ASP.NET 设计问题 - Web 服务
[英]ASP.NET Design question - Web Services
问题描述
Creating a web interface so our helpdesk can create users and setup some of the applications that are used in our environment, the web interface is written in ASP.NET but I'm seeking advice on the best way to implement the backend.
创建一个 web 接口,以便我们的帮助台可以创建用户并设置一些在我们的环境中使用的应用程序,web 接口是用 ASP.NET 编写的,但我正在寻求有关实现后端的最佳方法的建议。
I was planning to use a web service to do the creation of accounts.我计划使用 web 服务来创建帐户。 My main concern is security and seperation of concerns so I didn't think app domains would be sufficent.我主要关心的是安全性和关注点分离,所以我认为应用程序域是不够的。
The idea is to take the information through the web service request and spawn a thread under a priviledged account to do the actual work.这个想法是通过 web 服务请求获取信息,并在特权帐户下生成一个线程来执行实际工作。 As we have other systems we may end up using multiple web services.由于我们有其他系统,我们最终可能会使用多个 web 服务。
Can anyone see issues with this or have better suggestions?任何人都可以看到这个问题或有更好的建议吗?
1 个解决方案
解决方案1
1 已采纳 2011-06-06 00:41:06
You propose a reasonable solution but I can think of an alternative.您提出了一个合理的解决方案,但我可以想到一个替代方案。 Dealing with threads can be a pain in ASP.NET applications.在 ASP.NET 应用程序中处理线程可能会很痛苦。 Not impossible but a pain.不是不可能,而是痛苦。 Are you spawning a thread so that your task can run under a separate identity, or is it because the task can be long running, or both?您是在生成一个线程以便您的任务可以在单独的身份下运行,还是因为该任务可以长时间运行,或者两者兼而有之? Another thing to consider is how you authenticate users.要考虑的另一件事是如何验证用户身份。 You will need to know how to impersonate another user account with ASP.NET.您将需要知道如何使用 ASP.NET 模拟另一个用户帐户。
Depending on load and other factors it might be better to introduce a queue into your applications (in a database, or using MSMQ, Rhino Queues, or similar).根据负载和其他因素,最好将队列引入您的应用程序(在数据库中,或使用 MSMQ、Rhino 队列或类似的)。 When a request comes in validate it.当一个请求进来验证它。 If it is OK then dump it into the queue and return a correlation ID to the client.如果没问题,则将其转储到队列中并向客户端返回相关 ID。 The client can check the status of the task using this ID.客户端可以使用此 ID 检查任务的状态。
Your queue could be stored in a database or you can use a specific queuing API/system.您的队列可以存储在数据库中,或者您可以使用特定的队列 API/系统。 Create a separate app that runs as scheduled job, or Windows service.创建作为计划作业运行的单独应用程序或 Windows 服务。 This application would run under a separate ID from clients that call your web service, and does the work you would do on the other thread.此应用程序将在与调用您的 web 服务的客户端不同的 ID 下运行,并执行您将在另一个线程上执行的工作。 When the queued work is completed, the database updated with the status.当排队的工作完成时,数据库会更新状态。
By doing this you avoid having any special code in your ASP.NET application and have a clean distinct interface between your concerns.通过这样做,您可以避免在 ASP.NET 应用程序中包含任何特殊代码,并且在您的关注点之间有一个清晰独特的接口。 If a task fails, say a 3rd party application you are setting up is offline, then you have an opportunity to retry the operation.如果任务失败,比如您正在设置的第 3 方应用程序离线,那么您有机会重试该操作。 I've found this method to be easier to monitor too.我发现这种方法也更容易监控。 If an application is offline, it also lets you continue to accept incoming requests without too much difficulty.如果应用程序处于脱机状态,它还可以让您继续接受传入请求而没有太大困难。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.