在WCF中构建可靠的服务
[英]Building a reliable service in WCF
问题描述
I am currently designing a service (wsHttp) which should be used to return sensitive data. 
我目前正在设计一个服务(wsHttp),它应该用于返回敏感数据。 As soon as a client asks for this data, I get it from the database, compile a list, then delete the data from the database and return the list. 一旦客户端请求这些数据,我就从数据库中获取它,编译一个列表,然后从数据库中删除数据并返回列表。
My concern is that something happens on the way back to the client (network issues, ...) I have already deleted the data from the database, but the client will never get it. 我担心的是在返回客户端的过程中发生了某些事情(网络问题,......)我已经从数据库中删除了数据,但客户端永远不会得到它。
Which out of the box solution do I have here? 我有哪些开箱即用的解决方案?
3 个解决方案
解决方案1
1 2011-04-14 08:04:39
There is no out of the box solution for this. 没有开箱即用的解决方案。 You would need to implement some form of user/automated confirmation that the data had been recieved and only delete once this was returned. 您需要实现某种形式的用户/自动确认,即已收到数据,并且只有在返回后才会删除。
Ed 埃德
解决方案2
1 已采纳 2011-04-14 08:17:40
This is an inherent problem in the distributed computing. 这是分布式计算中的固有问题。 There is no easy solution. 没有简单的解决方案。 The question is how important it is to recover from such errors. 问题是从这些错误中恢复是多么重要。
For example, if one deletes some records but the client gets disconnected, next time he connects he will see those records as deleted. 例如,如果删除某些记录但客户端断开连接,则下次连接时,他会将这些记录视为已删除。 Even if he tries to delete them again (data stayed in the UI), this will do no harm. 即使他试图再次删除它们(数据留在UI中),这也不会有害。
For banks transferring money, they have an error resolution mechanism where they match the transactions that happened between them in a second process. 对于转移资金的银行,他们有一个错误解决机制,在这个机制中,它们匹配第二个流程中发生的交易。 Conflicts will be dealt manually. 冲突将手动处理。
Some systems such as NServiceBus rely on MSMQ for storing messages and eventual consistency where a message destined to a client will eventually arrive whenever he is connected again. 某些系统(如NServiceBus)依赖于MSMQ来存储消息和最终的一致性 ,其中发往客户端的消息最终会在他再次连接时到达。
解决方案3
0 2013-11-24 03:36:13
There is an easy solution. 有一个简单的解决方案。 But it doesn't come in a box. 但它不是一个盒子。
Protocols like WS-ReliableMessaging (or equally TCP/IP) give you a layer of reliability under your messaging, but all bets are off once that layer offloads the message to the layer above. 像WS-ReliableMessaging(或同样的TCP / IP)这样的协议在您的消息传递下为您提供了一层可靠性,但是一旦该层将消息卸载到上面的层,所有的赌注都会被关闭。
So reliability can only be fully addressed at the absolute highest layer - the application layer, not by any lower layer down the communication stack. 因此,只能在绝对最高层 - 应用层,而不是通信堆栈中的任何下层,完全解决可靠性问题。 This makes it a first class business concern, not a purely technical concern. 这使它成为一流的商业问题,而不是纯粹的技术问题。
The problem can be solved with a slight change to the process of deleting your sensitive data. 只需稍微更改删除敏感数据的过程即可解决问题。
Instead of deleting it immediately, flag it for deletion. 将其标记为删除,而不是立即删除它。 Then, build into the business processes that drive your service the assertion that the client must acknowledge receipt of the sensitive data. 然后,构建驱动您的服务的业务流程,断言客户端必须确认收到敏感数据。 Then, when you get the acknowledgement back you can safely delete the data flagged for deletion, knowing that it has been received. 然后,当您收到确认后,您可以安全地删除标记为删除的数据,并知道已收到该数据。
I recently wrote a blog post reasoning that reliability is a first class business concern that cannot be offloaded to a lower layer. 我最近写了一篇博客文章,推断可靠性是一流的商业问题,无法卸载到较低层。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.