Service Oriented Development with Windows Communication Foundation Jason Townsend

Jason Townsend President, Bartlesville .NET User Group Sr. Analyst, ConocoPhillips 11+ Years Development Experience Father of 4 wonderful children Married to an amazing and forgiving wife! Avid Sailor

President, Bartlesville .NET User Group

Sr. Analyst, ConocoPhillips

11+ Years Development Experience

Father of 4 wonderful children

Married to an amazing and forgiving wife!

Avid Sailor

Evolution of Service Orientation

Object-Oriented Polymorphism Lets you treat derived class members just like their parent class' members. Process of using an operator or function in different ways for different set of inputs given. The ability of objects belonging to different types to respond to method calls of the same name, each one according to an appropriate type-specific behavior. Encapsulation Often used interchangeably with information hiding. Reduces software development risk by shifting the code's dependency on an uncertain implementation (design decision) onto a well-defined interface. Subclassing Subclass is a class that inherits some properties from its superclass.

Polymorphism

Lets you treat derived class members just like their parent class' members.

Process of using an operator or function in different ways for different set of inputs given.

The ability of objects belonging to different types to respond to method calls of the same name, each one according to an appropriate type-specific behavior.

Encapsulation

Often used interchangeably with information hiding.

Reduces software development risk by shifting the code's dependency on an uncertain implementation (design decision) onto a well-defined interface.

Subclassing

Subclass is a class that inherits some properties from its superclass.

Component-Based Interface-based Insists that Interfaces are to be added to components. The entire system is thus viewed as Components and the interfaces that helps them to coact. Dynamic Loading Dynamic loading is a mechanism by which a computer program can, at runtime, load a library (or other binary) into memory, retrieve the addresses of functions and variables contained in the library, execute those functions or access those variables, and unload the library from memory. Runtime Metadata Enabled the ability to build systems that dynamically loaded and bound to new functionality at runtime.

Interface-based

Insists that Interfaces are to be added to components.

The entire system is thus viewed as Components and the interfaces that helps them to coact.

Dynamic Loading

Dynamic loading is a mechanism by which a computer program can, at runtime, load a library (or other binary) into memory, retrieve the addresses of functions and variables contained in the library, execute those functions or access those variables, and unload the library from memory.

Runtime Metadata

Enabled the ability to build systems that dynamically loaded and bound to new functionality at runtime.

Service-Oriented Message-based Communication is made by the sending of messages to recipients. Forms of messages include function invocation, signals, and data packets. Schema and Contract Use schema to describe the structure of messages Use contract to define acceptable message exchange patterns. Binding via Policy Use policy to define service semantics used for binding.

Message-based

Communication is made by the sending of messages to recipients.

Forms of messages include function invocation, signals, and data packets.

Schema and Contract

Use schema to describe the structure of messages

Use contract to define acceptable message exchange patterns.

Binding via Policy

Use policy to define service semantics used for binding.

Tenets of Service Orientation

Boundaries are Explicit Based on the underlying concept of encapsulation, this tenet specifies the publishing and consumption of functionality as sets of services that abstract their underlying implementation. With WCF, the attribute-based programming enables developers to explicitly define external service contracts. Without explicitly defining these, nothing within the class will be exposed publicly. WCF provides an opt-in model for explicitly defining service boundaries.

Based on the underlying concept of encapsulation, this tenet specifies the publishing and consumption of functionality as sets of services that abstract their underlying implementation.

With WCF, the attribute-based programming enables developers to explicitly define external service contracts. Without explicitly defining these, nothing within the class will be exposed publicly.

WCF provides an opt-in model for explicitly defining service boundaries.

Autonomous Evolution Services are Autonomous. Autonomy We design the system to support the inevitable evolution of the service’s implementation over time. As we build our services, we need to assume that their internal implementation will evolve (become versioned) over time and that our services as well as the services on which we depend could change location at (almost) any time.

Services are Autonomous.

Autonomy

We design the system to support the inevitable evolution of the service’s implementation over time. As we build our services, we need to assume that their internal implementation will evolve (become versioned) over time and that our services as well as the services on which we depend could change location at (almost) any time.

Share Schema & Contract, Not Class Services share schema and contract, not class. This is how ASMX works. Service publishes a contract (WSDL, XSD) No types are shared between service and its client (by default) Neither service requires knowledge of each others’ internal workings in order to exchange data.

Services share schema and contract, not class.

This is how ASMX works.

Service publishes a contract (WSDL, XSD)

No types are shared between service and its client (by default)

Neither service requires knowledge of each others’ internal workings in order to exchange data.

Compatibility Based on Policy Service compatibility is determined based on policy. Services communicate through dynamically negotiated communications channels that support the necessary semantics. Service policy statements created automatically based on configuration, class attributes, and method signatures. Client channels automatically configured via retrieved service policy.

Service compatibility is determined based on policy.

Services communicate through dynamically negotiated communications channels that support the necessary semantics.

Service policy statements created automatically based on configuration, class attributes, and method signatures.

Client channels automatically configured via retrieved service policy.

Why Service Orientation? Facilitates loosely coupled standards based integration. Enables independence in deployment, versioning, and management of the client (caller) and the server (called). Promotes reuse of application investments over time.

Facilitates loosely coupled standards based integration.

Enables independence in deployment, versioning, and management of the client (caller) and the server (called).

Promotes reuse of application investments over time.

