dasBlonde - Tuesday, September 19, 2006

Tuesday, September 19, 2006

Book Updates

I just posted updates chapters for RC1. See my latest post here: http://www.thatindigogirl.com/PermaLink,guid,fc8b6627-11b6-49d9-81a9-c19c9a383b0f.aspx

9/19/2006 5:19 PM | Comments [3] | View reactions | Trackback

Saturday, September 16, 2006

Data Contract Versioning

To follow my post on Service Contract Versioning, here's a snip from my book on Data Contract Versioning.

-----

This lab illustrates several versioning scenarios for data contracts. Table 2-5 summarizes possible changes to a data contract and the affect it has on existing clients, if any.

Data Contract Changes	Impact on Existing Clients
Add new non-required members	Client unaffected. Missing values are initialized to defaults.
Add new required members	An exception is thrown for missing values.
Remove non-required members	Data lost at the service. Unable to return the full data set back to the client, for example. No exceptions.
Remove required members	An exception is thrown when client receives responses from the service with missing values.
Modify existing member data types	If types are compatible no exception but may receive unexpected results.

Making changes to data contracts once they have been published is a delicate matter. Even if no exception is thrown for the change, the data may lack integrity once deserialized on either end. To avoid this, a few general guidelines should be followed if you are not creating a new data contract version:

Require data members the business depends on.

Do not remove or change data types for members, ever.

If adding new members, make sure they are not required so that version 1 clients don’t break. Remember that missing fields will be initialized to default values — so you must be sure these defaults are acceptable, or perform some low level message inspection to provide meaningful defaults prior to deserialization.

Support IExtensibleDataObject so that extra data sent by clients, or returned by services, is preserved for round trips.

IExtensibleDataObject

As the lab illustrates, implementing this interface allows you to preserve unknown members sent in the data contract message element (for example if a version 2 client sends a message to a version 1 service). Predicting future versioning issues is difficult, so providing this property bag for unknown members can ease versioning pain.

If at a later time you decide this is not a desirable feature, you can suppress support for unknown members with the dataContractSerializer behavior:

<dataContractSerializer ignoreExtensionDataObject ="true"/>

</behavior>

If you are wondering about the client side — it so happens that SvcUtil generates data contracts that implement IExtensibleDataObject. This ensures that extra data sent to clients by the service will not be lost in a round trip.

On either side the result is that the DataContractSerializer populates the ExtensionDataObject dictionary on deserialization, and uses the same dictionary to serialize additional elements in outgoing messages.

Explicit Versioning

To properly version a data contract you should create a new type and supply it with a new data contract name and/or namespace using the DataContractAttribute. Since it is a new type, you are free to remove, add, or change any member — but remember that if the semantics of the type are significantly different then it should probably be a new type altogether, without relation to the original.

When you change a data contract that is included in a service contract operation, you are also affecting the service contract that exposes the type. In fact, the minute you decide to version a data contract you must also version any service contract that uses it, or supply new contracts for the new type.

In summary, existing clients must always be able to access an endpoint that exposes the original contract. The only way this is possible is if the original contract does not change!

Versioning Flow Diagrams

Figure 2-7 and Figure 2-8 illustrate the decision flow for data contract versioning based on non-strict and strict approaches, respectively.

With non-strict versioning you can add optional members and ignore (yet preserve) superfluous members that may result from future versions of the contract. Ignoring optional members requires you to be aware of the default initialization of members that are missing, if you want to differentiate from version 1 and version 2 clients. Allowing superfluous members to be ignored solves the problem of newer version clients pushing data to an older version of the data contract, but this carries risks if clients send an inordinate amount of extra data. You should still consider IExtensibleDataObject for your own versioning needs, but perhaps monitor the message size for possible denial-of-service attacks.

With strict data contract versioning all changes lead to a new data contract. That means that any service contract that exposes this new data contract must also be versioned per the rules of strict service contract versioning.

Click image for full view...

9/16/2006 12:20 AM WCF | Comments [4] | View reactions | Trackback

Service Contract Versioning

Oh my, is it really a new post from little 'ole me? Yes, I have been very busy with various projects, including my Learning WCF book which I'm trying to wrap in the next month here...

I am getting a lot of questions about contracts and versioning, and since I have some sections in my book to address this, I thought I'd post them here. Starting with service contracts.

From the book:

-----

This lab illustrates that the service model is by default version tolerant. Table 2-2 summarizes some possible changes to a service contract and the affect it has on existing clients, if any.

Service Contract Changes	Impact on Existing Clients
Adding new parameters to an operation signature	Client unaffected. New parameters initialized to default values at the service.
Removing parameters from an operation signature	Client unaffected. Superfluous parameters pass by clients are ignored, data lost at the service.
Modifying parameter types	An exception will occur if the incoming type from the client cannot be converted to the parameter data type.
Modifying return value types	An exception will occur if the return value from the service cannot be converted to the expected data type in the client version of the operation signature.
Adding new operations	Client unaffected. Will not invoke operations it knows nothing about.
Removing operations	An exception will occur. Messages sent by the client to the service are considered to be using an unknown action header.

