Dries Driessen - Web services and WSDL files

Owned by David Harms
Last updated: Sept 27, 2013
2 min read

Dries started off by explaining the many benefits of adding web services to your app (so your app can consume those services).

Services can use HTTP GET or POST statements. The data is contained in a SOAP envelope. Soap 1.2 is the newest. But you can create your own web services using any format.

WSDL stands for Web Services Description Language. This is an XML format that describes the service, and which is provided by the web service so the client can identify how to use the service. In many languages and IDEs you can create WSDLs automatically. Dries has added WSDL support to Clarion. 

Dries wrote a couple of lines of code showing how to call a web service class (created previously). The example uses NetTalk but Dries has abstracted the calls behind an interface so you can plug in another HTTP transport layer if you wish. 

Writing XML is easy; reading it is more difficult. Dries has included a class wrapper for the Clarion SAX parser. 

Actually, SOAP is gradually being replaced by RESTful services. WSDL is good for machine to machine communication but doesn't format well in browsers.

There's also WADL - http://en.wikipedia.org/wiki/Web_Application_Description_Language

And there's JSON. Dries has classes for that. 

Many services offer output in various formats - SOAP, JSON, text. Dries demonstrated this using the Flickr API.

Dries talked about SOA - service oriented architecture. This is a good thing, and he gave some guidelines for implementing SOA. Think about security. Log errors, but don't show the user details of the error.

If you're not doing REST with JSON now you probably will be soon. 

Don't assume a PING means your service is running. Beware of caching.

WSDL - can be generated ahead of time and delivered as a static file or at runtime. 

Dries walked through creating a web service using his classes, and then he switched to Visual Studio and showed how to create a client using the WSDL info supplied by the Clarion service. He updated records in the Clarion application via the web service. 

But what about security? 

The easiest thing is to encrypt the unique ID used to identify the record to be updated. That sort of works but is still vulnerable because the encryption for any unique ID is a constant. 

Instead, you need a hash that's generated for each request and can be returned. Effectively it's a unique token generated by the server. Dries showed how to do this to protect a transaction from hacking and from bugging clients.

Fiddler is a great tool, but your web server needs to be proxy aware. NetTalk has a setting for this.

Adding a web service to your own app

You can have a host and a client in your own app. One instance of the app on your own server; another on the client's app. This is a great way to set up communication between machines. 

Benefits for keeping data updated, centralizing backups. Start building a service oriented architecture. 

Dries then showed his fantastic bitmap creator, at first using local storage. He then launched another copy app playing the role of the hosted version. He made changes to images in one app and the changes were automatically updated in the other, via a web service.