WCF Design Goals

WS-* Used as a reference to many web service based standards covering topics such as: XML Specifications Messaging Specifications Metadata Exchange Specifications Security Specifications Privacy Reliable Messaging Specifications Resource Specifications Web Services Interoperability organization (WS-I) Specifications Business Process Specifications Transaction Specifications Management Specifications

Used as a reference to many web service based standards covering topics such as:

XML Specifications

Messaging Specifications

Metadata Exchange Specifications

Security Specifications

Privacy

Reliable Messaging Specifications

Resource Specifications

Web Services Interoperability organization (WS-I) Specifications

Business Process Specifications

Transaction Specifications

Management Specifications

XML Specifications XML (eXtensible Markup Language) XML Namespaces XML Schema XPath XQuery XML Information Set XInclude XML Pointer

XML (eXtensible Markup Language)

XML Namespaces

XML Schema

XPath

XQuery

XML Information Set

XInclude

XML Pointer

Messaging Specifications Simple Object Access Protocol (SOAP) SOAP Message Transmission Optimization Mechanism WS-Notification WS-BaseNotification WS-Topics WS-BrokeredNotification WS-Addressing WS-Transfer WS-Eventing WS-Enumeration

Simple Object Access Protocol (SOAP)

SOAP Message Transmission Optimization Mechanism

WS-Notification

WS-BaseNotification

WS-Topics

WS-BrokeredNotification

WS-Addressing

WS-Transfer

WS-Eventing

WS-Enumeration

Metadata Exchange Specifications WS-Policy WS-PolicyAssertions WS-PolicyAttachment WS-Discovery WS-Inspection WS-MetadataExchange Universal Description, Discovery, and Integration (UDDI) WSDL 2.0 Core WSDL 2.0 SOAP Binding Web Services Semantics (WSDL-S) WS-Resource Framework (WSRF)

WS-Policy

WS-PolicyAssertions

WS-PolicyAttachment

WS-Discovery

WS-Inspection

WS-MetadataExchange

Universal Description, Discovery, and Integration (UDDI)

WSDL 2.0 Core

WSDL 2.0 SOAP Binding

Web Services Semantics (WSDL-S)

WS-Resource Framework (WSRF)

Security Specifications WS-Security XML Signature XML Encryption XML Key Management (XKMS) WS-SecureConversation WS-SecurityPolicy WS-Trust WS-Federation WS-Federation Active Requestor Profile WS-Federation Passive Requestor Profile Web Services Security Kerberos Binding Web Single Sign-On Interoperability Profile Web Single Sign-On Metadata Exchange Protocol Security Assertion Markup Language (SAML) XACML

WS-Security

XML Signature

XML Encryption

XML Key Management (XKMS)

WS-SecureConversation

WS-SecurityPolicy

WS-Trust

WS-Federation

WS-Federation Active Requestor Profile

WS-Federation Passive Requestor Profile

Web Services Security Kerberos Binding

Web Single Sign-On Interoperability Profile

Web Single Sign-On Metadata Exchange Protocol

Security Assertion Markup Language (SAML)

XACML

Privacy P3P Reliable Messaging WS-ReliableMessaging WS-Reliability WS-RM Policy Assertion

P3P

WS-ReliableMessaging

WS-Reliability

WS-RM Policy Assertion

Resource Specifications Web Services Resource Framework WS-BaseFaults WS-ServiceGroup WS-ResourceProperties WS-ResourceLifetime WS-Transfer Resource Representation SOAP Header Block

Web Services Resource Framework

WS-BaseFaults

WS-ServiceGroup

WS-ResourceProperties

WS-ResourceLifetime

WS-Transfer

Resource Representation SOAP Header Block

Web Services Interoperability Organization (WS-I) Specifications WS-I Basic Profile WS-I Basic Security Profile Simple Soap Binding Profile

WS-I Basic Profile

WS-I Basic Security Profile

Simple Soap Binding Profile

Business Process Specifications WS-BPEL WS-CDL Web Services Choreography Interface WS-Choreography XML Process Definition Language

WS-BPEL

WS-CDL

Web Services Choreography Interface

WS-Choreography

XML Process Definition Language

Transaction Specifications WS-BusinessActivity WS-AtomicTransaction WS-Coordination WS-CAF WS-Transaction WS-Context WS-CF

WS-BusinessActivity

WS-AtomicTransaction

WS-Coordination

WS-CAF

WS-Transaction

WS-Context

WS-CF

Management Specifications WS-Management WS-Management Catalog WS-ResourceTransfer WSDM

WS-Management

WS-Management Catalog

WS-ResourceTransfer

WSDM

WCF Make WS-* Easy Binding selection abstracts WS-* internals WCF has Oasis Standard Bindings (3.5) Single Object model for Transports Choreographies Message Exchange Patterns (MEPs) Etc…

Binding selection abstracts WS-* internals

WCF has Oasis Standard Bindings (3.5)

Single Object model for

Transports

Choreographies

Message Exchange Patterns (MEPs)

Etc…

REST Focus is on the URI HTTP GET http://dog.com/dogs.id/12 HTTP POST http://dog.com/updateDog GET is special, other verbs are application specific GET verb always means “View It” PUT/POST/DELETE mean “Do It” but depend on client implementation Content Type is the data model XML JSON Binary Etc... Support built on via WCF extensibility points

Focus is on the URI

HTTP GET http://dog.com/dogs.id/12

HTTP POST http://dog.com/updateDog

GET is special, other verbs are application specific

GET verb always means “View It”

PUT/POST/DELETE mean “Do It” but depend on client implementation

Content Type is the data model

XML

JSON

Binary

Etc...

Support built on via WCF extensibility points

WS-* versus REST Which is better? Each has strengths: REST: proliferation of clients, easy to understand Flash Silverlight Javascript Etc… WS-*: rich Messaging Exchange patterns, Topologies, and Choreographies

Which is better?

