Hi,
Recently I've discovered asp page methods. Little web service type calls.
Though I'm left wondering, what are page methods really good for? I was thinking validation of form data on the server, eliminating the need to double up on validation on both client and server.
But in the real world, what can they be used for? Should they be used for validation and how would one go about protecting these page methods from being hammered or abused?
They are good for Ajax calls to the server. Instead of creating a separate WCF/Web service you can encapsulate page logic inside the same some_page.aspx.cs file. Can be used for anything regarding client/server communication/processing.
Regarding any abuse (method being called all over from anywhere etc), make sure client has to pass certain data to them. When loading a page you could for instance symmetrically encrypt some value (UserID/sessionID/anything else) and pass it to the client. When calling page method you can send that value back, and server side code will be able to check whether this call has been posted back from your previously loaded page. Since code is only used by server it can be symmetrically encoded/decoded.
You can use them for calling anything that has to be done at server side (rules, actions or whatever) from client side using scripting. Very useful to avoid page reloads.