Tuesday, March 18, 2008 - Posts

• Notes on lifetimes of Channels and their Factories

  One question I get from custom channel authors has to do with the various lifetimes of the components involved. Especially since, as per best practice, their heavyweight resources are attached to ChannelFactories and ChannelListeners and simply referenced from the Channel. Nicholas covered the basics in this post. Which to summarize is: ChannelFactory created Channels cannot outlive [...] Read More... Posted Tuesday, March 18, 2008 1:17 PM from kennyw.com » Indigo | 0 Comments Filed under: Indigo

• Mystery of the Disappearing Addressing Headers

  Why do the messages logged by my service show addressing headers but those headers disappear when the message is sent? This is easy to explain once you actually look at the messages. Here's a quick test program that generates some SOAP 1.1 messages with all of the different addressing permutations. using System; using System.Collections.Generic; using System.ServiceModel.Channels; using System.Xml; class MyBodyWriter : BodyWriter { public MyBodyWriter() : base ( true ) { } protected override void OnWriteBodyContents(XmlDictionaryWriter writer) { } } class Program { static IEnumerable<MessageVersion> Versions { get { yield return MessageVersion.Soap11; yield return MessageVersion.Soap11WSAddressing10; yield return MessageVersion.Soap11WSAddressingAugust2004; } } static void Main( string [] args) { foreach (MessageVersion version in Versions) { Message m = Message.CreateMessage(version, "http://MyApplication/Action" , new MyBodyWriter()); m.Headers.To = new Uri( "http://localhost/service" ); Console.WriteLine( "MessageVersion: {0}\n{1}\n" , version, m.ToString()); } Console.ReadLine(); } } That generates the following set of messages: MessageVersion: Soap11 (http://schemas.xmlsoap.org/soap/envelope/) AddressingNone (http://schemas.microsoft.com/ws/2005/05/addressing/none) < s:Envelope xmlns:s ="http://schemas.xmlsoap.org/soap/envelope/" > < s:Header > < Action s:mustUnderstand ="1" xmlns ="http://schemas.microsoft.com/ws/2005/05/addressing/none" > http://MyApplication/Action </ Action > < To s:mustUnderstand ="1" xmlns ="http://schemas.microsoft.com/ws/2005/05/addressing/none" > http://localhost/service </ To > </ s:Header > < s:Body /> </ s:Envelope > MessageVersion: Soap11 (http://schemas.xmlsoap.org/soap/envelope/) Addressing10 (http://www.w3.org/2005/08/addressing) < s:Envelope xmlns:a ="http://www.w3.org/2005/08/addressing" xmlns:s ="http://schemas.xmlsoap.org/soap/envelope/" > < s:Header > < a:Action s:mustUnderstand ="1" > http://MyApplication/Action </ a:Action > < a:To s:mustUnderstand ="1" > http://localhost/service </ a:To > </ s:Header > < s:Body /> </ s:Envelope > MessageVersion: Soap11 (http://schemas.xmlsoap.org/soap/envelope/) Addressing200408 (http://schemas.xmlsoap.org/ws/2004/08/addressing) < s:Envelope xmlns:a ="http://schemas.xmlsoap.org/ws/2004/08/addressing" xmlns:s ="http://schemas.xmlsoap.org/soap/envelope/" > < s:Header Read More... Posted Tuesday, March 18, 2008 8:00 AM from Nicholas Allen's Indigo Blog | 0 Comments Filed under: Indigo, Answers, Addressing

• Partial trust binding validation is a usability feature

  Nicholas has a good post on the binding validation WCF does in partial trust . As he points out, a ServiceHost running in anything less than a fully trusted AppDomin will so some baked-in validation on the bindings being used. Specifically, we have a list of binding elements that are explicitly prohibited in partial trust, and if we catch you trying to use one of these binding elements we'll prevent your service from activating. This behavior has absolutely nothing (zip, zero, nada) to do with security. For that, we rely on the Code Access Security features implemented by the CLR, like any other framework component. So why do we do this validation? One reason -- usability. Exceptions at deterministic times (say, Open()) are vastly better than exceptions at random times (say, when you receive a message that triggers a code path that does a demand for a permission you don't have). Having binding validation in place doesn't make the system more secure, but does avoid exposure to a large class of issues that can be pretty hard to reproduce and diagnose. Read More... Posted Tuesday, March 18, 2008 2:39 AM from Brain.Save(): blog | 0 Comments Filed under: Blog