Each has strengths:

REST: proliferation of clients, easy to understand

Flash

Silverlight

Javascript

Etc…

WS-*: rich Messaging Exchange patterns, Topologies, and Choreographies

WCF Architecture (Application)

Messaging WS Security Channel WS Reliable Messaging Channel Encoders: Binary/MTOM/Text/XML HTTP Channel TCP Channel Transaction Flow Channel NamedPipe Channel MSMQ Channel

WS Security Channel

WS Reliable Messaging Channel

Encoders: Binary/MTOM/Text/XML

HTTP Channel

TCP Channel

Transaction Flow Channel

NamedPipe Channel

MSMQ Channel

Communicating through Messages Messages travel between communication parties Messages can be grouped into different message exchange patterns (MEPs) MEPs can be implemented synchronously or asynchronously WCF supports different MEPs WCF MEPs implemented by different kinds of channels

Messages travel between communication parties

Messages can be grouped into different message exchange patterns (MEPs)

MEPs can be implemented synchronously or asynchronously

WCF supports different MEPs

WCF MEPs implemented by different kinds of channels

Message Exchange Pattern Demos

Channel Shaping (Message Exchange Patterns) Possible mismatch: Physical transport Logical message exchange patterns Channel shapes implemented in transport bindings Express support for Message Exchange Patterns WCF ServiceModel analyzes contract Which channel shapes will be supported? ServiceChannelFactory.BuildChannelFactory and DispatcherBuilder.GetSupportedChannelTypes have the details

Possible mismatch:

Physical transport

Logical message exchange patterns

Channel shapes implemented in transport bindings

Express support for Message Exchange Patterns

WCF ServiceModel analyzes contract

Which channel shapes will be supported?

ServiceChannelFactory.BuildChannelFactory and DispatcherBuilder.GetSupportedChannelTypes have the details

Contracts Service Contract Operations Behaviors Communication Shape Data Contract Schema and Versioning Strategy Message Contract Application specific headers and unwrapped body content Policy and Binding

Service Contract

Operations

Behaviors

Communication Shape

Data Contract

Schema and Versioning Strategy

Message Contract

Application specific headers and unwrapped body content

Policy and Binding

Contract Demos

How to Create a Duplex Contract Create the interface that makes up the server side of the duplex contract. Apply the ServiceContractAttribute class to the interface. Decalre the method signatures in the interface Appy the OperationContractAttribute class to each method signature that must be part of the public contract. Create the callback interface that defines the set of operations that the service can invoke on the client. Declare the method signatures in the callback interface Apply the OperationContractAttrinute class to each method signature that must be part of the public contract. Link the two interfaces into a duplex contract ny setting the CallbackContract property in the primary interface to the type of the callback interface.

Create the interface that makes up the server side of the duplex contract.

Apply the ServiceContractAttribute class to the interface.

Decalre the method signatures in the interface

Appy the OperationContractAttribute class to each method signature that must be part of the public contract.

Create the callback interface that defines the set of operations that the service can invoke on the client.

Declare the method signatures in the callback interface

Apply the OperationContractAttrinute class to each method signature that must be part of the public contract.

Link the two interfaces into a duplex contract ny setting the CallbackContract property in the primary interface to the type of the callback interface.

Contracts (Request-Reply) Most commonly used MEP It is easy to use and looks natural R/R can be implemented in WCF by several approaches Parameter list DataContract MessageContract Message Mind the “public face” of contracts, i.e. the metadata

Most commonly used MEP

It is easy to use and looks natural

R/R can be implemented in WCF by several approaches

Parameter list

DataContract

MessageContract

Message

Mind the “public face” of contracts, i.e. the metadata

Contracts (One-Way) One Way operations smell more feasible when decoupling is goal No return values, rather void Use IsOneWay property of OperationContract OneWay operations can still block Not really fire-and-forget semantics

One Way operations smell more feasible when decoupling is goal

No return values, rather void

Use IsOneWay property of OperationContract

OneWay operations can still block

Not really fire-and-forget semantics

Contracts (Duplex) Having peer communication parties Blurring the line between client and server Use CallbackContract property of ServiceContract Operations in contracts can be one-way, but need no to be If using non-one-way beware of threading issues

Having peer communication parties

Blurring the line between client and server

Use CallbackContract property of ServiceContract

Operations in contracts can be one-way, but need no to be

If using non-one-way beware of threading issues

Contracts (Streaming) Buffered communication can be very expensive with large data WCF offers streamed transfer Contract parameters must have certain shape Use Message, IXmlSerializable or System.IO.Stream or derivate as type Use MessageContract Headers will be buffered Body as System.IO.Stream will be streamed Only works with appropriate binding

Buffered communication can be very expensive with large data

WCF offers streamed transfer

Contract parameters must have certain shape

Use Message, IXmlSerializable or System.IO.Stream or derivate as type

Use MessageContract

Headers will be buffered

Body as System.IO.Stream will be streamed

Only works with appropriate binding

ServiceContractAttribute Indicates that an interface or a class defines a service contract in a Windows Communication Foundation (WCF) application. Name Description CallbackContract Gets or sets the type of callback contract when the contract is a duplex contract. ConfigurationName Gets or sets the name used to locate the service in an application configuration file. HasProtectionLevel Gets a value that indicates whether the member has a protection level assigned. Name Gets or sets the name for the <portType> element in Web Services Description Language (WSDL). Namespace Gets or sets the namespace of the <portType> element in Web Services Description Language (WSDL). SessionMode Gets or sets whether sessions are allowed, not allowed or required. TypeId (Inherited from Attribute)

Indicates that an interface or a class defines a service contract in a Windows Communication Foundation (WCF) application.

OperationContractAttribute Indicates that a method defines an operation that is part of a service contract in a Windows Communication Foundation (WCF) application Name Description Action Gets or sets the WS-Addressing action of the request message. AsyncPattern Indicates that an operation is implemented asynchronously using a Begin<methodName> and End<methodName> method pair in a service contract. HasProtectionLevel Gets a value that indicates whether the messages for this operation must be encrypted, signed, or both. IsInitiating Gets or sets a value that indicates whether the method implements an operation that can initiate a session on the server (if such a session exists). IsOneWay Gets or sets a value that indicates whether an operation returns a reply message. IsTeminating Gets or sets a value that indicates whether the service operation causes the server to close the session after the reply message, if any, is sent. Name Gets or sets the name of the operation. ProtectionLevel Gets or sets a value that specifies whether the messages of an operation must be encrypted, signed, or both. ReplyAction Gets or sets the value of the SOAP action for the reply message of the operation. TypeId (Inherited from Attribute)

