Alik Levin's : WCF

How To Generate Unit Test Using WCF Load Test – Quick Steps

alikl — Mon, 29 Jun 2009 09:13:31 GMT

This is quick summary of steps for creating WCF Unit Tests using WCF Load Test available for free on Codeplex. This quick summary created based on the Lab materials that ship with the tool.

Quick Resource Box

WCF Load Test

Summary of steps

Step 1. Configure message tracing in the app.config file on client side.
Step 2. Run WCF client to invoke the remote methods and generate trace file.
Step 3. Generate Unit test based on trace file.

Step 1. Configure message tracing in the app.config file on client side.

Select the Diagnostics folder.
Under Message Logging click Enable Message Logging.
Click Log Level and check Service messages. The other options can be unchecked.
Click ServiceModelMessageLoggingListener and change the file name to be “WCFClient.svclog”.
Under the Message Logging folder enable LogEntireMessage.
Save the configuration file.

Step 2. Run WCF client to invoke the remote methods and generate trace file.

Run your WCF client. Make sure WCFClient.svclog generated. This log file will be used in the next step to generate Unit Tests

Step 3. Generate Unit test based on trace file.

Create a new test project in Visual Studio.
Add a reference to the following assemblies:
- System.ServiceModel
- System.Runtime.Serialization (version 3.0.0.0)
In the directory containing the test project create a file called SampleConfig.xml with the following contents:

<?xml version='1.0' encoding='utf-8' ?>
<WcfUnitConfiguration xmlns='http://microsoft.com/wcfunit'
                           testMethodMode='ScenarioMethodOnly'
                           operationTimerMode='IncludeOperationTimers'>
       <assembly fileName="C:\Client\bin\Debug\ConsoleClient.exe"/>
     <soapActions soapActionMode='Include'>
     </soapActions>
</WcfUnitConfiguration>

Open an SDK command prompt and change the directory to the one containing the test project.
Execute the following command:
svcutil /o:proxy.cs /config:app.config http://localhost:8090/service?wsdl
Run the command-line tool using the following command:
“c:\program files\wcfunit\wcfunit” CompileTimeScenario <trace file> SampleConfig.xml where the <trace file> is the path to the WCFClient.svclog file created in the previous exercise.
Add generated files (CompileTimeScenario.cs and CompileTimeScenario.stubs) to the test project.
Rename CompileTimeScenario.stubs to CompileTimeScenario.Stubs.cs.
Also add the proxy.cs and app.config files located in the client project folder to the test project.
Build the solution and a Unit Test called CompileTimeScenario should appear in the Test View.

patterns & practices Improving Web Services Security: Scenarios and Implementation Guidance for WCF - BETA Is Out

alikl — Thu, 05 Jun 2008 06:57:27 GMT

patterns & practices team has just released a beta version of WCF Security Guide on Codeplex. Download the guide at http://www.codeplex.com/WCFSecurityGuide.

Original announcement by J.D. Meier, the man behind the effort, is here - New Release: patterns & practices WCF Security Guide (BETA)

WCF Security - Input/Data Validation Using Schemas

alikl — Sun, 25 May 2008 17:52:48 GMT

WCF offers very flexible approach of Input and Data Validation based on XML Schemas. The approach is flexible since the validation rules are expressed in form of XML schema and can be changed at any time without recompiling the solution.

I followed the steps detailed in How To: Perform Message Validation with Schema Validation in WCF and ended up with another working sample (imagine that!).

It took me a bit to struggle with the schema thing and then enabling debugging info on the service side (remember, WCF is secure by default) to understand what's going on and why it fails time after time.

In the end me and WCF made friends and I'd thought it'd be good to share with you the Visual Studio project. Download it here from my SkyDrive and save yourself some time.

My related posts

WCF Security - Input/Data Validation Sample Visual Studio Project

Enjoy.

WCF Security - Input/Data Validation Sample Visual Studio Project

alikl — Sun, 25 May 2008 14:17:44 GMT

Input and Data Validation is one of the core security principles. WCF is no exception. To get most out of WCF in secure way one must implement proper Input and Data Validation.

I was following instructions on How To – Perform Input Validation in WCF compiled by patterns&practice team lead by JD Meier.

