PSfD: Team Blog

MSMQ with WCF

Windows Communication Foundation (WCF), formally named Indigo, is part of the WinFX and is designed for inter-process communication and building connected systems.  For a basic grounding in this technology check this article on MSDN:

Learn The ABCs Of Programming Windows Communication Foundation

http://msdn.microsoft.com/msdnmag/issues/06/02/WindowsCommunicationFoundation/default.aspx

This article got me interested enough to use it in some code.  One of the first things you find is that it’s really easy to move your data over different transports using the predefined bindings in WCF.  These include: HTTP, TCP, Named Pipes and MSMQ.  The first three work fine but MSMQ takes a bit more work if you are running it in workgroup mode (rather than part of an active directory) as you typically do when testing on a local machine.  Without modifying the configuration you will likely get the following exception on the client when trying to call a method on the MSMQ transport:

System.ServiceModel.Channels.MsmqException

There was an error sending to the queue: Unknown error -1072824273 (0xc00e002f)

The default configuration will try to authenticate you against the active directory and sign the message using a certificate stored in the active directory, neither of which is in place.  To get this working with the January CTP release of WinFX, do the following:

For the ServiceHost:

Using a binding configuration element, set the security mode to none, for example:

    <bindings>

      <netMsmqBinding>

        <binding name="netMsmqConfig">

          <security mode="None" />

        </binding>

      </netMsmqBinding>

    </bindings>

For the client:

Modify the msmqTransportSecurity element placed in the config file, generated by creating a proxy with svcutil.exe, from the defaults generated as follows:

          <msmqTransportSecurity msmqAuthenticationMode="None"

                msmqEncryptionAlgorithm="RC4Stream" msmqProtectionLevel="None"

                msmqSecureHashAlgorithm="SHA1" />

          </msmqTransport>

This has switched off transport and message security for the MSMQ transport.  For evaluating the technology this is ideal as it allows you to examine messages in the queue and get things working quickly.  For a real application you will need to consider your security requirements carefully and avoid using this configuration.

--Chris

Windows Workflow Foundation

This article describes how you can get a great design time experience from your custom Windows Workflow Foundation activities. For more details click here.
For details about the Windows Workflow Foundation go to http://www.windowsworkflow.net .

--Morgan

Unhandled Exception in .Net 2.0

Having just found out the hard way; the way the Framework deals with unhandled exceptions has changed.In v1 the framework will eat any unhandled exceptions that you throw.
If you created a thread which threw an uncaught exception you may never know about it as the framework would eat it for you.
This has all changed in v2 and if you throw an exception out of your ThreadStart function, you process is going to get killed.
Not just the thread, the whole process.
This makes finding unhandled exception nice and obvious, but isn’t going to go down well if you have an existing app that is leaking exceptions.
So before you install v2 of the framework on you production servers (you will have tested it first, right?) you might want to review your code to ensure that you catch (and log) any exceptions. 

Needless to say John Robbins was on top of this months before me, so you can read all about it at:
http://msdn.microsoft.com/msdnmag/issues/05/07/Bugslayer/default.aspx 

-- Neil

IIS & Authentication

Just in case (like me) you didn’t know in IIS6, the default is for every request to the server to be authenticated – even if new requests are using the same session.
Read this for more.
Nice easy perf win :-)

--- Neil

GacUtil

Recently a number of people have been asking about deploying assemblies into the GAC (Global Assembly Cache) using GacUtil.exe. Now GacUtil is strictly a developer tool, and is not intended to be used for general deployment of assemblies, but I can see how some confusion has arisen. Some recent service packs, including .NET 1.1 SP1 and Windows Server 2003 SP1, accidentally left GacUtil.exe behind after installation in the %SystemRoot%\Microsoft.NET\Framework\v1.1.4322 directory. This has led some people to believe that we were shipping GacUtil as part of the .NET Framework.

I contacted the team that own GacUtil.exe, and this was their response, “GacUtil never was moved to the framework from the SDK. It's always only legitimately shipped in the SDK. GacUtil got mistakenly left behind on customer machines after an install of an SP, which is what gives the impression it shipped with the redist. This is being corrected. End-users should not be using GacUtil. This is a dev-only tool, and on retail machines, MSI is the way to install assemblies to the GAC.” Now because the .NET SDK doesn't have a redistribution licence, it means than you would be infringing the licence agreement if you were to include GacUtil as part of your application installation.

So, the recommendation is to use MSI, but not everybody uses MSIs and I've been asked on a number of occasions if there is a .NET API that can be used to install assemblies in the GAC. Well the short answer is no, but there is a Win32 API that you can call through P/Invoke. An example of this can be found here. So there is no reason why you can't develop your own GacUtil if you so wish.