Indicates that a method defines an operation that is part of a service contract in a Windows Communication Foundation (WCF) application

ServiceBehaviorAttribute Specifies the internal execution behavior of a service contract implementation. Name Description AddressFilterMode Gets or sets the AddressFilterMode that is used by the dispatcher to route incoming messages to the correct endpoint. AutomaticSessionShutdown Specifies whether to automatically close a session when a client closes an output session. ConcurrencyMode Gets or sets whether a service supports one thread, multiple threads, or reentrant calls. ConfigurationName Gets or sets the value used to locate the service element in an application configuration file. IgnoreExtensionDataObject Gets or sets a value that specifies whether to send unknown serialization data onto the wire. IncludeExceptionDetailInFaults Gets or sets a value that specifies that general unhandled execution exceptions are to be converted into a System.ServiceModel.FaultException of type System.ServiceModel.ExceptionDetail and sent as a fault message. Set this to true only during development to troubleshoot a service. InstanceContextMode Gets or sets the value that indicates when new service objects are created. MaxItemsInObjectGraph Gets or sets the maximum number of items allowed in a serialized object.

Specifies the internal execution behavior of a service contract implementation.

ServiceBehaviorAttribute Cont’ Name Description Name Gets or sets the value of the name attribute in the service element in Web Services Description Language (WSDL). Namespace Gets or sets the value of the target namespace for the service in Web Services Description Language (WSDL). ReleaseServiceInstanceOnTransactionComplete Gets or sets a value that specifies whether the service object is released when the current transaction completes. TransactionAutoCompleteOnSessionClose Gets or sets a value that specifies whether pending transactions are completed when the current session closes without error. TransactionIsolationLevel Specifies the transaction isolation level for new transactions created inside the service, and incoming transactions flowed from a client. TransactionTimeout Gets or sets the period within which a transaction must complete. TypeId (Inherited from Attribute) UseSynchronizationContext Gets or sets a value that specifies whether to use the current synchronization context to choose the thread of execution. ValidateMustUnderstand Gets or sets a value that specifies whether the system or the application enforces SOAP MustUnderstand header processing.

Transport Protocols (Bindings) HTTP TCP MSMQ More can be added through built-in extension points.

HTTP

TCP

MSMQ

More can be added through built-in extension points.

How to Specify a Service Binding (Configuration) Define your service contract Implement the service contract in your service class. Create a Web.config file to configure an endpoint for the service.

Define your service contract

Implement the service contract in your service class.

Create a Web.config file to configure an endpoint for the service.

System-Provided Bindings Binding Configuration Element Description BasicHttpBinding <basicHttpBinding> A binding that is suitable for communicating with WS-Basic Profile conformant Web services, for example, ASP.NET Web services (ASMX)-based services. This binding uses HTTP as the transport and text/XML as the default message encoding. WSHttpBinding <wsHttpBinding> A secure and interoperable binding that is suitable for non-duplex service contracts. WS2007HttpBinding <ws2007HttpBinding> A secure and interoperable binding that provides support for the correct versions of the Security, Reliable Session, and TransactionFlow binding elements. WSDualHttpBinding <wsDualHttpBinding> A secure and interoperable binding that is suitable for duplex service contracts or communication through SOAP intermediaries. WSFederationHttpBinding <wsFederationHttpBinding> A secure and interoperable binding that supports the WS-Federation protocol, enabling organizations that are in a federation to efficiently authenticate and authorize users. WS2007FederationHttpBinding <ws2007FederationHttpBinding> A secure and interoperable binding that derives from WS2007HttpBinding and supports federated security. NetTcpBinding <netTcpBinding> A secure and optimized binding suitable for cross-machine communication between WCF applications. NetNamedPipeBinding <netNamedPipeBinding> A secure, reliable, optimized binding that is suitable for on-machine communication between WCF applications. NetMsmqBinding <netMsmqBinding> A queued binding that is suitable for cross-machine communication between WCF applications. NetPeerTcpBinding <netPeerTcpBinding> A binding that enables secure, multi-machine communication. WebHttpBinding <webHttpBinding> A binding used to configure endpoints for WCF Web services that are exposed through HTTP requests instead of SOAP messages. MsmqIntegrationBinding <msmqIntegrationBinding> A binding that is suitable for cross-machine communication between a WCF application and existing Message Queuing (also known as MSMQ) applications.

Binding Features Binding Interoperability Mode of Security (Default) Session (Default) Transactions Duplex BasicHttpBinding Basic Profile 1.1 (None), Transport, Message, Mixed None, (None) (None) n/a WSHttpBinding WS None, Transport, (Message), Mixed (None), Transport, Reliable Session (None), Yes n/a WS2007HttpBinding WS-Security, WS-Trust, WS-SecureConversation, WS-SecurityPolicy None, Transport, (Message), Mixed (None), Transport, Reliable Session (None), Yes n/a WSDualHttpBinding WS None, (Message) (Reliable Session) (None), Yes Yes WSFederationHttpBinding WS-Federation None, (Message), Mixed (None), Reliable Session (None), Yes No WS2007FederationHttpBinding WS-Federation None, (Message), Mixed (None), Reliable Session (None), Yes No NetTcpBinding .NET None, (Transport), Message, Mixed Reliable Session, (Transport) (None), Yes Yes NetNamedPipeBinding .NET None, (Transport) None, (Transport) (None), Yes Yes NetMsmqBinding .NET None, Message, (Transport), Both (None) (None), Yes No NetPeerTcpBinding Peer None, Message, (Transport), Mixed (None) (None) Yes MsmqIntegrationBinding MSMQ None, (Transport) (None) (None), Yes n/a

Bindings (Request-Reply) Almost all out-of-the-box bindings support request-reply MSMQ-based bindings do not For all bindings and MEPs: Beware of default min/max values on binding elements for e.g. message sizes and buffers and timeouts Beware of possible throttles on service behavior