· The bulk of these changes have no direct affect on clients, although the results may be undesirable. The forgiving nature of the service model can be a blessing or a curse depending on how you look at it. Here are some downsides:

You can unwittingly lose information passed by the client

Missing data from the client may not be detected

Type conversions may work, yet the data is semantically invalid

· You can remove the risks of these unexpected results by using data contracts as message parameters and return types. I’ll discuss data contracts in the next section.

· Of course you are entitled to come up with your own strategy for version tolerance, but I recommend that if the implementation semantics of the service contract have changed or if new clients are to be given additional features via extended parameters and/or new operations — you should version the service contract, rather than accepting version tolerance.

To properly version a service contract you should provide a new contract and modify the namespace specified in the ServiceContractAttribute. To version the namespace, you can supply a new value for the year and month, if you follow the naming conventions I’ve recommended. A new contract name should also be specified if the contracts aren’t inherited. In the next two sections I’ll compare two versioning approaches.

Versioning with Contract Inheritance

· One likely scenario is that you will add new operations without changing the existing service contract. But, you may want to support these new operations at the same endpoint. You can achieve this by creating a new contract that inherits the old contract, adding new operations to the new one. Consider the contract shown in Example 2-8 as the first published version of the service contract.

· Example 2-8. Version 1 of the contract, IServiceA

[ServiceContract(Name="ServiceAContract",

Namespace = "http://www.thatindigogirl.com/samples/2006/06")]

public interface IServiceA

{

[OperationContract]

string Operation1();

[OperationContract]

string Operation2();

}

· The endpoint configuration for the service implementing the contract might look like this:

· When new operations are added to the service to extend its features, you may want to expose the same endpoint to old and new clients while still somehow tracking the contract version related to new features. If you extend the original service contract you can add operations under a new namespace as shown in Example 2-9.

· Example 2-9. Version 2 of the contract, IServiceA2

[ServiceContract(Name="ServiceAContract",

Namespace = "http://www.thatindigogirl.com/samples/2006/08")]

public interface IServiceA2:IServiceA

{

[OperationContract]

string Operation3();

}

· Note the service contract name is the same, but the namespace has changed. The service type can implement IServiceA2 and it will be able to expose the original operations with their original namespace, while exposing the new operation with the versioned namespace. As such, original clients can hit the same endpoint without impact, while new clients who download the metadata when version 2 is available, can access all operations.

· This scenario does not address the following:

You can’t modify existing operations with contract inheritance

You can’t differentiate old clients from new clients since they hit the same endpoint

Versioning with Separate Contracts

· Another approach would be to version the entire contract and create a new endpoint for new clients. In this case, version 2 of the contract might look like that in Example 2-10.

· Example 2-10. Version 2 of the contract, IServiceA2

[ServiceContract(Name="ServiceAContract2",

Namespace = "http://www.thatindigogirl.com/samples/2006/08")]

public interface IServiceA2

{

[OperationContract]

string Operation1();

[OperationContract]

string Operation2();

[OperationContract]

string Operation3();

}

· In order to provide a unique WSDL containing only one or the other contract, a unique service type must be created to implement the new contract. Both versions of the service can still share implementation behind the scenes.

· With this implementation the following applies:

You can differentiate old and new clients by service entry point

You can modify existing operations in the new interface (not recommended, you should really provide new operation names)

New clients cannot send messages to the original endpoint

Old clients cannot send messages to the new endpoint

Versioning Flow Diagrams

To summarize the discussion of service contract versioning, Figure 2-4 and Figure 2-5 illustrate the decision flow for non-strict and strict-versioning policy, respectively.

Non-strict versioning allows you to add or remove parameters without versioning the service contract. This also means that the implementation code must accommodate how to handle version 1 and version 2 clients. Though possible, the idea of operation signatures changes can be very difficult to track, whereas a data contract as the service operation parameter at least allows for explicitly required and non-required parameters (to be discussed in the "Data Contracts" section of this chapter).

With strict service contract versioning, any change to an operation leads to a new service contract. A new endpoint is always provided to ensure version 2 clients can be differentiated from version 1 clients.

Click the image to see larger view...

9/16/2006 12:08 AM WCF | Comments [2] | View reactions | Trackback

Thursday, July 27, 2006

SvcTraceViewer.exe - Learn It, Know it, Love It

There's a nice little diagnostic tool that ships with the SDK for .NET 3.0 - svctraceviewer.exe. You WILL need this tool. It is a great way to inspect messages when things are going as expected, you can see the service model trace to inspect components leading up to an exception, you can see the details leading up to a service fault, more than is shown in the inner exception at times.