In a nutshell the process consists of creating 3 classes and tweaking a config file a "bit".

From the guide:

Step 4 – Create a Class That Implements the Validation Logic
Step 5 – Create a Class That Implements a Custom Endpoint Behavior
Step 6 – Create a Class That Implements a Custom Configuration Element
Step 7 – Add the Custom Behavior to the Configuration File
Step 8 – Create an Endpoint Behavior and Map It to Use the Custom Behavior
Step 9 – Configure the Service Endpoint to Use the Endpoint Behavior

I ended up with working sample built with Visual Studio 2008. I though it'd be good idea to share it to help you boost your productivity.

Grab the Visual Studio project on my SkyDrive here.

Enjoy

patterns & practices WCF Security Guidance Project - live on Codeplex

alikl — Wed, 02 Apr 2008 10:53:10 GMT

patterns & practices has recently released WCF Security Guidance Project. JD, the program manager behind the effort, has been blogging about it too.It is evolving project but the initial content is fantastic already. It has Application Scenarios, Video Index, but my favorites are How-To's:

Pure love.

How To Consume WCF Using AJAX Without ASP.NET

alikl — Mon, 18 Feb 2008 23:35:21 GMT

How to consume WCF services directly from Html client? How to add AJAX-like functionally to application that does not natively support ASP.NET AJAX like classic ASP, ASP.NET 1.1, or PHP?

WCF that ships with .Net 3.5 provides capability to consume it from any JavaScript enabled client via XML or JSON encoding. There is new built in webHttpBinding that supports either JSON or XML encoded messages to be sent to WCF services.The functionality can dramatically improve performance and user experience.

This post summarizes the steps to create and consume basic WCF service using webHttpBinding binding.

Summary of Steps

Step 1 – Create WCF service.
Step 2 – Configure WCF end point.
Step 3 – Create JavaScript to invoke WCF service.
Step 4 – Test the solution.

Next section describes each and every step in details

Step 1 – Create WCF service

Open Visual Studio and create new WCF service project by choosing "WCF Service Application" template under "Web" project type. Name it Wcf2Ajax. Open IService1.cs file and create OperationContract as follows:

        1: [ServiceContract]

       2:  public interface IService1

       3:  {

       4:  

       5:      [OperationContract]

       6:      string Sum2Integers(int n1, int n2);

Open Service1.svc.cs file and add public method that accepts to integers and returns the sum of it. This is the functionality that will be exposed by the WCF service and consumed by JavaScript enabled client:

       1: public class Service1 : IService1

       2: {

       3:     public string Sum2Integers(int n1, int n2)

       4:     {

       5:         int result = num1 + num2;

       6:  

       7:         return result.ToString();

       8:     }

Step 2 – Configure WCF end point

Open web.config file and add <binding> section to <system.serviceModel section. Add <webHttpBinding> to binding section:

<system.serviceModel>
  <bindings>
    <webHttpBinding>
      <binding name="AjaxBinding"/>
    </webHttpBinding>
  </bindings

Add AjaxBehavior to <behaviors> section to support WCF invocation via AJAX:

<behaviors>
  <endpointBehaviors>
    <behavior name="AjaxBehavior">
      <enableWebScript/>
    </behavior>

Configure WCF service's endpoint to use newly created binding:

<endpoint address="ajaxEndpoint" 
          behaviorConfiguration="AjaxBehavior" 
          binding="webHttpBinding" 
          bindingConfiguration="AjaxBinding" 
          contract="Wcf2Ajax.IService1">

Step 3 – Create JavaScript to invoke WCF service

Add Html file to the solution by right clicking on the solution node in solution explorer and choosing "New Item..." and then "HTML Page" template. Name it WCFConsumer.htm. Add few HTML controls - two text boxes to accept two integers, one pure HTML button to trigger WCF call, and <span> element to present the result:

<input type="text" id="num1" />
<input type="text" id="num2" />
<br>
<input type="button" onclick="CallWcfAjax()" value="Call WCF via AJAX" />
Result <span id="result"></span>

Add <script> block to <header> section and add JavaSctip that builds HTTP request and wires invocation function to some event, say button click:

    <script type="text/javascript">
    function CallWcfAjax()
    {
        var xmlHttp = new ActiveXObject("Microsoft.XmlHttp");

        var url = "Service1.svc/ajaxEndpoint/";
        url = url + "Sum2Integers";

        var body = '{"n1":';
        body = body + document.getElementById("num1").value + ',"n2":';
        body = body + document.getElementById("num2").value + '}';
          
        // Send the HTTP request
        xmlHttp.open("POST", url, true);
        xmlHttp.setRequestHeader("Content-type", "application/json");
        xmlHttp.send(body);

        // Create result handler 
        xmlHttp.onreadystatechange= function X()
        {
        
             if(xmlHttp.readyState == 4)
             {
                  result.innerText = xmlHttp.responseText;
             }
        }
    }
    </script>

Step 4 – Test the solution

Build the solution and navigate to WCFConsumer.htm. Provide two integers to both text boxes and hit "Call WCF via Ajax" button. You should expect for result similar as depicted below:

Parse the result to your needs.

My related post

Related resources

Creating WCF AJAX Services without ASP.NET

Download Visual Studio 2008 project with the sample from my SkyDrive

Examining WCF Diagnostic Traces Using Service Trace Viewer Tool (SvcTraceViewer.exe)

alikl — Tue, 23 Oct 2007 16:52:57 GMT

Service Trace Viewer Tool (SvcTraceViewer.exe) tool comes with Microsoft® Windows® Software Development Kit for Windows Vista™ and .NET Framework 3.0 Runtime Components. It allows to view WCF diagnostics traces in very convenient way. "Using Service Trace Viewer for Viewing Correlated Traces and Troubleshooting" article explains how.

Specifically I used it for two scenarios

Troubleshooting when implementing Message Security with a Windows Client without Credential Negotiation. Using SvcTraceViewer.exe I spotted the following error message: "The security timestamp is invalid because its creation time ('9/19/2007 5:43:39 PM') is in the future. Current time is '9/19/2007 8:43:42 AM' and allowed clock skew is '00:05:00'." I immediately understood that machines clocks are out of sync - which is super important for Kerberos to work properly.
Examining message sizes with different protection mechanisms and levels. I needed to understand the impact of data protection mechanisms on general performance. See How Message and Transport Security compare.

Related posts

WCF Security In Intranet Scenario : Thoughts On Cons and Pros

How To: Create a “Hello World” WCF Service Using Visual Studio And IIS 6.0

alikl — Tue, 16 Oct 2007 08:39:28 GMT

JD Meier walks through the creation of simple WCF services to be hosted in IIS 6.0.

Summary of Steps

Step 1. Create the test service
Step 2. Add a Hello World Method
Step 3. Test your WCF service
Step 4. Enable meta-data for your WCF Service.
Step 5. Create the test client.
Step 6. Add a Web Services reference to your WCF Service.
Step 7. Add the namespace to your
Step 8. Call your WCF service

Must have in my developer toolbox.

WCF Security In Intranet Scenario : Thoughts On Cons and Pros

alikl — Thu, 26 Jul 2007 15:54:13 GMT

I am researching on best practices with WCF security in terms of "YOU SHOUD" vs "YOU CAN". While it is great to have "How to" stuff I am also interested in "Why" angle. I have common simple scenario of WinForms client consuming WCF service inside corp walls with Active Directory deployed. Here is what I came up with while looking at Hosting Services and Common Security Scenarios.

I have built simple Hello World WCF service that accepts Person object/message and echoes back "Hello, " + Person.FirstName. I was using DataContract serialization. I think it really does not matter what it does in terms of biz logic. What really matters for me is how to host it, what binding to apply, and what security settings to configure.

For my intranet scenario "Message Security with a Windows Client without Credential Negotiation" would fit most I think. It utilizes Active Directory for authentication and message protection in transit as well saving me from messing with certs, transport level protection SSL, IPSEC style and plain vanilla UserName and Passwords. I think it is great and apparently it is a pro part from security stand.

Since it uses wsHttpBinding binding I thought it would be natural choice to host it in IIS rather self hosted as it shows up in the example. Here I earn what IIS has to offer vs what I can write in C#...

I also implemented scenario where I used basicHttpBinding with security set to None...

I fired up Fiddler2 to see what runs on the wire in both cases. The difference was pretty notable in terms of response time and payload size. Of course all these goodies that come from using Kerberos from my Active Directory friend - authentication and message protection - have their cost in terms of performance. I guess it is cons part from performance stand. I presume the time is spent for negotiation with Domain Controller and for cryptographic operations - encryption and signing - for message protection. The other cons part would be message size that naturally inflates when encrypted.

All my experiments are done with my demo lab domain that is totally based on VPC 2007 so the numbers should be taken with caution but I presume that it can give some food for thoughts. Consider simple message as follows:

<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">

<s:Body>

<a:FirstName>Alik</a:FirstName>

<a:LastName>Levin</a:LastName>

</person>

</SayHello>

</s:Body>

</s:Envelope>

Here is what I captured using Fiddler:

	basicHttpBinding	wsHttpBinding
Message Encryption		V
Message Signing		V
Bites sent	584	8,014
Bites received	420	5,286
Time to last byte	20 ms	231 ms

Conclusion

When designing my next WCF solution for intranet scenario I will sure try to utilize current IT investment like AD and IIS to provide first class security and hosting services while saving on maintenance costs. On other hand I must take into account performance part, this consideration should reflect on message size - for example, think twice when tempted to use DataSet as DTO. It should also reflect on hosting options - using IIS 6.0 allows me to utilize Http traffic only.

Here is my take on intranet scenario where Windows 2003 Active Directory and IIS 6.0 deployed:

Utilize AD for message security and authentication.
Host WCF in IIS 6.0. If I had Windows Server 2008 with IIS7 I'd go for WAS hosting for sure since it allows binding other than Http and I presume this should improve performance.
Do not use DataSets for DTO rather carefully design custom most lightweight DTO (yes, invest as much time as needed for that one).
Use DataContract serialization with opt-in approach (allows fine tune what gets to the wires and what is not).

You have better suggestion for me around intranet scenario? If so, do not hesitate and drop me a line.

Here is even more food for thoughts A Performance Comparison of Windows Communication Foundation (WCF) with Existing Distributed Communication Technologies

Bon appetite.

How To Hack WCF - New Technology, Old Hacking Tricks

alikl — Sun, 04 Mar 2007 23:11:00 GMT

First of I'd like to thank Guy for his excellent screencast - very convenient, so thanks.

Specifically I liked introductory screencast for WCF which can be found here: http://blogs.microsoft.co.il/blogs/bursteg/pages/WCF-Introduction-Demo-_2800_ScreenCast_2900_.aspx

It is dubbed in Hebrew, but the screens are flipping in so logical way so that one who does not understand Hebrew will be fine - go for it - recommended a lot for WCF newbies like me.

My interest was to understand the pipeline that the WCF Message goes through before it is put on the transport. The idea was to inject some custom modules (Inspectors) in the pipeline. Why? Is not it clear? To mess around with the message - tamper it in it raw format before it goes down to the transport signed and protected. Why? To show that it DOES NOT matter what communication technology you use - HTTP, Remoting, MSMQ, WCF, RMI, CORBA, DCOM, MQ, <<fill in your own here>> - the basic principle of VALIDATING INPUT ON THE SERVER SIDE is immutable.

Here I showed it for Web Services App Architecture with Security in mind - Video, Part I (that was easy - Fiddler is of much help here)

Then remoting came along - same result, here App Architecture with Security in mind - Video, Part II

Now it is mighty WCF.

I used excellent demo from Madhu here http://blogs.msdn.com/madhuponduru/archive/2006/07/19/671922.aspx that explained how to build IClientMessageInspector (NOTE - demo that works!)

So here is the service contract:

and the implementation:

and the client side validation:

here is the client rejects the input:

and here is the result of server processing for good input:

after adding the custom message inspector, I am offered to tamper the massage before it is sent to the service and the resulting reply from the service is in red at the bottom:

Conclusion

Does that mean that the communication technologies are bad? - NO, it is the way WE use it.

Here is an basic example for input validation in Web Services Web Service Input Validation - it has link to regex usage that you can use on the server side for input validation.

Enjoy