Almost all out-of-the-box bindings support request-reply

MSMQ-based bindings do not

For all bindings and MEPs:

Beware of default min/max values on binding elements for e.g. message sizes and buffers and timeouts

Beware of possible throttles on service behavior

Bindings (One-Way) All bindings support one-way operations Use OneWayBindingElement for custom bindings to shape channel Performs a message-level shape change Can take a IDuplexSessionChannel or a IRequestChannel and expose it as a IOutputChannel, or conversely it can take a IDuplexSessionChannel or a IReplyChannel and expose it as a IInputChannel

All bindings support one-way operations

Use OneWayBindingElement for custom bindings to shape channel

Performs a message-level shape change

Can take a IDuplexSessionChannel or a IRequestChannel and expose it as a IOutputChannel, or conversely it can take a IDuplexSessionChannel or a IReplyChannel and expose it as a IInputChannel

Bindings (Duplex) Duplex out-of-the-box netTcp wsDualHttp netNamedPipe netPeerTcp Manual duplex session-less, e.g. <compositeDuplex /> <oneWay /> <binaryMessageEncoding /> <httpTransport />

Duplex out-of-the-box

netTcp

wsDualHttp

netNamedPipe

netPeerTcp

Manual duplex session-less, e.g.

<compositeDuplex />

<oneWay />

<binaryMessageEncoding />

<httpTransport />

Bindings (Streaming) Enable streaming on the baked-in bindings All standard bindings besides MSMQ-based Enable streaming on the transport binding element, e.g. <httpTransport transferMode=„Streamed“ /> Possible transferMode values Buffered Streamed StreamedRequest StreamedResponse Only transport security and no reliable sessions allowed

Enable streaming on the baked-in bindings

All standard bindings besides MSMQ-based

Enable streaming on the transport binding element, e.g.

<httpTransport transferMode=„Streamed“ />

Possible transferMode values

Buffered

Streamed

StreamedRequest

StreamedResponse

Only transport security and no reliable sessions allowed

MSMQ Transport MSMQ is different – always has been Duplex Message Exchange Pattern over MSMQ-based binding can be achieved manually: Leverage message headers Access headers through OperationContext in user code Access headers through message inspectors in ServiceModel extensions Use GUID to correlate messages

MSMQ is different – always has been

Duplex Message Exchange Pattern over MSMQ-based binding can be achieved manually:

Leverage message headers

Access headers through OperationContext in user code

Access headers through message inspectors in ServiceModel extensions

Use GUID to correlate messages

Bindings Demos

Service Runtime Throttling Behavior Error Behavior Metadata Behavior Instance Behavior Message Inspection Transaction Behavior Dispatch Behavior Concurrency Behavior Parameter Filtering

Throttling Behavior

Error Behavior

Metadata Behavior

Instance Behavior

Message Inspection

Transaction Behavior

Dispatch Behavior

Concurrency Behavior

Parameter Filtering

WCF Reliability and Transactions End-to-End Reliable Messaging In-Order guarantees Exactly once guarantees Transport-Independent Sessions Integration with ASP.NET Sessions in IIS-Hosted compatibility mode Transactions Guaranteed atomic success or failure across services

End-to-End Reliable Messaging

In-Order guarantees

Exactly once guarantees

Transport-Independent Sessions

Integration with ASP.NET Sessions in IIS-Hosted compatibility mode

Transactions

Guaranteed atomic success or failure across services

Transaction Demos

WCF Instancing, Concurrency, and Sessions Service classes can be instantiated Singleton Per-Call Per-Session Shareable Service code can be either: Single-threaded Re-entrant Multi-threaded

Service classes can be instantiated

Singleton

Per-Call

Per-Session

Shareable

Service code can be either:

Single-threaded

Re-entrant

Multi-threaded

Instancing, Concurrency, and Sessions Demos

WCF Security Claims based end-to-end security Secure end-to-end message exchanges Secure access to resources Record resource access requests X509, Username/Password, Kerberos, SAML, and custom credentials Message Security Confidentiality and Integrity Transport or Message Level Access to resources Authentication and Authorization

Claims based end-to-end security

Secure end-to-end message exchanges

Secure access to resources

Record resource access requests

X509, Username/Password, Kerberos, SAML, and custom credentials

Message Security

Confidentiality and Integrity

Transport or Message Level

Access to resources

Authentication and Authorization

What Bindings Support the Security Modes?

Transport

Message

Mixed

Security Demos

Hosting and Activation Windows Activation Service/IIS .EXE Windows Services COM+

Windows Activation Service/IIS

.EXE

Windows Services

COM+

Hosting Demos

Install WCF Activation Components (Required for WAS Hosting)

Configuring WAS to support TCP Activation Enable for Default Website %windir%system32inetsrvappcmd.exe set site &quot;Default Web Site&quot; -+bindings.[protocol='net.tcp',bindingInformation='808:*'] Enable individual apps %windir%system32inetsrvappcmd.exe set app &quot;Default Web Site/<WCF Application>&quot; /enabledProtocols:http,net.tcp Remove net.tcp bindings %windir%system32inetsrvappcmd.exe set site &quot;Default Web Site&quot; -bindings.[protocol='net.tcp',bindingInformation='808:*']

Enable for Default Website

%windir%system32inetsrvappcmd.exe set site &quot;Default Web Site&quot; -+bindings.[protocol='net.tcp',bindingInformation='808:*']

Enable individual apps

%windir%system32inetsrvappcmd.exe set app &quot;Default Web Site/<WCF Application>&quot; /enabledProtocols:http,net.tcp

Remove net.tcp bindings

%windir%system32inetsrvappcmd.exe set site &quot;Default Web Site&quot; -bindings.[protocol='net.tcp',bindingInformation='808:*']

WCF Offers Features You Need Logging Tracing Instance Control Throttling Rich Configuration Extensibility Hosting Options And More….

Logging

Tracing

Instance Control

Throttling

Rich Configuration

Extensibility

Hosting Options

And More….

