I've finally found the time to collect and share the questions and answers at the webinar on DataSnap I gave a couple of weeks ago. I thought about a blog post, but after pages and pages, I realized it would have been much better to put the 7-pages list in a PDF, which you can download below.

https://dl.dropbox.com/u/133855/papers/DataSnapWebinarQandA.pdf

Here I'm reporting only an exctract, with some of the Q&A I think more general and valuable.

Best of Q&A

Q: Can I have multiple webserver modules with different methods exposed?

A: Not exactly. What you do is to create a single service (with a single web module) and expose multiple server side classes using multiple ServerClass components. These can be created at design time, but placing these component in the web module, but also at runtime, in code. In this case, however, remember you have to create your server classes before starting activating DataSnap server (DSServer object).

 

Q: How can I send a dynamic array as a return type of a server method? Or do I have to use heavy callbacks?

A: You can return a JSON array - which is an open structure you can use. You can do anything you want in a heavyweight callback - they still send JSON. Try to mostly use JSON data types - they are very reliable to all clients.


Q: My coworker, who is writing the JSP side, is having issues with the result of my rest calls. She is using jQuery.parse(URL) on the result, and is getting an 'undefined response'. Is there a way to only return the 'result' array portion of a JSON array of JSON objects created by adding a list of name/value pairs?
A: You can customize the response. Whatever you respond is inside a response object. If you need to have a plain JSON structure – as result of one of your server method - set the response string directly using code, using the method GetInvocationMetadata.

 

Q: Aside of role-based (not very flexible) authorization model ... are there any other possibilities to include ACL based or provider based security (ex: by AOP ways to wrap the methods over proxies?)

A: You can implement authorization and authentication the way you prefer, for example doing it at the web broker level (or even web server level). The mechanism in the product is simple, and might be extended in the future.

 

Q: Support for HTTPS in stand alone DataSnap servers (including REST) was a big feature in XE2, but I don't see it mentioned very often. Is this still a going concern?

A: It is there and it works; only, I'd rather use a web server security (like HTTPS) in a REST model.

Conclusion

Again, read the PDF for more information, and refer to the webinar web page to downlaod the 40+ pages white paper: http://www.embarcadero.com/rad-in-action/development-and-deployment-of-delphi-multi-tier-applications. Hope to have time to bundle this and other white papers I wrote in an all-encompassing DataSnap guide.