Category list

SOAP Serialization

As we mentioned earlier, SOAP is a standard based on XML for describing properties and methods . SOAP is used by Web services as well as .NET Remoting precisely for these abilities . In this sense, SOAP serialization is similar to remote procedure calls (RPCs) but is mainly concerned with standardizing message passing. SOAP provides a standard of describing these remote procedures and properties. The IFormatter interface described in the Binary Serialization section earlier in this chapter offers a way of generating SOAP messages by creating an instance of the SoapFormatter class.

You follow the same guidelines to use SoapFormatter as you do to use BinaryFormatter , as described in the Binary Serialization section. The only difference is that the IFormatter instance used is a SoapFormatter that is, the class being serialized as well as any inherited classes must have the Serializable attribute set. The assembly containing the serialized object definition must be available at both the source and the destination. The serialized stream can also be customized in the same way by adding the NonSerialized attribute or by implementing the ISerializable interface, as you saw earlier. The following code serializes an object with the SoapFormatter :

C#

//UsingtheMyBasicDataclassdefinedearlier
MyBasicDatabasicData=newMyBasicData();
IFormattersoapFormatter=newSoapFormatter();
FileStreamfileStream;

fileStream=newFileStream(soapformatter.xml",
FileMode.Create,
FileAccess.Write,
FileShare.None);
soapFormatter.Serialize(fileStream,basicData);

Visual Basic .NET

DimbasicDataasMyBasicData=newMyBasicData()
DimsoapFormatterasIFormatter=newSoapFormatter()
DimfileDataStreamasFileStream

fileDataStream=newFileStream(_
 soapformatter.cml",_
FileMode.Create,_
FileAccess.Write,_
FileShare.None_)
soapFormatter.Serialize(fileDataStream,basicData)

As weve seen with the previous serialization types, there is always a way to customize the serialization output. For SOAP serialization using the SoapFormatter class, it is the same as for the binary formattereither the NonSerializable attribute can be applied to class properties or the class to be serialized can implement the ISerializable interface.

To see SoapFormatter in action, take a look at the binsoapserial.cs or binsoapserial.vb sample. SoapFormatter is illustrated in this sample because it is a type of IFormatter and the rules for controlling SOAP serialization are the same as for using the BinaryFormatter .

Code Access Security

Both the BinaryFormatter and the SoapFormatter demand the SecurityPermissionFlag.SerializationFormatter permission, which is granted only to applications running in the local machine account. Therefore, if an application running either in the intranet or Internet zone attempts to serialize or deserialize a data stream, an exception will be thrown.

The XmlSerializer does not have any inherent security restrictionsthat is, it can be accessed from any zone. The only restriction is if the class being serialized has declarative security attributes, in which case an exception is thrown.

Summary

Its evident that serialization is a powerful and very useful mechanism for transporting complex data across processes, regardless of whether theyre running on the same machine or across a network. The .NET Framework offers three types of serialization, and each has its advantages. Binary serialization is the easiest of all serializers to use and also produces the most compact data. The XML serializer offers interoperability and portability at the expense of a much larger serialized data size . Finally, serializing to SOAP allows interoperability with SOAP-based services such as .NET Remoting and Web services. The ability to serialize data forms the building blocks for many technologies such as .NET Remoting and Web services, which are covered later in this book.

Buy on amazon.com >>

Jones A., Ohlund J., Olson L.

<< Previous page

Table of contents

Next page >>