Final Project Report On

Online Registration using Web

Services on a .NET Platform
Under the Guidance Of

Advisor: Prof. Abhilasha Tibrewal

Submitted By

Dinesh Lal (ID# 563956)

Index
Introduction

What is .NET?
What are Web Services?
Web Services Vs RPC/RMI/COM
Difference Between Web Service & Website
Web Service Security Model
Reason to choose ASP over ASP.NET
ASP.NET Security Architecture
ADO.NET Architecture
Online Registration Web Application
Implementation Detail
Conclusion
References

Introduction

This project has been implemented after a thorough study and

understanding of the concepts of Web Services & ADO.NET. In
this project I have tried my best to demonstrate the concepts of Web
Services as a latest technology on .NET platform and C# language by
creating an Online registration web application. I am thankful to
Prof. Abhilasha Tibrewal for her support, cooperation and highly
appreciate her suggestions provided during the entire phase of project
development.

What is .NET ?
NET is Microsoft's new Internet and Web strategy

.NET is a new Internet and Web based infrastructure

.NET delivers software as Web Services
.NET will run in any browser on any platform
.NET is based on the newest Web standards
In other words:
Microsoft .NET is a set of software technologies for connecting information,
people, systems, and devices. This new generation of technology is based on
Web servicessmall building-block applications that can connect to each
other as well as to other, larger applications over the Internet.

What are Web Services?

Web services are

small units of code
Web services are
designed to handle a
limited set of tasks
Web services use
XML based
communicating
protocols
Web services are
independent of
operating systems
Web services are
independent of
programming
languages
Web services
connect people,
systems and devices

What Are Web Services?

Although deceptively simple, XML is turning the way we build and use software
inside out. The Web revolutionized how users talk to applications. XML is
revolutionizing how applications talk to other applicationsor more broadly, how
computers talk to other computersby providing a universal data format that lets
data be easily adapted or transformed:
Web services allow applications to share data.
Web services are discrete units of code; each handles a limited set of tasks.
They are based on XML, the universal language of Internet data exchange,
and can be called across platforms and operating systems, regardless of
programming language.
Main motivations behind the development of web services:
The client and the web service can be remote from each other.
The client and the web service can use a totally different operating system or
programming language.
The web service can be made available through firewalls that allow port 80 but
block other ports.

Web Services Vs RPC/COM/RMI

Prior to web services, programmers have relied on sockets, RPC (Remote
Procedure Calls), distributed COM (DCOM), and RMI (Remote Method
Invocation) technologies to create distributed applications.

The major problem with the above solutions is:

That they are difficult to program (e.g., sockets),
Require both the client and server side to be using the same technology
(e.g., DCOM is mostly windows based, and RMI is Java based requiring
both the client and server programs to be written in Java).

The web services architecture overcomes these limitations.

What's the difference between a

Web service and a website?

Unlike websites, which are pictures of data designed to be viewed in a browser

by a person, a Web service is designed to be accessed directly by another
service or software application.

Web services are reusable pieces of software that interact programmatically

over the network through industry recognized standards (XML and SOAP).
Web services can be combined with each other and other applications to build
intelligent interactive .NET experiences.

Web Service Security Model

Web service security can be applied at three
levels:
Platform/transport-level (point-to-point)
security
Application-level (custom) security
Message-level (end-to-end) security

Platform/Transport Level (Pointto-Point) Security

The transport
channel
between two
endpoints (Web
service client
and Web
service) can be
used to provide
point-to-point
security.

Application Level Security

With this approach, the application takes over security and uses custom security
features. For example:

1. An application can use a custom SOAP header to pass user credentials to

authenticate the user with each Web service request. A common approach is to
pass a ticket (or user name or license) in the SOAP header.

2. The application has the flexibility to generate its own IPrincipal object that
contains roles. This might be a custom class or the GenericPrincipal class
provided by the .NET Framework.

3. The application can selectively encrypt what it needs to, although this
requires secure key storage and developers must have knowledge of the
relevant cryptography APIs.
4. An alternative technique is to use SSL to provide confidentiality and integrity
and combine it with custom SOAP headers to perform authentication.

Message Level (End-to-End)

Security

This represents the

most flexible and
powerful approach and
is the one used by the
GXA initiative,
specifically within the
WS-Security
specification.

Reason to choose ASP.NET over ASP:

ASP.NET has been greatly improved over the ASP technology in .Net. Some of
the important features of ASP.NET and the improvements over the classical
ASP technology include:
ASP.NET is completely compiled code on the server side as opposed to interpreted
code in the traditional ASP technology. This helps improves the performance of the
web site greatly.
ASP.NET is completely object-oriented as the entire code is written in one of the
.Net languages (C# being the most common and most powerful). Traditional ASP
used the ActiveX/COM technology to create tiered architectures and give the serverside the code somewhat of an object-oriented feel. Traditional ASP also used
ActiveX/COM components to accomplish sophisticated tasks such as sockets,
sending emails, uploading files to the server etc.. ASP.NET eliminates the need to use
ActiveX/COM components as the entire framework class library is available to
accomplish any sophisticated task.
ASP.NET provides a clean separation between the GUI and the server-side code.
Each web page typically has two parts to it: a .aspx file containing the HTML
presentation, and a code behind file (with .cs or .vb extension) containing the related
server-side code. Thus by default, the ASP.NET provides a 2-Tier architecture which
can be easily implemented as a multi-tier design as the complexity of the web
application increases.

