Home/ Questions/Q 9028219
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-16T06:55:56+00:00

I have developed an MVC4 Code First application which is on a secure server

  • 0

I have developed an MVC4 Code First application which is on a secure server environment, it takes information from forms and processes them.

A new requirement has come along to have some ‘public/external’ forms submit to this and I’m looking for the best approach.

The Form Models are quite complicated and deep, with plenty of inheritance.

It has been stated that the security of the information in the existing internal side is paramount.

So to get data into it I was looking at creating a WCF web service to submit the public forms directly into the internal side, it can only submit. That way we aren’t aren’t risking exposing existing internal data via the public web server. I need to use the Object Models from the internal side, as some are the same, albeit slightly expanded. Eg. My MasterForm model, from which all other forms inherit. And the master person type, from which the different types of people referenced in the forms are inherited from.

Is that a good approach or is there a better way?

This is where I’m currently at…. and not getting far. (Apologies if icons etc aren’t what you’d usually expect, but hopefully you get the idea; I have no Visio!)
Current idea

In taking this approach so far I’ve ran into difficulties with the inherited models when serialising/de serialising it is unable to determine. I tried a WCF Data Service hosted along side the WebService to submit a form, but it would not let me use the models from the Data Service to submit over the WCF Form submissions WebService.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    SOA is definitely the way to go here, and WCF would be the sensible approach in the .Net world.

    However, this raises a question surrounding your model design. Exposing / sharing “views” (which is essentially what your form objects are here) across application domains could be seen as bad design.

    In this type of scenario, I usually expose fairly rudimentary business objects in my service layer, and create views for each application domain, mapping the relevant data in to each view model. i.e. My WCF service acts as a business layer, allowing your applications to query business specific data.

    Also, make sure that you use HTTPS / SSL when passing data to your WCF Service. This requires an SSL certificate, but you can generate a self signed one, and just ignore the cert errors. If you’re using .Net 4.5, you can use the new BasicHttpsBinding.

    • 0