-- Dave

NDOC Revision History Tags

I've been working a lot with NDOC recently and find the new extensibility feature excellent. In the team I'm working with at the moment they wanted to be able to define a revision history section that would be displayed within the documentation, so after reading the docs I knocked up the following tags...

<revisionHistory>
  <revision author="Morgan Skinner" date="08/04/2005">Initial Version</revision>
</revisionHistory>

Then when I compile the documentation I then get the following in the output...

The main issue I came up with was getting the output to look the same as the NDOC stuff - this boils down to using the same CSS styles as are used by NDOC, which aren't well document (well, aren't really documented at all as far as I can see). Being a firm fan of Reflector I had a poke around within the NDoc.Documenter.Msdn2 assembly and found the .xslt files used by NDOC. Then I found the appropriate styles for the stuff I wanted to put in and now have a nice integrated solution.

In order to get all this magic to work, you need to create a .xslt file of your own to process your tags. You set this in the NDOC project using the ExtensibilityStylesheet property of the solution, and that's about all there is to it. I've created another folder in my .NET project called 'Documentation' and stored the .xslt file there (my NDOC project lives in the root directory for my project too). The .xslt for this is shown below...

<xsl:stylesheet version="1.0" 
  xmlns:xsl="http://www.w3.org/1999/XSL/Transform" 
  xmlns:MSHelp="http://msdn.microsoft.com/mshelp">
  <xsl:template match="revisionHistory" mode="after-remarks-section">
    <h4 class="dtH4">Revision History</h4>
        <div class="tablediv">
      <table class="dtTABLE" cellspacing="0" width="100%" >
        <tr valign="top">
                <th width="20%">Author</th>
                <th width="20%">Date</th>
                <th width="60%">Description</th>
        </tr>
        <xsl:call-template name="revisions"/>
          </table>
      </div>
  </xsl:template>
  <xsl:template name="revisions">
    <xsl:for-each select="revision">
      <tr valign="top">
        <td><xsl:value-of select="@author"/></td>
        <td><xsl:value-of select="@date"/></td>
        <td><xsl:apply-templates select="." mode="slashdoc"/></td>
      </tr>
    </xsl:for-each>
  </xsl:template>
</xsl:stylesheet>

The main thing of note here is the use of <xsl:apply-templates select="." mode="slashdoc"/> within the descriptive part of the stylesheet - this ensures that any sub-tags (such as <see>) in your description will be processed by NDOC, thereby permitting you to link to other topics in your help file.

With the stylesheet setup you should now be able to compile your help file and get a new section including the revision history section.

The two styles I'm using here are dtH4 for the heading and dtTABLE. I found these by looking at the .xslt resources within the NDoc.Documenter.Msdn2 assembly. There are a lot of .xslt files included within the assembly but probably the most useful to start looking at is NDoc.Documenter.Msdn2.xslt.common.xslt.

If you would like to download the .xslt file rather than type it in yourself, click here.

Avalon Update

If you've got some time definately consider checking out this Channel 9 Video on Avalon presented by the Avalon Product Team - it's great to see how Avalon is coming along and remember it will be supported on XP, Windows Server 2003 as well as Longhorn!

-- Darren

Registration Free COM Articles

Steve has got some great articles on Registration Free COM, definately worth a read.  This techique is particulary useful for scenarios where you want to run different (incompatible) versions of the same COM component on one machine (which wasn't possible previously due to the registry).

ClickOnce in Visual Studio 2005 uses this approach for COM components as well.

Windows Server 2003 - COM+ 1.5

COM+ 1.5 forms an integral part of Windows Server 2003 and has been much improved over the version that shipped with Windows 2000 Server. Features designed to increase the abilities (scalability, availability and manageability) of COM+ applications have been added.

COM+ Partitions
In this release, COM+ introduces support for COM+ partitions, a feature that allows multiple versions of COM+ applications to be installed and configured on the same machine. This feature can save cost and time-consuming effort of using multiple servers to manage different versions of an application or building services into the application to handle different versions of components. On a single machine, each partition acts, in effect, as a virtual server.

COM+ Services Without Components
With COM+ 1.5, you can use the services provided by COM+ without needing to build a component to contain the methods that call those services. This greatly benefits developers who do not normally use components but want to use COM+ services such as transactions or the COM+ Tracker. By using COM+ services without components, developers can avoid the overhead of creating a component that is used to access only the COM+ services that are required.

Application Recycling
Application recycling significantly increases the overall stability of COM+ applications. Because the performance of most applications can degrade over time due to factors such as memory leaks, reliance on third-party code, and non-scalable resource usage, COM+ application recycling provides a simple solution to gracefully shut down a process associated with an application and restart it.

