absolutely no architectural advantage to Silverlight over WPF in this situation. Your main advantages for Silverlight would be 1) smaller deployment 2) cross platform and 3) more integrated in-browser experience.
From the developer's perspective, however, you might actually find WPF better for developing this kind of collaborative application because you have access to a wider array of networking options. Silverlight has limits on what TCP/UDP ports you can access and has no built-in peer to peer networking capabilities like WCF does on the .NET Framework.
In any case, a Silverlight application for all intents and purposes is a client application, not really any more of a web application than WPF except when it comes to deployment.
Peer to Peer (p2p) vs. Client / Server
Your question really comes down to how you want to design your data storage.
P2P: Do you want each copy of the application to keep a full copy of the data and to exchange updates to the data with the other clients? This works well in a LAN environment but gets challenging over the broad Internet. BitTorrent is a good example of an application that does this.
P2P generally has higher performance and fewer costs but is very tricky to pull off. You'll need a p2p network transport like PeerChannel, and most likely a synchronization engine like Sync Framework, and some form of structured local data store like SQLite.
Client / Server: Do you want one master computer (e.g. server) to host all the data and have each client load / update data to the server? This works well in a LAN or Internet environment. Web browsers / web servers are a good example of this.
Client / Server has the overhead that a dedicated always on server computer has to be involved and you have to program two applications, the client side and the server side. Silverlight or WPF work well for the client piece of this design.
If you're up for a challenge, developing a p2p application can be a lot of fun because there are many obstacles to overcome and the end result is generally more efficient. This will essentially require you use WPF to get the libraries/tools support you need. If you need to get something working quickly, you'll find that the tools you have support client / server much better because this is how most applications are written. Here, WPF and Silverlight will both work, but they are only part of the solution -- you'll need a server technology too like SQL Server or ASP.NET or Azure or ...
I'm a desktop application developer who is temporarily working in the web. I'm working with a client that wants me to build an app for use by locations all over the state; however, these locations have very shaky connectivity.
They really want a centralized web app and are suggesting I build a "lean" web app. I don't know what a "lean web app" means: small HTTP requests but lots of them? or large HTTP requests with few of them? I tend to favor chunky vs chatty.. but I've never had to worry about connectivity before.
Do I suggest a desktop app that replicates data when connectivity exists? If not, what's the best way to approach a web app when connectivity is shaky?
EDIT:
I must qualify my question with further information. Assuming the web option, they've disallowed the use of browser runtime technologies and anything that requires installation. Thus, Silverlight is out, Flash is out, Gears is out - only asp.net and javascript is available to me. Having state this, part of my question was whether to use a desktop app; I suppose that can be extended to "thicker technologies".
EDIT #2: Network is homogeneous - every node is Windows. This won't be changing.
You should get a definition of what the client means by "lean" so that you don't have confusion surrounding it. Maybe present them with several options of lean that you think they might mean. One thing I've found is it's no good at all to guess about client requirements. Just get clarification before you waste a bunch of time.
Shaky connectivity definitely favors a desktop application. Web apps are great for users that have always-on Internet connections, and that might be using a variety of different browsers and operating systems.
Your client probably has locations that are all using Windows, so a desktop application is an appropriate choice. One other advantage of web applications is that they make the deployment issue easy to deal with. Auto-update technologies like ClickOnce make the deployment and update of desktop applications almost as easy.
And not to knock Google Gears, but it's relatively new and would have to be considered more risky than a tried-and-true desktop application.
Update: and if you're limited to just javascript on the client side, you definitely do not want to make this a web app. Your application simply will not be available whenever the Internet connection is down. There are ways to save stuff locally in javascript using cookies and user stores and whatnot, but you just don't want to do this.
If connectivity is so bad, I would suggest that you write a WinForm app that downloads information, locally edits it and then uploads it. This way, if your connection goes down, all you have to do is retry until it works.
They seem to be suggesting a plain vanilla web app that doesn't use AJAX or rely on .NET postbacks or do anything that might make it break down horribly if your connection goes away for a bit. Instead, it should be designed so that you can hit Refresh until it works. In other words, they seem to want the closest thing to a WinForm app, only uglier.
You may consider using a framework like Google Gears to help provide functionality during network down time. This allows users to connect to the web page once (with a functioning connection) and then be able to use the web app from then on, even without a connection.
When the network is restored, the framework can sync changes back with the central database.
There is even a tutorial for using Google Gears with the .Net Framework.
Gears with other languages
You mention that connectivity is shaky at these locations, but that the app needs to be centralized. One thing you might consider is using multiple decentralized read database servers and a single centralized write server. Mysql makes this possible and affordable if your app is small.
Have the main database server at the datacenter/central office. Put up small web/db servers at each location, with your app installed. You can even run them off a user computer if the remote location is not too big. Make the local database servers connect to the centralized database server as replication slaves. As changes come in to the centralized database, the slave servers will pull down the data and make it available locally. When the connection is unavailable, your app data is still at least available, if not up to date. When the connection is available, the database handles replicating all relevant data down.
Now all you have to do is make your app use two separate database handles: reading data it uses the local database, writing data it uses the central database.