Here's an example configuration for the service-side for June/July CTP:

<?xml version="1.0" encoding="utf-8" ?>
<configuration>
    <system.serviceModel>
        <services>
            ...
        </services>

    </system.serviceModel>
    <system.diagnostics >
        <sharedListeners>
            <add name="sharedListener"
                 type="System.Diagnostics.XmlWriterTraceListener"
                 initializeData="c:\logs\servicetrace.svclog" />
        </sharedListeners>
        <sources>
            <source name="System.ServiceModel" switchValue="Verbose, ActivityTracing" >
                <listeners>
                    <add name="sharedListener" />
                </listeners>
            </source>
            <source name="System.ServiceModel.MessageLogging" switchValue="Verbose">
                <listeners>
                    <add name="sharedListener" />
                </listeners>
            </source>
        </sources>
    </system.diagnostics>
</configuration>

To view trace output launch svctraceviewer.exe and open the .svclog file. The Messages tab will take you directly to the actual messages that move between client and service, including full XML output (excluding binary data). The items in yellow are warnings, items in red are exceptions...where you can view details of the exception in the XML dump. Make sure you scroll all...the...way...down and look for the details of the exception...good stuff in there (or, bad stuff...I guess, if there is an exception).

7/27/2006 5:31 PM Indigo | Comments [176] | View reactions | Trackback

Friday, June 30, 2006

Hilarious! Cryptography basics in rap music form!

Martin Gudgin blogged about this last month...I just saw it, hilarious!

6/30/2006 8:08 PM Fun | Security | Comments [152] | View reactions | Trackback

Thursday, June 29, 2006

CardSpace Sample Posted

I just added the federation sample to this blog entry: http://www.dasblonde.net/default.aspx#a0de3e38e-a516-4a33-a85d-3027a505f7b8

CardSpace anyone?

6/29/2006 3:15 AM CardSpace | WCF | Comments [143] | View reactions | Trackback

Wednesday, June 28, 2006

MSDN Web Cast - WCF Contracts Contracts Contracts and more Contracts!

For my web cast today I discussed...well...contracts! In the process I had the opportunity to update my contract chapter samples for my WCF book (the chapters are currently posted to www.thatindigogirl.com for your review, and I'll be updating the posted chapter content for Beta 2 in the next weeks).

The samples are:

Enjoy!

6/28/2006 8:12 PM Speaking/Events | WCF | Comments [2] | View reactions | Trackback

Tuesday, June 27, 2006

MSDN Web Cast - ASP.NET Security - Resources

For my webcast today, I illustrated several layers of security features for ASP.NET with the following samples (some samples are extra beyond what we had time for in 1 hour):

Also see my Publications page for articles on this subject for The Server Side .NET

MSDN Web Cast - ASP.NET Modules and Handlers - Resources

For my webcast today, I illustrated custom HTTP modules and handlers with the following samples:

Also, look at my RSS for ASP.NET for other posts on similar subjects!

6/27/2006 4:44 PM ASP.NET | Speaking/Events | Comments [7] | View reactions | Trackback

Monday, June 26, 2006

MSDN Web Cast Week - ASP.NET Modules and Handlers, ASP.NET Security and WCF Contracts!

I have 3 webcasts for MSDN coming up this week.

This Tuesday (tomorrow), two ASP.NET web casts:

MSDN Webcast: How ASP.NET 2.0 Processes Requests: Handlers, Modules and Other Objects Involved in the Round Trip (Level 200)

Tuesday, June 27, 2006
9:00 A.M.–10:00 A.M. Pacific Time

MSDN Architecture Webcast: ASP.NET Security Is More Than Just Credentials (Level 200)
Tuesday, June 27, 2006
12:00 P.M.–1:00 P.M. Pacific Time

This Wednesday morning bright and early:

MSDN Architecture Webcast: Understanding Windows Communication Foundation Contracts (Level 200)
Wednesday, June 28, 2006
8:00 A.M.–9:00 A.M. Pacific Time

These are FREE, so you don't want to miss out!

Tech Ed Session - WinFX "InfoCard": Building Identity-Aware Applications with "InfoCard" and the Windows Communication Foundation

I did a session at Tech Ed on CardSpace (formerly known as InfoCard) that illustrated several ways to integrate CardSpace into your applications. For example you can:

Use CardSpace to pass claims to a web application using the <object> tag or XHTML (IE 7).
Use CardSpace to pass claims to a WCF web service using wsHttpBinding/IssuedToken credentials, or wsFederationHttpBinding and specifying a list of claims.
Use CardSpace to pass claims to a WCF security token service (STS or token issuer) that in turn validates those claims and issues a token for the target WCF service. This involves specifying an alternate token issuer, and implies that that token issuer might trust the CardSpace claims to issue a proper SAML token for the target service.

I have samples for all three, and the delay in posting (sorry) is related to writing up instructions to make sure you are successful...while I was out of town last week.

UPDATED: 06/28/06 to add federation sample

InfoCardBrowser.zip (18.27 KB)

InfoCardWSHttpBinding2.zip (1.98 MB)

MediaServicesFederation.zip (2.07 MB)

Oh, I should also mention that I had lots of help from several product team members to get these samples working on the latest build on short notice - both on the WCF and CardSpace teams...these guys really rock! And you might want to head to Martin Gudgin's blog for more Q&A on the STS he let me use for the federation sample!

Let me know if you have any questions after reading the readme files!