DPS907 and WSA500 final exam

The final exam for DPS907 and WSA500, for the Fall 2013 semester, is Monday, December 9, 2013.

.

Final Exam, Monday, December 9

The final exam for DPS907 and WSA500, for the Fall 2013 semester, is currently scheduled for Monday, December 9, 2013, at 11:30am ET. Come to TEL Building, room T2110, for the exam.

The exam is worth 25% of your final course grade.

In the exam room, DO NOT sit beside another student in your program. For example, if you’re a CPA student, do not sit beside another CPA student. (This rule is the same as the one used for Test 2.)

Best wishes on the exam.

.

What to expect

You will be tested on all of the topics covered during the course.

In the written part, for some questions, short answers (a sentence or two) will be required. For other questions, medium-length answers (a few sentences or paragraphs) will be required.

In the on-computer programming part, you will also be asked to add to an existing  create partial implementation of a specification. We are interested in ensuring that you know the structure of a web service app. You will not have to write all the code needed to make the app work, but you must know where the code should go. For this part, you can use any printed or online resource (except those that are prohibited by course policies). You can use a College computer, or your own computer.

The written part is worth 18 of 25 marks, which is most of the exam’s value. The programming part is worth 7 of 25 marks. That should suggest the amount of time and attention you budget for each part.

More information is found below.

.

Reference sheet

A reference sheet is NOT permitted.

During the programming task, you are permitted to use resources, but you must do your own work.

.

Reminder about course policies

This is a reminder: Review the course policies, located on the course web site. In particular, make sure you read and understand the information in the “Tests and Other Graded Work” section.

.

Prepare for the exam

Ask yourself two questions:

Can I explain?

Can I do?

If you can answer “yes” to both, you’re prepared.

.

The course outlines (for DPS907 and WSA500) include a “Specific outcomes” list. Upon successful completion of the course, you should be able to fulfill these outcomes. Let’s go through them, in an effort to understand what kinds of questions you can expect on a final exam.

.

Understand and describe the principles of service-oriented architecture

What problem is SOA solving?
Benefits, advantages

.

Understand and describe the standards and technologies of modern web services implementations

Explain “web service” to someone who is NOT a programmer (e.g. a business worker/manager)
HTTP
Resources, and representations
Internet media types
Data formats and packaging, JSON and SOAP XML
Hypermedia-driven design
Security principles

.

Effectively use market-leading development tools to create and consume web services

(demonstrated by completion of labs, previous tests, and the programming assignment)

However, you should still know about coding by convention, ASP.NET Web API, Code First, C#, LINQ, lambda expressions, etc.

.

Identify and select the appropriate framework components in the creation of web service solutions

ASP.NET Web API project – why?
Request routing
Data storage (including Entity Framework, Code First)
Message handlers
Formatters (including content negotiation)
Object mapping (including AutoMapper)

.

Apply object-oriented programming principles to the creation of web service solutions

System Design Guidance – what, why, how
Diagrams
Implementation best practices

.

Analyze the requirements of an entry-level (WSA500) or medium-difficulty (DPS907) programming task, and create software that meets the requirements

Can you do this?
You may be asked to scaffold a solution, or extend an existing project, using your computer

.

DPS907: For a given specification, determine the appropriate web services style and design

Based on the programming task above, “determine the…”
Be ready to defend your answer

.

DPS907: Compare service oriented architecture with other kinds of design principles

This is a thought exercise
Compare this course’s topics and learning outcomes with the work you do (and have learned) in other courses

.

Review of questions from Test 2

As a study aid, the questions below are from Test 2 in November.

DPS907 Test 2 questions

Assume that you need to create a secured web service. Some Google search results are telling you to implement HTTP Basic Authentication. Is this a good idea? Answer, and discuss your reasons.

What is the purpose of the HTTP OPTIONS method?

“Modern web APIs should be hypermedia-driven.”
What does this mean? What problem does this attempt to solve?

If you are converting a simple web service into a hypermedia-driven web service, what are the most important high-level tasks that must be done? (Not the implementation details, but the high-level tasks.)

The following three questions assume that you are working with a hypermedia-driven web service:
1. Briefly describe the content/format/layout of the data package that is returned by a ‘get all’ request to a resource (collection) URI.
2. Briefly describe the content/format/layout of the data package that is sent with an ‘add one’ request to a resource (collection) URI.
3. Briefly describe the content/format/layout of the data package that is returned by a ‘get one’ request to a resource URI.

What kind of data is found in an access token that you get from the professor’s access token web app? What’s the usefulness of the data?

Assume that your app is using the recommended authentication handler, and the access token was validated. What’s the final task performed by the authentication handler, and explain its purpose.

