Wednesday, August 22, 2007 - Posts

• Measuring Reliable Session Speed

  What kind of a performance impact does ensuring reliable delivery have? A common rule of thumb that I've heard circulated in the past is that turning on a feature such as reliable messaging or security cuts your throughput roughly by half. I decided to put this rule of thumb to a test by taking some measurements. I instrumented a simple service to collect data over the course of many calls. I used HTTP. I used custom bindings to match up exactly the same settings both with and without reliable sessions. All of this is completely irrelevant because your service has different message sizes, different processing times, a different network, or what have you. Your service simply won't have the same numbers. Nevertheless, I looked at the data and decided how to best organize it. The striking feature was how much (or in some cases how little) the throughput impact changed when I varied the number of messages in each reliable session. Rather than give you numbers with unhelpful units, I created a unitless measure by dividing the throughput with reliable messaging on by the throughput with reliable messaging off. As you can see, the throughput was roughly cut to a third when the sessions were ridiculously small and recovered to around 90% when the sessions were ridiculously large. I think that for reasonably sized sessions though, a number between 50 and 75 percent would not be out of the question. The rule of thumb seems pessimistic. These measurements were taken under conditions where none of the packets were actually dropped of course. The efficiency gets worse if you need to retransmit something. However, it's meaningless to consider dropped packets when one part of the measurement is non-reliable transfer. Non-reliable transfer doesn't work when packets are dropped. You can make something extremely fast if it doesn't need to be correct. Next time: Measuring Reliable Session Speed with Duplex Read More... Posted Wednesday, August 22, 2007 8:00 AM from Nicholas Allen's Indigo Blog | 0 Comments Filed under: Indigo, Reliable Messaging

• Sin, Sin, Sin: How to do Simple, Webby, and Completely Insecure ASP.NET Membership Authentication and Role Authorization with WCF

  We're all sinners. Lots of the authentication mechanisms on the Web are not even "best effort", but rather just cleartext transmissions of usernames and passwords that are easily intercepted and not secure at all. We're security sinners by using them and even more so by allowing this. However, the reality is that there's very likely more authentication on the Web done in an insecure fashion and in cleartext than using any other mechanism. So if you are building WCF apps and you decide "that's good enough" what to do? WCF is - rightfully - taking a pretty hard stance on these matters. If you try to use any of the more advanced in-message authN and authZ mechnanisms such as the integration with the ASP.NET membership / role provider models, you'll find yourself in security territory and our security designers took very good care that you are not creating a config that results in the cleartext transmission of credentials. And for that you'll need certificates and you'll also find that it requires full trust (even in 3.5) to use that level of robust on-wire security. dasBlog has (we're sinners, too) a stance on authentication that's about as lax as everyone else's stance in blog-land. There are not many MetaWeblog API endpoints running over https (as they rather should) that I've seen. So what I need for a bare minimum dasBlog install where the user isn't willing to get an https certificate for their site is a very simple, consciously insecure , bare-bones authentication and authorization mechanism for WCF services that uses the ASP.NET membership/role model (dasBlog will use that model as we switch to the .NET Framework 3.5 later this year). The It also needs to get completely out of the way when the service is configured with any real AuthN/AuthZ mechanism. So here's a behavior (some C# 3.0 syntax, but easy to fix) that you can add to channel factories (client) and service endpoints (server) that will do just that. If you care about confidentiality of credentials on the wire don't use it . For this to work, you need to put the behavior on both ends. The behavior will do nothing (as intended) when the binding isn't the BasicHttpBinding with BasicHttpSecurityMode.None ). The header will not show up in WSDL. On the client, you simply add the behavior and otherwise set the credentials as you would usually do for UserName authentication. This makes sure that the client code stays compatible when you upgrade the wire protocol to a more secure (yet still username-based) binding via config. MyClient remoteService = new MyClient (); remoteService.ChannelFactory.Endpoint.Behaviors.Add( new SimpleAuthenticationBehavior ()); remoteService.ClientCredentials.UserName.UserName = "admin" ; remoteService.ClientCredentials.UserName.Password = "!adminadmin" ; On the server, you just configure your ASP.NET membership and role database. With that in place, you can even use role-based security attributes or any other authorization mechnanism you are accustomed to in ASP.NET. Read More... Posted Wednesday, August 22, 2007 4:20 AM from Clemens Vasters and the WS Stars | 0 Comments Filed under: WCF, MSDN