Sql For Remote Calls

May I float the idea of using SQL in place of RemoteProcedureCalls, SOAP, and WebServices?

You send SQL to a designated server and get back comma-delimited or XML rows. For security purposes, only designated tables or views are visible to the target outsiders.

SQL allows users to select only the rows and columns that they want. Many techies are familiar with it so the training curve will be lower than some newfangled XML DDL or SOAP.

However, perhaps some way should be provided to avoid CartesianJoins (which SQL makes far too easy to accidently do). Otherwise outsiders can hose up your server.

--top

An interesting idea, and perhaps appropriate for certain WebServices that wrap a collection of queryable data, though I'd be more inclined to simply expose the (well-secured) SQL DBMS over the network. However, most WebServices expose a limited set of relatively unrelated, relatively simple procedure calls. Given that WebService and RemoteProcedureCall client development environments generally do not require the developer to tangle with SOAP or IIOP directly, and simply translate the WSDL or IDL description of the service into client-side procedure and/or class declarations that generate and parse SOAP or IIOP messages on your behalf, there's no gain to using SQL.

For example, how is the following...

 response = provider.doRemoteInvocation("INSERT INTO ccTransaction(amount, payee, description, ccnum, ccname, expirydate, seccode) VALUES (12.99, 'KFC34983', 'Big Bucket of Chicken', '1234345657482342', 'Mr. D Voorhis', '08/07', 555)");
...superior to the following?

 response = provider.doCCTransaction(12.99, 'KFC34983', 'Big Bucket of Chicken', '1234345657482342', 'Mr. D Voorhis', '08/07', 555);
The latter requires conversion code, the former can be plugged in directly. The latter uses API deprecation, the former is flexible. The latter requires looking up documentation, the former doesn't. The latter requires data-type matching code and has international date/string/etc problems, the former is universal.

Good points. Let's look at them:

This is not to deprecate the potential power of mapping system resources to relations in order to take advantage of the composability of the relational algebra. For example, if diverse resources were represented as relations you could trivially JOIN user account information (represented as a relation variable) with system login logs (relvar, again) with mail download data (a UNION of the IMAP and POP3 log relvars) and use the result to INSERT email messages into the SMTP server. This might be used to send a batch of "please log in and change your password" emails addressed to users who haven't logged into the system within the last month, but who have recently downloaded their email.

This is a relatively underexplored idea, though I believe the PICK operating system successfully used a variation on this. However, I'm not sure using SQL as an interface to WebServices or RemoteProcedureCalls is the best example of it. Even in a purely relational environment, I would still expect to invoke remote procedures via a procedure call syntax, in the same way I invoke local procedures.

-- DaveVoorhis


Perhaps merge with RelationalAlternativeToXml when cooked.


See also: KissWebServices


EditText of this page (last edited June 26, 2006) or FindPage with title or text search