views:

191

answers:

3

More of a design/conceptual question.

At work the decision was made to have our data access layer be called through webservices. So our website would call the webservices for any/all data to and from the database. Both the website & the webservices will be on the same machine(so no trip across the wire), but the database is on a separate machine(so that would require a trip across the wire regardless). This is all in-house, the website, webservice, and database are all within the same company(AFAIK, the webservices won't be reused by another other party).

To the best of my knowledge: the website will open a port to the webservices, and the webservices will in turn open another port and go across the wire to the database server to get/submit the data. The trip across the wire can't be avoided, but I'm concerned about the webservices standing in the middle.

I do agree there needs to be distinct layers between the functionality(such as business layer, data access layer, etc...), but this seems overly complex to me. I'm also sensing there will be some performance problems down the line.

Seems to me it would be better to have the (DAL)assemblies referenced directly within the solution, thus negating the first port to port connection.

Any thoughts(or links) both for and against this idea would be appreciated

P.S. We're a .NET shop(migrating from vb to C# 3.5)

Edit/Update Marked Dathan as answer, I'm still not completely sold(I'm still kind of on the fence, though leaning it may not be as bad as I feared), he provided a well thought out answer. I appreciated all the feedback.

+1  A: 

I like the idea because it gives you flexibility. We use a very similar approach because we can have more than 1 type of database storing our data (MSSQL or Oracle) depending on our customer install choices.

It also gives customers the ability to hook into our database if they choose not to use our front end web site. As a result we get an open API for little to no extra effort.

If speed is your most critical issue than you have to lessen your layers. However in most cases the time it takes for your web Service to process the request from the database does not add allot of time. (This is assuming you do your Web Service Layer Correctly, you can easily make it slow if you don't watch it.)

David Basarab
Uhm, you can have more than 1 type of database without using this web services extra layer approach.
systempuntoout
+1 In addition this makes the app simpler to scale; if needed it's very easy to separate the tiers and perhaps even add some load balancing in between.
CodingInsomnia
@systempuntoout Yesyou could. Especially with NHibernate, but we don't get the quick API, which is the main reason for the services.
David Basarab
+1  A: 

This is a questionable design, but your shop isn't the only one using it.

Since you're using .NET 3.5 and running on the same machine, you should use WCF with the netNamedPipesBinding, which uses binary data transfer over named pipes, only on the same machine. That should mitigate the performance issue somewhat.

John Saunders
+2  A: 

Both designs (app to web service to db; app to db via DAL) are pretty standard. Web services are often used when interfacing with clients to standardize the semantics of data access. The web service is usually able to more accurately represent the semantics of your data model than the underlying persistence store, and thus helps the maintainability of the system by abstracting and encapsulating IO-specific concerns. Web services also serve the additional purpose of providing a public interface (though "public" may still mean internal to your company) to your data via a protocol that's commonly accessible across firewalls. When using a DAL to connect directly to the DB, it's possible to encapsulate the data IO concerns in a similar way, but ultimately your client has to have direct access to the database. By restricting IO to well-defined semantics (usually CRUD+Query), you add an additional layer of security. This isn't such a big deal for you, since you're running a web app, though - all DB access is already done from trusted code. The web service does provide an increase in robustness against SQL injection, though.

All web service justifications aside, the real questions are:

How much will it be used? The website/web service/database format does impose slightly higher overhead on the web server - if the website gets hammered, you want to consider long and hard before putting another service on the same machine. Otherwise, the added small inefficiency is probably not a big deal. On the other hand, if the site is getting hammered, you probably want to scale horizontally anyway, and you should be able to scale the web service at the same time.

How much to you gain? One of the big reasons for having a web service is to provide data accessibility to client code - particularly when multiple possible application versions need to be supported. Since your web app is the only client to use the web service, this isn't a concern - it's probably actually less effort to version the app by itself.

Are you looking to expand? You say it probably won't ever be used by any client other than the single web app, but these things have a way of gaining in size. If there's any chance your web app might grow in scope or popularity, consider the web service. By designing around a web service, you're already targeting a modular, multi-host solution, so your app will probably scale with fewer growing pains.

In case you couldn't guess, I'm a web service fan. But the above are also my honest (if somewhat biased) opinions on the subject. If you do go the web service route, be sure to make it simple - keep application logic in the app and service logic in the service, and try to draw a bright line between them when extending the two. And do design your service for efficiency and configure the hosting to keep it running as smoothly as possible.

Dathan
@Dathan: why would a web service be more helpful than a DAO with the same interface as the web service? Also, I may not want my customers to have access to the same data access I use in my application. I may want to reserve certain operations, or even entire parts of the database, for my own use and not expose them to customers.
John Saunders
@John I noted in my answer that, in terms of interface and segregation of responsibilities, there's no practical difference between a web service and a well-designed in-process DAL. The web service just scales better, in my experience. For features, I assume by "not expose them to my customers" you mean you'd publish a DAL lacking those features? Web services offer the same via authentication and authorization. You can limit both the published metadata and the actual accessible features via authorization, without having to maintain two distinct versions of your DAL. FTW. (C:
Dathan
@Dathan: the view of my data I offer my customers may very will differ from that I use on my site. My DAL would obviously offer me everything I need. In terms of scale, I'd love to see numbers on the difference between a service and the equivalent DAL considering the same number of actual database servers.
John Saunders
@John If you want to control the data view offered your customers via the web app, that's fine. Presentation/controller logic is ideally suited for that purpose - probably better even than controlling data model views credentials at the service layer. I like the possibility of scaling out to a thick client / server model offered by the web service, though - beyond the scope of the OQ, but one of the winning features of web apps, IMO.
Dathan
@John In terms of numbers, if you simply increase the load on the server, you'll find - as you obviously expect - that the app/service/db version bottlenecks earlier than the app/dal/db version. IO logic is frequently a bottleneck, though, and building around a web service middle tier puts you in a better position to scale horizontally by migrating the web service to another box, or even across multiple machines and load-balancing. That's what I mean by scaling better.
Dathan
"why would a web service be more helpful than a DAO with the same interface as the web service" I was thinking along the same lines.
Chris L