Tuesday, November 17, 2009

WCF - Basic design considerations.

Here is a list of items to consider while designing a WCF web service. These are based on many reference articles including msdn and based on my current exposure and experience to WCF.

It is important to understnad teh WCF framework and options it offers. Implemetnation is the easiest part. These may change as per your requirement.

WCF Decision Points

Security

Security Modes:

Available Options:
• None. Turns security off.
• Transport. Uses transport security for mutual authentication and message protection.
• Message. Uses message security for mutual authentication and message protection.
• Both. Allows you to supply settings for transport and message-level security (only MSMQ supports this).
• TransportWithMessageCredential. Credentials are passed with the message and message protection and server authentication are provided by the transport layer.
• TransportCredentialOnly. Client credentials are passed with the transport layer and no message protection is applied

Recommended Options

• Message security mode, on the other hand, uses WS-Security (and other specifications) to implement transfer security. Because the message security is applied directly to the SOAP messages and is contained inside the SOAP envelopes, together with the application data, it has the advantage of being transport protocol-independent, more extensible, and ensuring end-to-end security (versus point-to-point); it has the disadvantage of being several times slower than transport security mode because it has to deal with the XML nature of the SOAP messages.
• Transport security mode uses a transport-level protocol, such as HTTPS, to achieve transfer security. Transport mode has the advantage of being widely adopted, available on many platforms, and less computationally complex. However, it has the disadvantage of securing messages only from point-to-point.

Client Credential Type

Following options are based on the type of bindings used.

Recommended Options
• Windows
• UserName
• Certificate

Recommended Protection Level: EncryptAndSign

Recommended Bindings: WsHttpBinding

There are many options available which can be configured at a later stage. Some of the recommended Bindings in addition to WsHttpBinding are given below. These can be configured as different endpoints when it is required.

- NetTcpBinding
- NetNamedPipeBinding
- NetMsmqBinding

Hosting

Available Options:

- Self Hosted
- Windows Service
- IIS 5.1, 6.0, 7.0 (Depends on versions of OS)
- WAS (works only on Vista or Windows 2008)

Recommended

- IIS
o 6.0 on windows server 2003
 Process recycling.
 Idle shutdown.
 Process health monitoring.
 Message-based activation.
 Recycling
 HTTP only
o 7.0 or WAS on windows server 2008
 Same benefits as 5.1 and 6.0
 HTTP, TCP, Named Pipes and MSMQ
- Windows Service
o Service process lifetime controlled by the operating system, not message-activated.
o Supported by all versions of Windows.
o Secure environment.
o Supports HTTP, TCP, Named Pipes and MSMQ
o Deployment: Services must be installed with the .NET Framework Installutil.exe utility or through a custom action in an installer package.




Message Contracts

Following are some benefits of using Message Contracts instead of directly using Data Contracts.

- More controls over the SOAP Messages
- Easier to update the Operation signatures like additional parameters during before any version of WCF service is released.
- More control over how WSDL is generated.


Recommendation:

Consider using Message Contracts based on business need.


Instance Management
Per-Call services are most preferred for scalability.

Operations
Request-Reply operations are preferred rather than call back or one way operations.

Faults
Fault contract details to be decided during design time.

Transactions
Recommended transaction settings if not a distributed environment is [TransactionFlow(TransactionFlowOption.NotAllowed)]

Concurrency Management
Use default ConcurrencyMode.Single and leave thread synchronization to WCF. This is recommended along with Per-Call instantiation.
Versioning
Versioning needs to be done. Details to be decided during design phase.

Logging
Use existing Logging mechanisms used in your apps or use Log4Net.

Out of the box WCF Client Proxies

Following proxies can be provided to customers for easy development
- .Net proxy
- Java proxy

No comments:

Post a Comment