Features Demos

WCF Summary WCF is the future of distributed computing It combines the best of all existing Microsoft distributed computing stacks It uses WS-* standards for interoperability and .NET value-add for performance and integration with existing solutions.

WCF is the future of distributed computing

It combines the best of all existing Microsoft distributed computing stacks

It uses WS-* standards for interoperability and .NET value-add for performance and integration with existing solutions.

Further Resources My Blog http://www.okcodemonkey.com Linkedin http://www.linkedin.com/in/okcodemonkey Bartlesville .NET User Group http://www.bdnug.com Twitter http://twitter.com/okcodemonkey Email [email_address] Slideshare http://is.gd/3iwn

My Blog

http://www.okcodemonkey.com

Linkedin

http://www.linkedin.com/in/okcodemonkey

Bartlesville .NET User Group

http://www.bdnug.com

Twitter

http://twitter.com/okcodemonkey

Email

[email_address]

Slideshare

http://is.gd/3iwn

Key Terms

Message A message is a self-contained unit of data that may consist of several parts, including a body and headers.

A message is a self-contained unit of data that may consist of several parts, including a body and headers.

Service A service is a construct that exposes one or more endpoints, with each endpoint exposing one or more service operations.

A service is a construct that exposes one or more endpoints, with each endpoint exposing one or more service operations.

Endpoint An endpoint is a construct at which messages are sent or received (or both). It comprises a location (an address) that defines where messages can be sent, a specification of the communication mechanism (a binding) that described how messages should be sent, and a definition for a set of messages that can be sent or received (or both) at that location (a service contract) that describes what message can be sent. An WCF service is exposed to the world as a collection of endpoints.

An endpoint is a construct at which messages are sent or received (or both). It comprises a location (an address) that defines where messages can be sent, a specification of the communication mechanism (a binding) that described how messages should be sent, and a definition for a set of messages that can be sent or received (or both) at that location (a service contract) that describes what message can be sent.

An WCF service is exposed to the world as a collection of endpoints.

Application Endpoint An endpoint exposed by the application and that corresponds to a service contract implemented by the application.

An endpoint exposed by the application and that corresponds to a service contract implemented by the application.

Infrastructure Endpoint An endpoint that is exposed by the infrastructure to facilitate functionality that is needed or provided by the service that does not relate to a service contract. For example, a service might have an infrastructure endpoint that provides metadata information.

An endpoint that is exposed by the infrastructure to facilitate functionality that is needed or provided by the service that does not relate to a service contract. For example, a service might have an infrastructure endpoint that provides metadata information.

Address An address specifies the location where messages are received. It is specified as a Uniform Resource Identifier (URI). The URI schema part names the transport mechanism to use to reach the address, such as HTTP and TCP. The hierarchical part of the URI contains a unique location whose format is dependent on the transport mechanism. The endpoint address enables you to create unique endpoint addresses for each endpoint in a service, or under certain conditions share an address across endpoints. The following example shows an address using the HTTPS protocol with a non-default port: HTTPS://okcodemonkey:8080/Service/MonkeyService

An address specifies the location where messages are received. It is specified as a Uniform Resource Identifier (URI). The URI schema part names the transport mechanism to use to reach the address, such as HTTP and TCP. The hierarchical part of the URI contains a unique location whose format is dependent on the transport mechanism.

The endpoint address enables you to create unique endpoint addresses for each endpoint in a service, or under certain conditions share an address across endpoints. The following example shows an address using the HTTPS protocol with a non-default port:

HTTPS://okcodemonkey:8080/Service/MonkeyService

Binding A binding defines how an endpoint communicates to the world. It is constructed of a set of components called binding elements that &quot;stack&quot; one on top of the other to create the communication infrastructure. At the very least, a binding defines the transport (such as HTTP or TCP) and the encoding being used (such as text or binary). A binding can contain binding elements that specify details like the security mechanisms used to secure messages, or the message pattern used by an endpoint. For more information, see Configuring Services.

A binding defines how an endpoint communicates to the world. It is constructed of a set of components called binding elements that &quot;stack&quot; one on top of the other to create the communication infrastructure. At the very least, a binding defines the transport (such as HTTP or TCP) and the encoding being used (such as text or binary). A binding can contain binding elements that specify details like the security mechanisms used to secure messages, or the message pattern used by an endpoint. For more information, see Configuring Services.

Binding Element A binding element represents a particular piece of the binding, such as a transport, an encoding, an implementation of an infrastructure-level protocol (such as WS-ReliableMessaging), or any other component of the communication stack.

A binding element represents a particular piece of the binding, such as a transport, an encoding, an implementation of an infrastructure-level protocol (such as WS-ReliableMessaging), or any other component of the communication stack.

Behaviors A behavior is a component that controls various run-time aspects of a service, an endpoint, a particular operation, or a client. Behaviors are grouped according to scope: common behaviors affect all endpoints globally, service behaviors affect only service-related aspects, endpoint behaviors affect only endpoint-related properties, and operation-level behaviors affect particular operations. For example, one service behavior is throttling, which specifies how a service reacts when an excess of messages threaten to overwhelm its handling capabilities. An endpoint behavior, on the other hand, controls only aspects relevant to endpoints, such as how and where to find a security credential.

A behavior is a component that controls various run-time aspects of a service, an endpoint, a particular operation, or a client. Behaviors are grouped according to scope: common behaviors affect all endpoints globally, service behaviors affect only service-related aspects, endpoint behaviors affect only endpoint-related properties, and operation-level behaviors affect particular operations. For example, one service behavior is throttling, which specifies how a service reacts when an excess of messages threaten to overwhelm its handling capabilities. An endpoint behavior, on the other hand, controls only aspects relevant to endpoints, such as how and where to find a security credential.