Process Dumping
Troubleshooting applications in a production environment can be very difficult without disturbing the running processes. COM+ now provides a solution through its new process dump feature. This feature allows the system administrator to dump the entire state of a process without terminating it.

References:

• COM+
• COM+ Services Without Components

-- James

Windows Server 2003 - IIS 6.0

IIS 6.0 is a ground up rewrite of the previous incarnation of IIS, version 5.0. IIS has been redesigned to improve aspects of all the main feature areas: reliability, availability, manageability, scalability and performance.

Fault-tolerant process architecture
The IIS 6.0 fault-tolerant process architecture isolates Web sites and applications into self-contained units called application pools. Application pools provide a convenient way to administer a set of Web sites and applications and increase reliability, because errors in one application pool cannot cause another application pool, or the server itself, to fail.

Health monitoring
IIS 6.0 periodically checks the status of an application pool with automatic restart on failure of the Web sites and applications within that application pool, increasing application availability. IIS 6.0 protects the server, and other applications, by automatically disabling Web sites and applications that fail too often within a short amount of time.

Automatic process recycling
IIS 6.0 automatically stops and restarts faulty Web sites and applications based on a flexible set of criteria, including CPU utilization and memory consumption, while queuing requests. IIS 6.0 also maintains the client TCP/IP connection when a worker process is being recycled, isolating Web services client applications from back-end Web application instability.

Rapid-fail protection
If an application fails too often within a short amount of time, IIS 6.0 will automatically disable it and return a "503 Service Unavailable" error message to any new or queued requests to the application. Custom actions, for example, a debugging action or administrator notification, can also be triggered. Rapid-fail protection can protect a Web server against denial of service attacks.

XML-based configuration file
The XML-formatted, plain text metabase in IIS 6.0 provides improved backup and restore capabilities for servers that experience critical failures. It also provides improved troubleshooting and metabase corruption recovery. Direct editing, using common text editing tools, provides greater manageability.

Edit-while-running
IIS 6.0 gives administrators the important capability to change the server configuration while the server continues running. For example, this feature can be used to add a new site, create virtual directories, or change the configuration of application pools and worker processes—all while IIS 6.0 continues to process requests—with no recompilation or restart required.

Command-line and script-based administration
IIS 6.0 administrators can use the Windows Server 2003 command-line to accomplish many common management tasks. With a single command, administrators can manage multiple local or remote computers. IIS 6.0 also features a complete scripting environment for automating common system administration tasks from the command-line without having to use a graphical user interface.

Support for WMI
IIS 6.0 provides full support for Windows Management Instrumentation (WMI), giving Web administrators access to important system management data, such as performance counters and configuration files. The WMI interfaces, similar in nature to the Active Directory Service Interfaces (ADSI) that are still supported, are used in administration scripts and can also be used to modify the XML-based configuration metabase.

Server Consolidation
IIS 6.0 performance has increased dramatically over previous versions of the server, with a single server able to host many more sites and applications.

Site scalability
IIS 6.0 has improved the way the operating system uses internal resources. For example, IIS 6.0 does not pre-allocate resources at initialization time. Many more sites can be hosted on a single server running IIS 6.0, and a larger number of worker processes can be concurrently active. Starting up and shutting down a server is faster, compared with earlier versions of IIS. All of these improvements contribute to increased site scalability with IIS 6.0.

New kernel-mode driver, HTTP.sys
Windows Server 2003 introduces a new kernel-mode driver, HTTP protocol stack (HTTP.sys), for HTTP parsing and caching, providing increased scalability and performance. IIS 6.0 is built on top of HTTP.sys and is specifically tuned to increase Web server throughput.

Web gardens
IIS 6.0 worker process isolation mode also enables multiple worker processes to be configured to service requests for a given application pool, a configuration known as a Web garden.

Processor affinity
Processor affinity, when set, enables IIS 6.0 worker processes to run on specific microprocessors or CPUs. Processor affinity can also be used with Web gardens that run on multiprocessor computers where clusters of CPUs have been dedicated to specific application pools.

Increased Security
IIS 6.0 is far more secure than IIS 4x or IIS 5x, with many new features designed to increase the security of the Web infrastructure. IIS 6.0 is also "locked down" out of the box with the strongest time-outs and content limits set by default.

Locked-down server
IIS 6.0 provides significantly improved security. To reduce the attack surface of systems, IIS 6.0 is not installed by default on Windows Server 2003—administrators must explicitly select and install it. IIS 6.0 ships in a locked-down state, serving only static content. Using the Web service extension node, Web site administrators can enable or disable IIS functionality based on the individual needs of the organization.

