Collaborate Chapter 5 Querying, Managing, and Administering Databases Using SQL Server 2005 5.3 ¤NIIT In this section, you will learn about:  Web services  Securing HTTP endpoints The evolution of the Internet and its exponential growth in recent years has resulted in a gradual shift from desktop to distributed applications. This shift has led to the development of complex enterprise applications that are managed across different platforms and geographical boundaries. These applications may consist of components that are developed by using different programming languages and hosted in heterogeneous environments. Therefore, the development of distributed applications involves ensuring that such components are interoperable. For this Microsoft has introduced Web services. Defining a Web Service A Web service exposes a number of methods to provide functionality that can be used by one or more applications, regardless of the programming languages, operating systems, and hardware platforms used to develop them. For example, you can create a Web service by using the .NET platform, which extracts the logon information from the server and returns the result to the client application. This Web service can be used on any operating system and any hardware platform. The methods that provide such functionality are called Web methods. The functionality exposed by a Web service can be accessed by applications by using Internet standards, such as Simple Object Access Protocol (SOAP). SOAP is a protocol that uses Extensible Markup Language (XML) to describe data and HyperText Transfer Protocol (HTTP) for transmitting application data. An application that uses a Web service is called a Web service client. A Web service is similar to a component that provides a specific functionality. However, components use object model-specific protocols, such as Internet Inter-ORB Protocol (IIOP) and Remote Method Invocation (RMI), for communicating with client applications. This communication approach is constrained by dependencies on vendor implementations, hardware platforms, programming languages, and data-encoding schemes. In simple words, the communication approach requires a similar infrastructure at both client and server sides. This approach is acceptable when the use of components is confined to controlled environments. The use of components is not practical on the Internet because the Internet is a huge network of networks, which can be accessed by a Knowledge Byte W eb Services ¤NIIT 5.4 Querying, Managing, and Administering Databases Using SQL Server 2005 wide variety of clients. You cannot expect all clients to use the same infrastructure as that of the component server. In contrast to components, Web services use Internet standards, such as HTTP and XML, to communicate with client applications. This communication approach makes Web services independent of any language or platform. Any computer that has access to the Internet can easily access a Web service. This also enables a number of applications residing on a variety of software and hardware platforms to exchange data. For example, a news network such as CNN can create a Web service, which exposes a method that accepts the news category as a parameter and returns the news items belonging to the specified category. To use this Web service in an application or a website, you can design a form to accept the news category from a user. This form can invoke the method exposed by the Web service and display the news items returned by the method. The architecture of Web services takes the best features of components and combines them with the Web. Depending on the requirements of a business, different types of Web services can be created and used in an application. For example, you can create simple Web services that provide a fundamental functionality, which can be used in multiple applications. You can also create Web services to integrate the existing applications that might have been created by using different software and hardware platforms. Web services can also prove to be useful in business-to-business transactions. Business partners may have applications running on different platforms. These applications can exchange data by using Web services. Enabling Technologies Used in Web Services A Web service can be created by using any programming language in the .NET suite, such as Visual Basic .NET, Visual C# .NET, and Visual C++ .NET. However, certain requirements need to be fulfilled to enable applications to access the functionality provided by Web services. These requirements are:  A common data representation format to ensure the interoperability of the data exchanged by the client application and the Web service.  A standard method for sending messages from the client application to the Web service and vice versa.  A standard format for describing the Web service.  