A lengthy document covered the OAuth Authorization Framework. From that document, briefly describe the important tasks performed when a client app requests a protected resource. You can discuss the role each component plays in the framework. Talk about the sequence of tasks done, and the kind of data that each task needs and creates.

.

WSA500 Test 2 questions

Assume that you need to create a secured web service. Some Google search results are telling you to implement HTTP Basic Authentication. Is this a good idea? Answer, and discuss your reasons.

What kind of data is found in an access token that you get from the professor’s access token web app? What’s the usefulness of the data?

Assume that your app is using the recommended authentication handler, and the access token was validated. What’s the final task performed by the authentication handler, and explain its purpose.

The following four questions are based on a lengthy document that covered the OAuth Authorization Framework. Briefly define the following:
Resource owner
Client app
Authorization server
Resource server

(OAuth question, continued) Assume that a client app, on behalf of the resource owner, sends a new request for a protected resource. What is the next task that happens?

Assume that a request includes an access token. What is the next task that happens?

Following our design (and what you learned), what is the typical format of the authorization header in a web service request?

“Modern web APIs should be hypermedia-driven.”
What does this mean? What problem does this attempt to solve?

If you are converting a simple web service into a hypermedia-driven web service, what are the most important high-level tasks that must be done? (Not the implementation details, but the high-level tasks.)

The following three questions assume that you are working with a hypermedia-driven web service.
1. Briefly describe the content/format/layout of the data package that is returned by a ‘get all’ request to a resource (collection) URI.
2. Briefly describe the content/format/layout of the data package that is sent with an ‘add one’ request to a resource (collection) URI.
3. Briefly describe the content/format/layout of the data package that is returned by a ‘get one’ request to a resource URI.

What is the purpose of the HTTP OPTIONS method?

.

Review of questions from Test 1

As a study aid, the questions below are from Test 1 in October.

DPS907 Test 1 questions

The following table asks you to fill in answers to questions about the configuration of HTTP methods. Fill in the best answer (or an example answer) for each table cell.
Methods:
GET, POST, PUT, DELETE
Questions to answer:
Request header “accept” value
Request header “content-type” value
Is there a request body? (yes or no)
Response header typical HTTP status code value
Is there a response body? (yes or no)

Data annotations: When you use them in a view model class, what is their purpose (or what is your objective)? Give an example of a data annotation in a view model class.

Data annotations: When you use them in a app domain model class, what is their purpose (or what is your objective)? Give an example of a data annotation in an app domain model class.

Write a brief definition of “web service”.

What was the most interesting “new” thing that you learned while reading the Wikipedia article on the HTTP protocol, and/or the IETF RFC 2616 that describes HTTP?

“Resource”, “representation”, “internet media type”: Write a brief definition of each.

What is the objective of the Code First Migrations technology? What problem is it solving?

What is the purpose of a media type formatter? Where is it located in the processing pipeline? Why is a formatter a better choice than writing code in a controller?

What is the purpose of an authentication handler? Where is it located in the processing pipeline? How does the ‘HTTP Basic Authentication’ handler work?

Controller method return types: Write the name of the most appropriate return type for the following methods:
Get-one:
Get-all:
Get-one (for a lookup list):
Add-new:
Update-existing:
Delete-one:

.

WSA500 Test 1 questions

Write a brief definition of “web service”.

In your opinion, what was the most useful article / post / tutorial on the asp.net/webapi web site, and why?

Fiddler usage question: Briefly describe how you must use Fiddler to create and execute an HTTP ‘PUT’ request for a specific resource? Imagine/create your own example scenario, and include sample data in your answer.

Controller method return types: Write the name of the most appropriate return type for the following methods (3 marks):
Get-one:
Get-all:
Get-one (for a lookup list):
Add-new:
Update-existing:
Delete-one:

Data annotations: When you use them in a view model class, what is their purpose (or what is your objective)? Give an example of a data annotation in a view model class.

Data annotations: When you use them in a app domain model class, what is their purpose (or what is your objective)? Give an example of a data annotation in an app domain model class.

Which media type formatters are included (built in) to an ASP.NET Web API project?

In a request, how does the requestor ask for a specific internet media type?

What is the purpose of a media type formatter? Where is it located in the processing pipeline? Why is a formatter a better choice than writing code in a controller?

The following table asks you to fill in answers to questions about the configuration of HTTP methods. Fill in the best answer (or an example answer) for each table cell.
Methods:
GET, POST, PUT, DELETE
Questions to answer:
Request header “accept” value
Request header “content-type” value
Is there a request body? (yes or no)
Response header typical HTTP status code value
Is there a response body? (yes or no)

.

.

.

.

.

.

.

  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: