All posts by : hongmeigs WebLog

1 of 17 | Turning on trace for WCF - First you need to download some windows sdk tools. You can get those from http://www.microsoft.com/downloads/details.aspx?FamilyId=C2B1E300-F358-4523-B479-F53D234CDCCF&displaylang=en. Only check the tools section to save you some time. The tools that we need is called service trace viewer. Open the configuration file on your client or server side, include the following section to your config:  <?xml version="1.0" encoding="utf-8" ?> <configuration>     <system.serviceModel>     <diagnostics>       <messageLogging maxMessagesToLog="30000"         &......

2 of 17 | WCF exception: The remote certificate is invalid according to the validation procedure - If you are using Https, this might fix it.             ServicePointManager.ServerCertificateValidationCallback = RemoteCertificateValidationCallback;        public static bool RemoteCertificateValidationCallback(object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors)         {             // do some validation here...         }   Please refer to http://blogs.msdn.com/suwatch/archive/2007/04/06/x509-and-wcxf-security.aspx for a comple......

3 of 17 | Serialization magic with DataContract attribute in WCF - I want to serialize something similar to this format: <Body>       <Response>                      <something></something>       </Response> </Body>   I have the following code:   [MessageContractAttribute(IsWrapped=false)] public class Response {     [MessageBodyMember(Name = "Response", Namespace="http://tempuri.org", Order=0)]     public ResponseBody body; }   [DataContract(Namespace="http://tempuri.org")] public class ResponseBody {  &n......

4 of 17 | MutualCertificate with server x509 cert in the response - If you are getting error from the client saying certain token provider is not registered to deserialize the token, and if you are happening to be using this security binding: SecurityBindingElement element = SecurityBindingElement.CreateMutualCertificateBindingElement(MessageSecurityVersion.WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10); Then a very likely reason is that your server has included the x509 certificate in the response. The following flag is going to allow this scenario: ((AsymmetricSecurityBindingElement)element).AllowSerializedSigningTokenOnReply = true;  If the client already has the server's certificate......

5 of 17 | How to distribute my public key portion of the cert to the Client in an "SSL" fashion - Distributing x.509 is always a painful thing, and using WCF, it no long is. In the WCF configuration, there is a knob in the configuration which helps the client to get the public key portion of the certificate in an "SSL" fashion.      <bindings>      <wsHttpBinding>        <!--         This configuration defines the security mode as Message and         the clientCredentialType as Username.        -->        <binding name="Binding1">  &nb......

6 of 17 | 403.1 error while hosting WCF service using IIS - If you are getting 403.1 error while hosting WCF using IIS, then you might be using the wrong directory name. Let us say you want to host your service at http://localhost/A/service.svc  And the physical location of the service.svc file must be under the directory A.  {any local directory on your computer}/A/service.svc Hope this helps!...

7 of 17 | TechEd China is fun - Delivered two talks at the Tech Ed China Beijing stop. One on WCF security and the other one on WSE 3.0. Both talks went quite well. Check out the photos from this: http://www.microsoft.com/china/technet/teched/introduction/teched2006.asp Found that quite a few customers are using WSE or WCF to send huge documents....

8 of 17 | Automatically adding WSE2 dll to the VS 2005 web service project - Make sure that you don't have any reference in your code which still refer to the WSE 2 dll. VS 2005 will auto add the assembly reference when you build the web site project....

9 of 17 | Going to TechEd China to give talks on WSE and WCF - Please visit http://www.microsoft.com/china/technet/teched/ for more informations, and sign up now....

10 of 17 | About me - Currently, I am a developer in Adanced Web Services team.  The product I am working on is called Web Services Enhancements, commonly known as “WSE”.  It is my first team at MS and I have been working on the product since my very first day at MS.  Prior to joining Microsoft, i was studying Computer Science in the Engineering school at University of Michigan. Oh, yes, i am very proud of being a Wolverine! I have a personal web site hosted at http://umgoose.members.winisp.net/.  The site was created right after i graduated from UM, and it will be updated soon.   &nb......

11 of 17 | WSE 2.0 RTM - Yes!  The second version of Web Service Enhancements for Microsoft .NET has recently shipped!  There are a lot of excitement and enthusiasms about WSE 2.0 RTM. The release was announced in Steve Ballmer’s keynote.  As the very first demo successfully delivered by Rebecca Dias, WSE certainly gains a big audience. This release includes the implementation of the lastest WS-* specification, such as WS-Security, WS-Addressing, WS-Policy, WS-SecurityPolicy, WS-Trust and WS-SecureConversation.  It is an add-on to the existing Visual Studio .NET 2003.  If you are using Web Services or plan to use Web Services in the near future, please check out......

12 of 17 | Check XmlElement.HasAttributes before calling XmlElement.Attributes - I have tested it against Everrette. If an xmlelement you are working with doesn`t contain any attributes, calling XmlElement.Attributes will trigger the system to create an empty ArrayList. The best way to avoid it is to check whether the element contain any attribute before trying to traversing its attributes. foreach(XmlAttriubte attr in element.Attributes) {    // do some work with attr } is better off replaced by if ( element.HasAttributes ) {          XmlAttributeCollection attrList = node.Attributes;          for (int i = 0; i          {                // do some work           }    } This way, for a huge xml document, we won`t be creating thousands of empty unnecessary ArrayList obj......

13 of 17 | How to traverse xmlelement.childnodes effectively - I have been working on the performance these days, and I want to share some tricks that you can do to reduce memory allocation significantly if the xml document you are working with is huge. Use XmlElement.FirstChild and next sidbling is a lot cheaper than foreach(xmlnode child in element.ChildNodes).  You can run the CLRProfiler to see the difference.          // index approach -- bad         static int Approach1(XmlNode element)         {            int count = 1;             for ( int index = 0; index             {                XmlElement child = element.ChildNodes[index] as XmlElement;                 if ( child != null )                    count += Approach1(child);            }     ......

14 of 17 | WSE2 SP2 released today - This release fixes some top customer issues and provide a new security token, KerberosToken2, which supports impersonation, windows constrained delegation.  The new token also works well with the web farm scenario. Please download WSE2 SP2 from http://msdn.microsoft.com/webservices/building/wse/default.aspx It is a very exciting release!       ...

15 of 17 | SymmetricKeyEncryption in WSE 2.0 ( part 2 ) - As promised, i would talk about a second approach to achieve symmetric key based encryption in WSE 2.0. First, you need to create a simple hello world web service with a client project and a web service project. Assuming you already know how to do it. Now add the symmetric key based encryption using WSE 2.0 by introducing a new type of token.  OK.  Use WSE setting tool to enable WSE in both VS projects.  Then you need to define a new class for this symmetric key token, which needs to derive from SecurityToken class, and defines some key properties, such as Key for key material and key algorithm, GetXml() and LoadXml() for token serialization, i.e. the wire format of this new token. Here is ......

16 of 17 | Symmetric key based encryption in WSE 2.0 ( part 1 ) - In WSE 1.0, symmetric key encryption could be done through decryption key provider.  Moving to WSE 2.0, every security operation has been bound with a security token, including the symmetric key encryption.  There are generally two ways to do a symmetric key encryption, commonly known as share secret encryption in WSE 2.0 Option #1: Use custom security token If you chose this approach, first you need to decide what your token going to look like over the wire.  It is totally up to you, the developer, to choose what format you are going to use to represent your token over the wire, whether it is a binary security token or an xml security token.  Since both the client and the server know the s......

17 of 17 | SecurityTokenManager in WSE 2.0 - The idea of SecurityTokenManager is very powerful.  It provides one single place to extend the WSE built-in token infrastructure.   You can only have one token manager registered for each token type.   Here is a list of things that you can override: 1. Deserialization of an xml element public override SecurityToken LoadTokenFromXml(XmlElement element)  {     // your ideal way to deserialize a token }      Note this deserialization will not only happen for the token appearing under the security header, this process could also happen in other places where an xml element is presented and a security token object is desired.  For example, in the WS-Trust, there is a RequestedSecurityToken elemen......