Web service extensions list
The default installation of IIS will not compile, execute, nor serve files with dynamic extensions. In order to have them served, each acceptable file extension must be added to the Web service extensions list. This requirement prevents anyone from calling a page with a dynamic extension that has not been secured.

Default low-privilege account
All IIS 6.0 worker processes—by default—run as Network Service user accounts, a new, built-in account type with limited operating system privileges, on Windows Server 2003. All ASP built-in functions always run as low-privileged accounts (anonymous user).

References:

• Top 10 Benefits Microsoft.com Realized by Using IIS 6.0
• What's New in Internet Information Services 6.0
• Technical Overview of Internet Information Services (IIS) 6.0

-- James

Windows Server 2003 - Security

As part of its commitment to reliability security and dependable computing, Microsoft has reviewed every line of code underlying its Windows Server family as part of its enhanced effort to identify possible fail points and exploitable weaknesses.

Increased Web Server Security
The new basic security features of IIS 6.0 have already been discussed, but there are also some advanced security features in IIS 6.0 that include: selectable cryptographic services, advanced digest authentication, and configurable access control of processes.

SSL Client Authentication Improvements
In Windows Server 2003 the SSL session cache can be shared by multiple processes. This reduces the number of times a user has to re-authenticate with applications, and reduces CPU cycles on the application server. This leads to a performance improvement of over 35 percent when using the secure sockets layer (SSL).

Active Directory Application Mode (ADAM)
ADAM is an independent mode of Active Directory that provides dedicated directory services for applications. Although ADAM independently provides directory storage and access for applications, ADAM uses the same standard application programming interfaces (APIs) as Active Directory to manage and access the application data. The resulting conceptual and programming compatibility makes ADAM ideal for applications that require directory services, but do not require the complete infrastructure features of Active Directory. ADAM does not ship with Windows Server 2003 but it is available as a free download from Microsoft.

References:

• What's New in Windows Server 2003 Security
• Technical Overview of Windows Server 2003 Security Services
• Active Directory Application Mode (ADAM)

-- James

Windows Server 2003 - Core enhancements

In the development for Windows Server 2003, much work was done to improve the scalability of the kernel (the core set of functionality that the entire operating system relies on). Detailed analysis, with both software and hardware tools on systems with up to 32 processors, resulted in the improvements being made in the following key areas:

• Scheduling
• Memory management
• Kernel spinlocks
• Heap
• Processes, threads, handles, objects, and named pipes

Compared to Windows 2000 Server, Windows Server 2003 is:

• Half as fast again as a file server.
• Three times faster serving dynamic Web content.
• Three times faster serving static Web content.
• Three times faster performing LDAP operations.

References:

• Windows Server 2003 Kernel Scaling Improvements
• Lab Report: Windows Server 2003 Outperforms Predecessors
• Windows Server 2003 Benchmarks

New MSDN Article on extending Windows common dialog boxes

Martin Parry from our team has recently written a MSDN article on how to place your own Windows Forms controls insde the Windows common dialog boxes, check it out!

Reasons to migrate to Windows Server 2003

I realise that this is a bit late for many people, but I have been helping one of my customers with a justification to move to Windows Server 2003 from Windows 2000 Server. It is specifically targeted at the main application that they develop which is a .NET Framework 1.1 based smart client app that talks, via Web Services, to a server side app also written for .NET 1.1 (this stores data in a set of SQL Server 2000 databases). I will post a series of articles extracted from this justification.

Please note: this is not an exhaustive list - it is simply the features that are of interest for this particular application.

But if you are going through a similar process at the moment it might be useful to paste this information into a document for the perusal of the powers that be.

-- James

Welcome to the new Microsoft UK PSfD Team blog!

Welcome to the new Microsoft UK PSfD Team blog!

PSfD is a team of Application Development Consultants based in the UK. There are around 20 consultants currently in our team all of whom have strong developer backgrounds.

We work with a broad range of customers from small ISVs (Independent Software Vendors) up to large enterprises, and we engage in all aspects of the software development lifecycle from architecture through to performance and scale testing.

We get involved in all kinds of development-related work including reviewing application design or specific code, helping to troubleshoot problems, writing code samples, delivering training, and do just about anything else involved with software development.

In the course of our day-to-day activities we cover virtually every Microsoft technology for which development makes sense and, as a result, we have lots of information, advice, samples, etc. to share. Hence, we’ve launched this blog.

Darren Jefford, Adrian Bateman, Steve White, Morgan Skinner and Martin Parry are PSfD team members who already have blogs, so those will give you an idea of what you can expect to see. We intend to aggregate some of those blog entries into this main feed.

We hope you’ll find the blog interesting. If you’ve got any requests for things you’d like to see then please let us know!

--Darren