Error handling web service
I'm doing a bank web service, for a college project, which receives the account information and the amount so we do the withdrawal of the money from the account, and as a response we send a confirmation message.
What I'm looking for is how to manage errors from the client side, because I could do my transaction but if for any reasons the client fails, that money is lost, how could I know if the client side operation was successful?
-- edit -- For example : Bank A - other, Bank B - me. A person goes to Bank A to deposit a check from Bank B, so he uses my web service to do a transaction and I do the withdrawal and return a OK message, but then before Bank A manages to add the money to an account, something fails. So now I did the withdrawal, but the person开发者_如何学运维 doesn't really has the money because Bank A failed the transaction.
If I understand, you want to use web services to provide the ability for a client to make a withdrawal from your "bank".
I would make it so that it is transactional, say, they make a call to the service to start a withdrawal, then you confirm that the transaction has started and that your service is expecting that amount to be withdrawn. (Maybe lock that money to not be available to be withdrawn until the transaction ends, and time it, so the transaction automatically fails after x seconds)
The client then does whatever with that information, say calls the second "bank". When they receive a message from the other bank saying that the amount was added, then they call the service with your system to "submit" the transaction, actually withdrawing the amount.
The problem is you are trusting the client to take the money out from one bank and put it in the other. Really? Cool! I'm going to be making some API calls claiming I've just "received" lots of money then. Mwuahahahaha!
Seriously, what should happen is that the client takes the cheque and presents it to bank A (One API call). Bank A then presents the check to Bank B and gets the funds. (Another API call). Then maybe the client can contact Bank A to verify their account balance has gone up. At no point should the client be contacting Bank B. Then, the client only makes one API call and it's not possible for them to break the system as in your example.
精彩评论