A mechanism to allow client applications to discover the Web services and their locations. To cater to these requirements, various standards such as XML, SOAP, and Web Services Description Language (WSDL) are used to develop and access Web services. In addition, the Universal Description Discovery and Integration (UDDI) initiative is used to allow client applications to discover the Web services provided by various Web service providers. Querying, Managing, and Administering Databases Using SQL Server 2005 5.5 ¤NIIT XML A client application passes arguments to a method exposed by a Web service. The method performs some action on the arguments and returns the results to the client application. The data returned by the Web service can be used by the client application, regardless of the hardware and software platform used to develop the application. To enable this kind of data interchange, you require a standard data representation format that can be understood by any platform. XML caters to this requirement because it is a plain-text format that can be understood by any kind of device. SOAP To communicate with each other, a Web service and a client application must agree upon a common protocol. SOAP is a standard communication protocol for exchanging information in a structured format in a distributed environment. The information exchanged between the client application and the Web service is called a message. Messages include the calls made by a client application to a Web method and the data returned by the Web method to the client. When a client application requests for a Web method, a SOAP packet is created. This packet contains the name of the Web method to be invoked and the parameters to be passed to the Web method in an XML format. This information is used to invoke the Web method with the appropriate parameters. When the SOAP packet arrives at the Web server on which the Web service resides, the Web method name and its parameters are extracted from the SOAP packet and the appropriate Web method is invoked. WSDL To use a Web service, the developers of a client application should be aware of the methods exposed by the Web service and the parameters to be passed to these methods. Therefore, you need a standard method to describe the methods that are exposed by a Web service. This information should be readily accessible to the Web service clients during the design phase. This is achieved by using WSDL. A WSDL document contains the following information about a Web service:  The Web services available for a given website.  The purpose for which these services can be used.  The types of parameters that need to be passed to a Web service.  The type of value that is returned by a Web service.  The format used to access these Web services.  The URL at which a Web service can be accessed. ¤NIIT 5.6 Querying, Managing, and Administering Databases Using SQL Server 2005 UDDI UDDI provides a standard mechanism to register and discover a Web service. When a Web service provider wants to make a Web service available to client applications, the provider describes the Web service by using a WSDL document. Then, the provider registers the Web service in the UDDI Directory. The UDDI Directory contains pointers to the Web service and the WSDL document for the Web service. Client applications can then discover the Web service by using the UDDI Directory. The following diagram depicts the relation among the various enabling Web service technologies: Relation Among Enabling Web Service Technologies Read the following topic in section Implementing the HTTP Endpoints for Web Services of Chapter 10 of the book Querying and Managing Data Using SQL Server 2005:  Securing HTTP Endpoints Securing HTTP Endpoints Describes Locates a Web Service Client Application Web Service UDDI Registry WSDL Document Communication through SOAP messages Querying, Managing, and Administering Databases Using SQL Server 2005 5.7 ¤NIIT This section contains:  Best practices  Tips and tricks  FAQs The following best practices can be considered while using triggers and transactions in SQL Server 2005:  Recompile triggers: Any change made to a trigger or a procedure requires recompilation of the trigger or procedure. You can use sp_recompile system procedure on a trigger or a stored procedure to recompile so that the updated procedure and trigger can be used. When sp_recompile is run on a table or a view, all the stored procedures that reference that table or view are recompiled the next time they run.  Disable triggers if not in use: Disable all the triggers on a database if you do not want to use them for sometime. You should not delete a trigger if you do not need its action for a temporary period. The following command allows you to disable all triggers: EXEC sp_MSforeachtable @command1="ALTER TABLE ? DISABLE TRIGGER ALL"  Use managed code: If you have to write complex procedural code use the CLR managed code. It is faster than T-SQL statements. If you have a background of programming in VB or C#, you need not have to learn another langauge to write the code in SQL Server 2005.  Use T-SQL: If you have data access task that contain little or no procedural code, use T-SQL programming. This is because you can write and execute it directly from the Code Editor Result window. The following tips and tricks will help you effectively use triggers and transaction statements in SQL Server 2005:  You can store the information of a record when it is being changed by using the INSERT, UPDATE, or DELETE statements. You can create a trigger to extract the information of the record that is being changed by using the inserted and deleted tables. From the Expert’s Desk Tips and Tricks Best Practices ¤NIIT 5.8 Querying, Managing, and Administering Databases Using SQL Server 2005  You can use the managed code to create a trigger, stored procedure, and user defined function. Use the following code to create a trigger using managed code: public partial class Triggers { [SqlTrigger(Target="authors", Event="FOR UPDATE")] public static void AuthorsUpdateTrigger() { // } }  You can resolve deadlocks in transactions by using a TRY/CATCH block. A TRY/CATCH block helps write structured and well-designed deadlock-resolving code, capable of trapping errors that were not found in previous versions of the SQL Server.  You should use the exception handling with the transactions. If any exception occurs in a transaction execution, you should rollback the transaction. You can use the following code sample to handle the exception with transaction: BEGIN TRY BEGIN TRANSACTION INSERT Sal VALUES (10000) INSERT Sal VALUES (20000) COMMIT TRANSACTION END TRY BEGIN CATCH ROLLBACK END CATCH  How can you perform an action when the schema of a table is changed? You can use DDL triggers to perform an action when the schema of a table is changed. DDL triggers can only be created to fire AFTER the triggering event has occurred, as opposed to DML triggers that can fire AFTER the event or INSTEAD OF the event.  Which category of triggers is available with SQL Server 2000? SQL Server 2000 supports DML triggers. SQL Server 2005 has introduced another category of trigger named DDL trigger. FAQs Querying, Managing, and Administering Databases Using SQL Server 2005 5.9 ¤NIIT  How can you restrict an update on the column of a table? To restrict a column update, use the following syntax: CREATE TRIGGER <trigger name> ON <db name>.<table name> FOR UPDATE AS IF UPDATE(<col name>) BEGIN RAISERROR ('Cannot be updated',10,1) ROLLBACK TRANSACTION END GO  Which new feature has been added to SQL Server 2005, which is an enhancement to T-SQL? The .NET Common Language Runtime is an enhancement to T-SQL. It gives much more flexibility to programming in SQL Server 2005 as compared to T-SQL.  In which different languages can you write managed code? You can write managed code by using Visual Basic, Visual C#, and Visual C++. ¤NIIT 5.10 Querying, Managing, and Administering Databases Using SQL Server 2005 1. Which of the following is not a standard for Web service? a. UDDI b. HTML c. WSDL d. SOAP 2. Which of the following requirements does an application need to meet to use a Web service? a. A standard format for designing a Web service. b. A standard language for sending messages from the client application to the Web service. c. A common data representation format of the data exchanged. d. A mechanism to allow a Web service to locate a client. 3. Which of the following Web service standard describes a Web service? a. WSDL b. UDDI c. XML d. SOAP 4. Which of the following is a correct sequence of steps to secure HTTP endpoints? a. i. Create appropriate user accounts within the database. ii. Grant permission for a stored procedure or user-defined functions that the user needs to access by using a Web service. iii. Grant permission to users to connect to HTTP endpoints. b. i. Create appropriate user accounts within the database. ii. Grant permission to users to access HTTP endpoints. iii. Grant permission to users for a stored procedure or user-defined functions that the user needs to access by using a Web service. c. i. Create appropriate user accounts within the database. ii. Grant permission for a database that the user needs to access by using a Web service. iii. Grant permission to users to connect to HTTP endpoints. d. i. Grant permission for a stored procedure or user-defined functions that the user needs to access by using a Web service. ii. Grant permission to users to connect to HTTP endpoints. iii. Create appropriate user accounts within the database. Challenge . Collaborate Chapter 5 Querying, Managing, and Administering Databases Using SQL Server 2005 5.3 ¤NIIT. section Implementing the HTTP Endpoints for Web Services of Chapter 10 of the book Querying and Managing Data Using SQL Server 20 05:  Securing HTTP Endpoints Securing HTTP Endpoints Describes. following best practices can be considered while using triggers and transactions in SQL Server 20 05:  Recompile triggers: Any change made to a trigger or a procedure requires recompilation of