System-Provided Bindings

Configuration versus Coding Control of an application can be done either through coding, through configuration, or through a combination of both. Configuration has the advantage of allowing someone other than the developer (for example, a network administrator) to set client and service parameters after the code is written and without having to recompile. Configuration not only enables you to set values like endpoint addresses, but also allows further control by enabling you to add endpoints, bindings, and behaviors. Coding allows the developer to retain strict control over all components of the service or client, and any settings done through the configuration can be inspected and if needed overridden by the code.

Control of an application can be done either through coding, through configuration, or through a combination of both. Configuration has the advantage of allowing someone other than the developer (for example, a network administrator) to set client and service parameters after the code is written and without having to recompile. Configuration not only enables you to set values like endpoint addresses, but also allows further control by enabling you to add endpoints, bindings, and behaviors. Coding allows the developer to retain strict control over all components of the service or client, and any settings done through the configuration can be inspected and if needed overridden by the code.

Service Operation A service operation is a procedure defined in a service's code that implements the functionality for an operation. This operation is exposed to clients as methods on a WCF client. The method may return a value, and may take an optional number of arguments, or take no arguments, and return no response. For example, an operation that functions as a simple &quot;Hello&quot; can be used as a notification of a client's presence and to begin a series of operations.

A service operation is a procedure defined in a service's code that implements the functionality for an operation. This operation is exposed to clients as methods on a WCF client. The method may return a value, and may take an optional number of arguments, or take no arguments, and return no response. For example, an operation that functions as a simple &quot;Hello&quot; can be used as a notification of a client's presence and to begin a series of operations.

Service Contract The service contract ties together multiple related operations into a single functional unit. The contract can define service-level settings, such as the namespace of the service, a corresponding callback contract, and other such settings. In most cases, the contract is defined by creating an interface in the programming language of your choice and applying the ServiceContractAttribute attribute to the interface. The actual service code results by implementing the interface.

The service contract ties together multiple related operations into a single functional unit. The contract can define service-level settings, such as the namespace of the service, a corresponding callback contract, and other such settings. In most cases, the contract is defined by creating an interface in the programming language of your choice and applying the ServiceContractAttribute attribute to the interface. The actual service code results by implementing the interface.

Operation Contract An operation contract defines the parameters and return type of an operation. When creating an interface that defines the service contract, you signify an operation contract by applying the OperationContractAttribute attribute to each method definition that is part of the contract. The operations can be modeled as taking a single message and returning a single message, or as taking a set of types and returning a type. In the latter case, the system will determine the format for the messages that need to be exchanged for that operation.

An operation contract defines the parameters and return type of an operation. When creating an interface that defines the service contract, you signify an operation contract by applying the OperationContractAttribute attribute to each method definition that is part of the contract. The operations can be modeled as taking a single message and returning a single message, or as taking a set of types and returning a type. In the latter case, the system will determine the format for the messages that need to be exchanged for that operation.

Message Contract A message contract describes the format of a message. For example, it declares whether message elements should go in headers versus the body, what level of security should be applied to what elements of the message, and so on.

A message contract describes the format of a message. For example, it declares whether message elements should go in headers versus the body, what level of security should be applied to what elements of the message, and so on.

Fault Contract A fault contract can be associated with a service operation to denote errors that can be returned to the caller. An operation can have zero or more faults associated with it. These errors are SOAP faults that are modeled as exceptions in the programming model.

A fault contract can be associated with a service operation to denote errors that can be returned to the caller. An operation can have zero or more faults associated with it. These errors are SOAP faults that are modeled as exceptions in the programming model.

Data Contract The data types a service uses must be described in metadata to enable others to interoperate with the service. The descriptions of the data types are known as the data contract, and the types can be used in any part of a message, for example, as parameters or return types. If the service is using only simple types, there is no need to explicitly use data contracts.

The data types a service uses must be described in metadata to enable others to interoperate with the service. The descriptions of the data types are known as the data contract, and the types can be used in any part of a message, for example, as parameters or return types. If the service is using only simple types, there is no need to explicitly use data contracts.

Hosting A service must be hosted in some process. A host is an application that controls the lifetime of the service. Services can be self-hosted or managed by an existing hosting process.

A service must be hosted in some process. A host is an application that controls the lifetime of the service. Services can be self-hosted or managed by an existing hosting process.

Self-Hosted Service A self-hosted service is one that runs within a process application that the developer created. The developer controls its lifetime, sets the properties of the service, opens the service (which sets it into a listening mode), and closes the service.

A self-hosted service is one that runs within a process application that the developer created. The developer controls its lifetime, sets the properties of the service, opens the service (which sets it into a listening mode), and closes the service.

Hosting Process A hosting process is an application that is designed to host services. These include Internet Information Services (IIS), Windows Activation Services (WAS), and Windows Services. In these hosted scenarios, the host controls the lifetime of the service. For example, using IIS you can set up a virtual directory that contains the service assembly and configuration file. When a message is received, IIS starts the service and controls its lifetime.

A hosting process is an application that is designed to host services. These include Internet Information Services (IIS), Windows Activation Services (WAS), and Windows Services. In these hosted scenarios, the host controls the lifetime of the service. For example, using IIS you can set up a virtual directory that contains the service assembly and configuration file. When a message is received, IIS starts the service and controls its lifetime.

Instancing A service has an instancing model. There are three instancing models: &quot;single,&quot; in which a single CLR object services all the clients; &quot;per call,&quot; in which a new CLR object is created to handle each client call; and &quot;per session,&quot; in which a set of CLR objects are created, one for each separate session. The choice of an instancing model depends on the application requirements and the expected usage pattern of the service.

A service has an instancing model. There are three instancing models: &quot;single,&quot; in which a single CLR object services all the clients; &quot;per call,&quot; in which a new CLR object is created to handle each client call; and &quot;per session,&quot; in which a set of CLR objects are created, one for each separate session. The choice of an instancing model depends on the application requirements and the expected usage pattern of the service.

Client Application A client application is a program that exchanges messages with one or more endpoints. The client application begins by creating an instance of a WCF client and calling methods of the WCF client. It is important to note that a single application can be both a client and a service.

