使用Web服务从SQL Server数据库中检索数据

时间:2022-10-24 01:53:13

Recently I have been developing a system to run a high secured database (using vb.net and SQL Server 2005). I want to increase the security of the database so no connection will be made directly to the database but instead a HttpWebRequest is sent to a web service which then connects to the database and returns the requested data table in XML format.

最近我一直在开发一个运行高安全数据库的系统(使用vb.net和SQL Server 2005)。我想增加数据库的安全性,因此不会直接与数据库建立连接,而是将HttpWebRequest发送到Web服务,然后Web服务连接到数据库并以XML格式返回请求的数据表。

My concern is just about the performance, I can not decide either to let clients connect directly to the database or let the connection go through the web service.

我关心的只是性能,我不能决定让客户端直接连接到数据库,还是让连接通过Web服务。

I can make the connection go directly to the database for many reasons, let say that connection is through the service:

我可以将连接直接转到数据库有很多原因,假设连接是通过服务:

  1. Will it give me a better performance?
  2. 它会给我一个更好的表现吗?
  3. Will the size of retrieved data will be larger than the regular response of the SQL Server?
  4. 检索到的数据的大小是否会大于SQL Server的常规响应?

Any ideas about this will help a lot, thanks in advance.

任何有关这方面的想法都会有所帮助,在此先感谢您。

2 个解决方案

#1


0  

1) Through the WebService, it will not give you a better performance, since it's adding a layer of code between your client and the database.

1)通过WebService,它不会给你更好的性能,因为它在你的客户端和数据库之间添加了一层代码。

2) Since webservices use an envelope and a header, my best guess would be that the data is bigger. Unless you have large sets of data, it shouldn't hurt your performance too much.

2)由于webservices使用信封和标题,我最好的猜测是数据更大。除非您拥有大量数据,否则不会对您的性能造成太大影响。

Nevertheless, I would still use a WebService, to avoid exposing my database directly to the internet, thus limiting security breaches. Also, using a webservice allows you to write your security rules in it, and discard possible code injection and other security threats before it can reach your database.

尽管如此,我仍然会使用WebService,以避免将我的数据库直接暴露给互联网,从而限制了安全漏洞。此外,使用Web服务允许您在其中编写安全规则,并在可以访问数据库之前丢弃可能的代码注入和其他安全威胁。

#2


0  

Using web service is a best choice but this need to be used wisely. You cannot just have a web service and start downloading data through it. A bad design/architecture may hit performance as well as security.

使用Web服务是最佳选择,但需要明智地使用它。您不仅可以拥有Web服务并开始通过它下载数据。糟糕的设计/架构可能会影响性能和安全性。

If you can share some more details about your scenario, i.e., number of clients that can connect to web service, frequency of connections, volume of data, then i can suggest you some architecture.

如果您可以分享有关您的方案的更多详细信息,即可以连接到Web服务的客户端数量,连接频率,数据量,那么我可以建议您使用一些架构。

#1


0  

1) Through the WebService, it will not give you a better performance, since it's adding a layer of code between your client and the database.

1)通过WebService,它不会给你更好的性能,因为它在你的客户端和数据库之间添加了一层代码。

2) Since webservices use an envelope and a header, my best guess would be that the data is bigger. Unless you have large sets of data, it shouldn't hurt your performance too much.

2)由于webservices使用信封和标题,我最好的猜测是数据更大。除非您拥有大量数据,否则不会对您的性能造成太大影响。

Nevertheless, I would still use a WebService, to avoid exposing my database directly to the internet, thus limiting security breaches. Also, using a webservice allows you to write your security rules in it, and discard possible code injection and other security threats before it can reach your database.

尽管如此,我仍然会使用WebService,以避免将我的数据库直接暴露给互联网,从而限制了安全漏洞。此外,使用Web服务允许您在其中编写安全规则,并在可以访问数据库之前丢弃可能的代码注入和其他安全威胁。

#2


0  

Using web service is a best choice but this need to be used wisely. You cannot just have a web service and start downloading data through it. A bad design/architecture may hit performance as well as security.

使用Web服务是最佳选择,但需要明智地使用它。您不仅可以拥有Web服务并开始通过它下载数据。糟糕的设计/架构可能会影响性能和安全性。

If you can share some more details about your scenario, i.e., number of clients that can connect to web service, frequency of connections, volume of data, then i can suggest you some architecture.

如果您可以分享有关您的方案的更多详细信息,即可以连接到Web服务的客户端数量,连接频率,数据量,那么我可以建议您使用一些架构。