HTTP Tunneling Revealed: Part 2/3 - Forcing Downloads
(Page 2 of 5 )
By setting up a ContentType, one can direct the binary responses to force downloads, transferring the responseBody variable to web browser. The example below demonstrates this using ServerXMLHTTP:
<%@ Page aspcompat=true Debug="true"%>
<% Dim xmlobject
xmlobject = Server.CreateObject("MSXML2.ServerXMLHTTP")
xmlobject.Open ("GET", "http://www.jlctools.com/jlcsplitit/spltit32.zip", False)
xmlobject.Send()
' Adding header
Response.AddHeader ("Content-Disposition", "attachment; filename=spltit32.zip")
'Setting content type for webclient
Response.ContentType = "application/zip"
' Writing binary data
Response.BinaryWrite (xmlobject.responseBody)
%> 
Accessing HTTPS and Authentication via ServerXMLHTTP ServerXMLHttp supports authentication, as the open method provides two optional arguments user name and password. This is for the sites that ask for authentication credentials using the standard WWW-Authenticate header:
<%@ Page aspcompat=true Debug="true"%>
<%
Dim xmlobject
xmlobject = Server.CreateObject("MSXML2.ServerXMLHTTP")
xmlobject.Open ("GET", "https://www.verisign.com", False)
xmlobject.Send()
Response.Write (xmlobject.responsetext)
%> 
The image on the left shows absolute access via a browser to a secure site, while the image on the right is the screenshot of the code above. No images are displayed on the screenshot to the right because relative paths are not handled in this example.
Web Services; Enhanced Tunneling Web services are an extension and regularization to what you have experienced above; they are a very simple concept. They can be stated as an application defined & published to be invoked over a network, for instance the World Wide Web via a protocol like HTTP. They are a distributed processing enhancement that provides a standard description language, location and execution mechanism with request-response standards.
In contrast with previous mechanisms like CORBA, RMI and somehow DCOM, web services are emerging as a widely accepted industry standard and a quantum leap in b2b e-business. They take away a lot of remote procedural call and marshalling headaches and provide a neat mechanism for distributed processing.
Two key terms while implementing web services are WSDL and SOAP. I'll explain them below, however I have found that the definitions from the World Wide Web consortium are a tad more interesting:
"WSDL is an XML format for describing network services as a set of endpoints operating on messages containing either document-oriented or procedure-oriented information. The operations and messages are described abstractly, and then bound to a concrete network protocol and message format to define an endpoint. Related concrete endpoints are combined into abstract endpoints (services). WSDL is extensible to allow description of endpoints and their messages regardless of what message formats or network protocols are used to communicate, however, the only bindings described in this document describe how to use WSDL in conjunction with SOAP 1.1, HTTP GET/POST, and MIME." W3C's definition for Simple Object Access Protocol i.e. SOAP, is:
"SOAP is a lightweight protocol for exchange of information in a decentralized, distributed environment. It is an XML based protocol that consists of three parts: an envelope that defines a framework for describing what is in a message and how to process it, a set of encoding rules for expressing instances of application-defined datatypes, and a convention for representing remote procedure calls and responses."Next: Invoking a Web Service Using Only XMLHTTP >>
More ASP Articles
More By Adnan Masood
/ 8 
