March 8, 2021
Hot Topics:

From Web 2.0 and Enterprise 2.0 to Management 2.0

  • By Marcia Gulesian
  • Send Email »
  • More Articles »

Web 2.0: Connected Users

  • Users share information with easy to use web-based social software on the Internet
  • Enabled by AJAX + SLATES
  • Transforming how we share information & work together

Figure 3: SLATES, Andrew P. McAfee's new Enterprise 2.0 acronym

Appendix B: ASP.NET AJAX

Exposing Web Services to Client Script in ASP.NET AJAX

Microsoft ASP.NET AJAX enables you to call ASP.NET Web services (.asmx files) from the browser by using a client script. This enhances the user experience for the web application. The page can call server-based methods without a postback and without refreshing the whole page because only data is transferred between the browser and the web server.

ASP.NET AJAX automatically creates JavaScript proxy classes for Web services. These proxy classes are derived from the Sys.Net.WebServiceProxy class.

You can call a Web service method by calling the corresponding method of the JavaScript proxy class. The proxy class in turn communicates with the Web service. For more information, see Reference 10.

ASP.NET AJAX also provides built-in support for JavaScript calls to ASP.NET application services such as profiles and membership authentication.

Calling Web Services from Client Script in ASP.NET AJAX

To enable your application to call ASP.NET AJAX Web services by using client script, the server asynchronous communication layer automatically generates JavaScript proxy classes. A proxy class is generated for each Web service for which an <asp:ServiceReference> element is included under the <asp:ScriptManager> control in the page. For more information, see Reference 9.

Appendix C: AJAX—A Hacker's Dream?

The warning flags are going up about the increasing use of AJAX in web applications. It seems as though we're increasing the usability of your apps while dropping your guard on security issues.

AJAX allows for a more dynamic, interactive browsing experience. This, however, increases the surface area for common types of attacks such as cross-site scripting (XSS) and cross-site request forgery (CSRF). These types of attacks are caused by an attacker injecting script code into a web page, generally via a URL, thereby allowing the attacker to control the Web browser—performing actions such as stealing user names and passwords or executing HTTP requests without the user's knowledge.

An attacker could, for instance, inject malicious script into the client by using a dynamically created <script> tag, allowing data to then be imported into the attacker's web site. In the case of a CSRF attack, the attacker could inject a script into the client, allowing the attacker to execute unauthorized service methods on another web site by using saved authentication information (such as cookies) on the client.

AJAX controls should carry warning stickers about new client-side security issues.

Appendix D: Telephone Mashups Meet Web 2.0

Voice can add a new rich dimension to your Web applications, especially those centered on XML. With Web 2.0 and mashups on the rise, adding Voice XML to the mix lets you pull and push web-based information to your users wherever they may roam (as long as they take their cell phones).

A telephone mashup is a voice, web, or mobile application (VoiceXML, PBX, IVR, VOIP, SMS, Text Messaging, and so forth) that combines content from more than one source to create a new user experience.

Think of your phone as a web browser, and the audio you hear as the content in your web browser. The audio comes from a communication server, which is similar to a web server. The communication server (IP PBX, IVR, VoiceXML, and so on) is where the mashup occurs.

A simple example of a mashup might be alerts from an Internet-based voicemail server that uses SMS to send notifications to the voicemail owner. The SMS message can include Caller ID info collected from a Reverse Phone Number Lookup API using the originating caller's phone number. Another example might be a Store Locator Mashup where a customer calls a company general number, provides a cross street, and is provided line-by line-driving directions to the closest store location via SMS.

Finally, a significant example of the widespread use of Voice XML is the release of voice portal modules for CRMs from Oracle and SAP. Both are written to the VXML 2.0 spec; this allows users to choose any standards-compliant VoiceXML gateway to access the applications. (See Reference 16.)


  1. Wikis in Plain English: http://www.youtube.com/watch?v=-dnL00TdmLY&feature=related
  2. Enterprise 2.0: The Dawn of Emergent Collaboration, Andrew P. McAfee: http://adamkcarson.files.wordpress.com/2006/12/enterprise_20_- _the_dawn_of_emergent_collaboration_by_andrew_mcafee.pdf
  3. Enterprise 2.0 case studies: http://www.socialtext.net/cases2/index.cgi
  4. Enterprise 2.0 Technology Conference, 2007, Boston, MA: http://enterprise2conf.vportal.net/
  5. Web 2.0 for the Enterprise Strategy Briefing: http://www.oracle.com/pls/ebn/live_viewer.main?p_direct=yes& p_shows_id=5828710
  6. AJAX Overview: http://msdn2.microsoft.com/en-us/library/bb398874(VS.90).aspx
  7. AJAX Application Architecture, Part 1: http://msdn.microsoft.com/msdnmag/issues/07/09/CuttingEdge/
  8. AJAX application architecture, Part 2: http://msdn.microsoft.com/msdnmag/issues/07/10/CuttingEdge/default.aspx
  9. Exposing Web Services to Client Script in ASP.NET AJAX: http://www.asp.net/ajax/documentation/live/tutorials/ ExposingWebServicesToAJAXTutorial.aspx
  10. Calling Web Services from Client Script in ASP.NET AJAX: http://www.asp.net/ajax/documentation/live/tutorials/ConsumingWebServices WithAJAXTutorial.aspx
  11. Professional Web 2.0 Programming, Eric van der Vlist et al, Wrox (2006)
  12. Yahoo! Maps Mashups, Charles Freedman, Wrox (2007)
  13. Professional Ajax, 2nd Edition: Nicholas C. Zakas et al, Wrox (2007)
  14. Pro JSF and Ajax: Building Rich Internet Components: Jonas Jacobi, John Fallows
  15. New Language of Business, The: SOA & Web 2.0, Sandy Carter, IBM Press (2007)
  16. Pro Microsoft Speech Server 2007, Michael Dunn, Apress (2007)
  17. Hacking Exposed Web 2.0, Rich Cannings, Himanshu Dwivedi, McGraw hill (2008)
  18. Securing Ajax Applications, Christopher Wells, O'Reilly (2007)

About the Author

Marcia Gulesian is an IT strategist, hands-on practitioner, and advocate for business-driven architectures. She has served as software developer, project manager, CTO, and CIO. Marcia is author of well more than 100 feature articles on IT, its economics, and its management.

Page 3 of 3

This article was originally published on December 20, 2007

Enterprise Development Update

Don't miss an article. Subscribe to our newsletter below.

Thanks for your registration, follow us on our social networks to keep up-to-date