c# - Call web service from SQL CLR? -
i have sql server 2012 stored procedure returns table. have modify sp add additional value returned table. unfortunately, added value comes call web-service. research, gather main ways using ole automation procedures (sp_oa...) in sql, or sqlclr stored procedure. given security context in sp_oa... procedures run, single return value varchar(10) registration key, , calls service few (ten twenty per hour), i'm guessing sqlclr method way go. also, web-service hosted on our intranet, , not accessible outside world.
is there better way accomplish need? better meaning more performant, better security, easier code , maintain
please not use sp_oa* ole automation procedures. not appear officially deprecated, sqlclr replaces both ole automation procedures extended stored procedures.
yes, can done enough in sqlclr. can find examples on using wcf (as shown in @codecaster's answer) or using httpwebrequest / httpwebresponse (i have more info in answer: how invoke webservice sql server stored procedure ). also, please aware need add serialization assembly: using webservices , xml serialization in clr integration
coding , maintenance
web services provide nice api, if change structure have recompile , redeploy @ least part of this. assuming information being exchanged simple enough, tend think treating standard web request adds lot of flexibility. can create generic web request function (scalar or tvf) takes in parameters , uri , constructs formatted xml request , sends uri. gets response , merely returns xml. shift little bit of responsibility since need parse xml response rather getting nice object. but, xml easy parse in sql server, , can re-use function in number of places. and, if remote service ever updated, updating stored procedure change query string passed web service and/or change parsing of xml response simple alter procedure , should easy test. no need recompile / redeploy sqlclr assembly.
security
regardless of how "pure" of web service call want, main thing, security wise, not lazy , turn trustworthy on (as shown in linked page @codecaster's answer, , unfortunately other examples here on interwebs). proper way make secure following:
- sign assembly
- in
[master]database, create asymmetric key dll of assembly. - also, in
[master], create login asymmetric key - grant new login
external access assemblypermission - create assembly
permission_setofexternal_access, notunsafe
Comments
Post a Comment