Reason to choose ASP.NET over ASP:

ASP.NET further improves the performance by providing powerful serverside caching of the executed code for a faster response to the client.
The associated ADO.NET technology for dealing with databases also has
smart caching of records available in the form of the dataset for a very
high performance data driven web application.
ASP.NET is backwards compatible with the classical ASP technology.
ASP.NET has a much easier deployment of web applications. Simply copy
the web application directory to a target machine and set up the appropriate
virtual directory to run the application.
ASP.NET can use the ActiveX/COM components if needed through the
RCW (Runtime Class Wrapper) feature of .Net. Although all new
development in ASP.NET can be accomplished without the ActiveX/COM
components.
For creating scalable, tiered architectures, ASP.NET still uses the COM+
technology. However, the COM+ programming is made much simpler by
the use of special attributes that can be specified for the .Net classes that
will be converted to COM+ components.

Reason to choose ASP.NET over ASP:

ASP.NET provides excellent client-side data validation in the form of

specialized validators. These validators generate the appropriate client-side
Javascript code for data validation on the client side. Thus the need to
program in Javascript directly on the client-side is greatly reduced.
ASP.NET provides a powerful server-side event driven model for web
application development where different HTML elements (server controls)
on the client-side trigger events on the server-side (the associated code
behind file for the aspx file contains the event handlers for these events).
ASP.NET provides a very easy way to maintain the state of client-side
elements once a server-side event is triggered by one of these elements and
the form is submitted to the server.
ASP.NET provides an AutoPostBack property for server-side controls so
that if anything is changed in the control, the data is posted to the web
server. For example, if a checkbox is checked or unchecked, the server-side
event handler can be triggered if its AutoPostBack property is set to true.
Although Visual Studio.Net is not required for developing ASP.NET
applications, it makes the web application development much easier by
providing an array of server-side controls, their visual placement and
writing of the skeleton code for the event handlers for these.

ASP.NET Security Architecture

ASP.NET works in conjunction with IIS, the .NET Framework, and the
underlying security services provided by the operating system, to
provide a range of authentication and authorization mechanisms .

ADO.NET Data Architecture

Data access in ADO.NET relies on two components: the DataSet, which
stores data on the local machine, and the Data Provider, which mediates
interaction between the program and the database

The DataSet

The DataSet is a disconnected, inmemory representation of data.

Data can be loaded into a DataSet from
any valid data source, such as a
Microsoft SQL Server database, a
Microsoft Access database, or an XML
file.
The DataSet is persisted in memory, and
the data therein can be manipulated and
updated independent of the database.
The DataSet object contains a
collection of zero or more DataTable
objects, each of which is an in-memory
representation of a single table.
The structure of a particular DataTable
is defined by the DataColumns
collection, which enumerates the
columns in a particular table, and the
Constraint
Collection,
which
enumerates the constraints on the table.

Steps to create a DataSet Object

The basic approach for transferring
data from a data source into a
DataSet can be set out as follows:

Create a connection object

Create a command object to hold
our SQL statement
Create a DataSet object
Create one or more DataTable
objects in the DataSet
Create a data adapter with the
connection and command objects
Use the Fill() method of the data
adapter to transfer data (and it
schema) from the connection object
into a DataTable of the DataSet.

Disconnected Database Access

As applications become more complex and databases begin to serve
more and more clients, a connected data access technology becomes
impractical for a variety of reasons. For example:

Open database connections are expensive in terms of system resources.

The more open connections, the less efficient system performance
becomes.

Applications with connected data access are very difficult to scale up. An
application that can maintain connections with two clients might do
poorly with 10, and might be completely unusable with 100.
ADO.NET addresses these issues by implementing a disconnected
database access model by default.

Online Registration Web Application

The main modules of the Application include:

Client Module (.NET Web Application): - This module

comprises of the Web Forms (.aspx Files) by which, the methods of the
web service (Server Methods) are invoked.

Server Module (.NET Web Service): - This module (.asmx

files) basically acts as a mediator between the client and the database. It
has datasets for storing required information about student information,
administrator information, and course information. It queries the
database based on the request made by the clients.

Database Module: - It (.mdb files) comprises of the databases for

storing information about student information, course information,
student account information, authorized user information, and
administrator information and it responds to the Server queries.

