CODEWITHSUNDEEP
c#.netvb.nettcpnetwork-programming
arc
arc

Reputation: 91

Handling client/server communications over TCP - general question

It's a little tricky to Google my question, because it's more of a question about the process rather than a strictly technical issue.

I'm setting up a basic TCP client/server system and I'm wondering how the back-and-forth communication should ideally work. In my specific situation, the client will have to submit login credentials, and make specific requests from the server (the server interacts with a remote database).

Here is what I would THINK to do.. and I'm just looking from input from other devs.

SERVER: Wait for new connections
CLIENT: Connects to server
CLIENT: Once connected, send login credentials with an instruction code.
        i.e. $LOGIN$,username,password
SERVER: Check instruction code, if code = $LOGIN$, try to authenticate
SERVER: If authentication fails, send user message saying login failed
        i.e. $MSG$,101,Login Failed
CLIENT: If instruction code = $MSG$ and if message id = 101, display message and disconnect.

And another scenario.. let's say the client wants to request a log of what's happened on the server recently (the text of a console application window).

CLIENT: Send request message to server for recent log
        i.e. $REQ$,105
SERVER: If instruction = $REQ$ and request id = 105, get window text and send to client
        i.e. $DATA$,105,<data here>
CLIENT: If instruction = $DATA$ and data id = 105, parse data and display to user

The data being requested could be plain text, or a .net datatable translated into XML, etc. It could be a variety of things.

Thoughts on this? Tips?

Thanks!

Upvotes: 1

Views: 1403

Answers (1)

Stephen Cleary
Stephen Cleary

Reputation: 456477

I highly recommend using WCF Data Services over a secure (https) connection. It's ideal for exposing datasets over the network in a flexible and efficient manner, relying on proven ASP.NET authentication for security.

If you still want basic TCP/IP, consider the following:

  • You'll need encrypted communications (SSL/TLS or similar), since you're passing authentication information.
  • A common structure for messages is "type, length, data" (TLD). This enables some backwards compatibility, since the receiver may skip over message types it doesn't recognize.
  • Remember that TCP/IP is not a messaging protocol but a streaming protocol, so you'll need message framing.
  • You'll also need to include provisions for detecting half-open connections.
  • Evaluate the level of protection you need to prevent SQL injection attacks; in general, a server receiving SQL as text is a bad idea.

Note that WCF Data Services (when used over HTTPS) handles all of the above for you.

Upvotes: 3

Related Questions