A client application is a program that exchanges messages with one or more endpoints. The client application begins by creating an instance of a WCF client and calling methods of the WCF client. It is important to note that a single application can be both a client and a service.

Channel A channel is a concrete implementation of a binding element. The binding represents the configuration, and the channel is the implementation associated with that configuration. Therefore, there is a channel associated with each binding element. Channels stack on top of each other to create the concrete implementation of the binding: the channel stack.

A channel is a concrete implementation of a binding element. The binding represents the configuration, and the channel is the implementation associated with that configuration. Therefore, there is a channel associated with each binding element. Channels stack on top of each other to create the concrete implementation of the binding: the channel stack.

WCF Client A WCF client is a client-application construct that exposes the service operations as methods (in the .NET Framework programming language of your choice, such as Visual Basic or Visual C#). Any application can host a WCF client, including an application that hosts a service. Therefore, it is possible to create a service that includes WCF clients of other services. A WCF client can be automatically generated by using the ServiceModel Metadata Utility Tool (Svcutil.exe) and pointing it at a running service that publishes metadata.

A WCF client is a client-application construct that exposes the service operations as methods (in the .NET Framework programming language of your choice, such as Visual Basic or Visual C#). Any application can host a WCF client, including an application that hosts a service. Therefore, it is possible to create a service that includes WCF clients of other services.

A WCF client can be automatically generated by using the ServiceModel Metadata Utility Tool (Svcutil.exe) and pointing it at a running service that publishes metadata.

Metadat The metadata of a service describes the characteristics of the service that an external entity needs to understand to communicate with the service. Metadata can be consumed by the ServiceModel Metadata Utility Tool (Svcutil.exe) to generate a WCF client and accompanying configuration that a client application can use to interact with the service. The metadata exposed by the service includes XML schema documents, which define the data contract of the service, and WSDL documents, which describe the methods of the service. When enabled, metadata for the service is automatically generated by WCF by inspecting the service and its endpoints. To publish metadata from a service, you must explicitly enable the metadata behavior.

The metadata of a service describes the characteristics of the service that an external entity needs to understand to communicate with the service. Metadata can be consumed by the ServiceModel Metadata Utility Tool (Svcutil.exe) to generate a WCF client and accompanying configuration that a client application can use to interact with the service.

The metadata exposed by the service includes XML schema documents, which define the data contract of the service, and WSDL documents, which describe the methods of the service.

When enabled, metadata for the service is automatically generated by WCF by inspecting the service and its endpoints. To publish metadata from a service, you must explicitly enable the metadata behavior.

Security Security in WCF includes confidentiality (encryption of messages to prevent eavesdropping), integrity (the means for detection of tampering with the message), authentication (the means for validation of servers and clients), and authorization (the control of access to resources). These functions are provided by either leveraging existing security mechanisms, such as TLS over HTTP (also known as HTTPS), or by implementing one or more of the various WS-* security specifications.

Security in WCF includes confidentiality (encryption of messages to prevent eavesdropping), integrity (the means for detection of tampering with the message), authentication (the means for validation of servers and clients), and authorization (the control of access to resources). These functions are provided by either leveraging existing security mechanisms, such as TLS over HTTP (also known as HTTPS), or by implementing one or more of the various WS-* security specifications.

Transport Security Mode Security can be provided by one of three modes: transport mode, message security mode, and transport with message credential mode. The transport security mode specifies that confidentiality, integrity, and authentication are provided by the transport layer mechanisms (such as HTTPS). When using a transport like HTTPS, this mode has the advantage of being efficient in its performance, and well understood because of its prevalence on the Internet. The disadvantage is that this kind of security is applied separately on each hop in the communication path, making the communication susceptible to a &quot;man in the middle&quot; attack.

Security can be provided by one of three modes: transport mode, message security mode, and transport with message credential mode. The transport security mode specifies that confidentiality, integrity, and authentication are provided by the transport layer mechanisms (such as HTTPS). When using a transport like HTTPS, this mode has the advantage of being efficient in its performance, and well understood because of its prevalence on the Internet. The disadvantage is that this kind of security is applied separately on each hop in the communication path, making the communication susceptible to a &quot;man in the middle&quot; attack.

Message Security Mode Message security mode specifies that security is provided by implementing one or more of the security specifications. Each message contains the necessary mechanisms to provide security during its transit, and to enable the receivers to detect tampering and to decrypt the messages. In this sense, the security is encapsulated within every message, providing end-to-end security across multiple hops. Because security information becomes part of the message, it is also possible to include multiple kinds of credentials with the message (these are referred to as claims). This approach also has the advantage of enabling the message to travel securely over any transport, including multiple transports between its origin and destination. The disadvantage of this approach is the complexity of the cryptographic mechanisms employed, resulting in performance implications.

Message security mode specifies that security is provided by implementing one or more of the security specifications. Each message contains the necessary mechanisms to provide security during its transit, and to enable the receivers to detect tampering and to decrypt the messages. In this sense, the security is encapsulated within every message, providing end-to-end security across multiple hops. Because security information becomes part of the message, it is also possible to include multiple kinds of credentials with the message (these are referred to as claims). This approach also has the advantage of enabling the message to travel securely over any transport, including multiple transports between its origin and destination. The disadvantage of this approach is the complexity of the cryptographic mechanisms employed, resulting in performance implications.

Transport with Message Credential Security Mode This mode uses the transport layer to provide confidentiality, authentication, and integrity of the messages, while each of the messages can contain multiple credentials (claims) required by the receivers of the message.

This mode uses the transport layer to provide confidentiality, authentication, and integrity of the messages, while each of the messages can contain multiple credentials (claims) required by the receivers of the message.

WS-* Shorthand for the growing set of Web Service (WS) specifications, such as WS-Security, WS-ReliableMessaging, and so on, that are implemented in WCF.

Shorthand for the growing set of Web Service (WS) specifications, such as WS-Security, WS-ReliableMessaging, and so on, that are implemented in WCF.