Implementation Details
Client Module: - This module is implemented as a .NET Web Application
that includes .aspx files (Web Forms) and. aspx.cs files (C#, code behind the form).
The Web Forms in this module are as follows: -

The Home Page WebForm: (WebForm8) - This enables the client to

either log on as a student or administrator in the online registration website of
the University.
Student Log In WebForm: (WebForm1) - This form enables the student
to log in by using the right User ID and Password and student can also check
his/her account balance.
Administrator WebForm: (WebForm6) - This form enables the
administrator to log in by using the right User ID and Password
Registration WebForm: (WebForm2) - This WebForm enables the new
student to get registered to the website and select the user id and password
and personal information, which it can use later.

Implementation Details
Client Module: - This module is implemented as a .NET Web Application

that includes .aspx files (Web Forms) and. aspx.cs files (C#, code behind
the form). The Web Forms in this module are as follows: -

Update Course WebForm: (WebForm13) - This form enables the

administrator to update the existing course information.
Insert New Course WebForm: (WebForm9) - This form enables the
administrator to insert new course information.
Insert New Assigned User WebForm: (WebForm11) - This form
enables the administrator to insert new authorized user in the database.
Update Student Account WebForm (WebForm12) - This form
enables the administrator to update the student current account.

Implementation Details
Client Module: - This module is implemented as a .NET Web

Application that includes .aspx files (Web Forms) and. aspx.cs files
(C#, code behind the form). The Web Forms in this module are as
follows: -

Add Course WebForm: (WebForm3) - This WebForm enables the

student to select and add course he wants to register for.

Drop Course WebForm: (WebForm4) - This WebForm enables the

student to select and drop course he/she wants to drop.

Implementation Details
Server Module: - This module is implemented as a .NET
Web Service consisting of .asmx Files.
The client module creates a web reference in order to invoke the web
methods of this module.
A Proxy class named Reference.cs is generated based on the web reference
created by the client. This proxy class consists of all the web method
definitions that exist in the .asmx File and makes all remote method calls
appear as local method calls to the client.
This module basically acts as a mediator between the database and the clients.
It has databases for storing required information about students, administrator
and courses.
It queries the database based on the request made by the clients.

Implementation Details
The .asmx File has following Web Methods through which the client
Communicates with the Server:

GetID() Queries Student ID and Password in Student Data Table in

db1.mdb(MS Access) database and stores it in a DataTable Course in
myDS Dataset used to sign in as a student.
GetPassword()- Queries Password in Student Data Table in db1.mdb(MS
Access) database and stores it in a DataTable aa in myDS_2 Dataset
used to sign in as a student.
GetDrop()Queries
StudentCourse.StudentID,
StudentCourse.CourseID, CourseName, course_date, course_time,
Credit, Faculty, Campus, Capacity, Status, Enrollment in StudentCourse
Data Table in db1.mdb(MS Access) database and stores it in a DataTable
aa in myDS_2 Dataset used to select the course student want to drop.

Implementation Details
The .asmx File has following Web Methods through which the client
communicates with the Server: GetStudentID()-Queries
StudentCourse.StudentID,
StudentCourse.CourseID in StudentCourse Data Table in db1.mdb(MS
Access) database and stores it in a DataTable cc in myDS_2 Dataset
used to select the course registered by students and courses taken by
student.
GetCS_Courses() - Queries Course Information in Course Data Table
in db1.mdb(MS Access) database and stores it in a DataTable bb in
myDS_2 Dataset, used to display the course offered on a Datagrid in
WebForm3.aspx.
Balance()- Queries StudentID, Pass, PreviousAccountBalance,
CurrentAccountBalance in StudentAccount Data Table in
db1.mdb(MS Access) database and stores it in a DataTable Account
in myDS Dataset, used to display the Account Balance on a Datagrid
in WebForm1.aspx.

Implementation Details
The .asmx File has following Web Methods through which the client
Communicates with the Server: GetAdminID() - Queries AdminID, AdminPass in Administrator Data Table in
db1.mdb(MS Access) database and stores it in a DataTable AccessID in
myDS Dataset used to sign in as an Administrator.
GetAdminPassword() Queries AdminPass in Administrator Data Table in
db1.mdb(MS Access) database and stores it in a DataTable AccessPass in
myDS_2 Dataset used to sign in as an Administrator

Implementation Details
The Database Module contains following tables :
Administrator - Stores information about the Administrator ID &
Administrator Password.
Assigned User - Stores information about the Authorized students of the.
Course - Stores information about the Course.
Student Stores information about the Students enrolled in the university.
Student Account - Stores information about the Students Account
information.
Student Course - Stores information about the Course registered by
students and Courses taken by a student. It has a One to Many relationship
with Data Table Student and Data Table Course.

Conclusion

This project reflects the performance of the

latest technologies - Web Services, & .NET
based on my best efforts and hard work.

References
Beginning ASP.NET by Chris Ullman, John Kauffman,
Chris Hart, David Sussman, Wrox Publishers.
Professional C# by Simon Robinson, Karli Watson, Burton
Harvey, Jay Glynn, Christian Nagel, Wrox Publishers.
CSS 555 Notes, Prof.Ausif Mahmood,
www.bridgeport.edu.
www.microsoft.com/net
www.asp.net
www.threeguysfromroilla.com