DTC and the 2 Phase Commit Protocol
Atomic Transactions rely on automatic commit and rollback actions. Therefore they need a system to manage these actions implicitly. The name of this system is Transaction Manager.
There are multiple kinds of transaction managers, each used for a certain transaction protocol. For a detailed discussion check my WCF Transactions Pluralsight course. But for the sake of this discussion, we care about the WS-AT protocol, and a particular Transaction Manager – called the Distributed Transaction Coordinator – or DTC.
DTC is familiar to most developers, and is capable of managing transactions across process and machine boundaries.
DTC and Atomicity
So DTC has a tough challenge: while the Consisteny, Isolation, and Durability attributes are managed by Resource Managers (RMs), DTC must preserve the atomicity attribute, and it must do this over multiple participants that are most probably distributed over multiple machines.
In the previous article we understood WS-Trust and WS-Federation and saw briefly how they are used with WCF. Now let’s see an example of how to configure a WCF service to delegate authentication to an STS.
Here I will configure my WCF service to delegate authentication to ADFS. The federation service namespace is “fs1.lab1.local”.
The following section sets the service certificate; the one that will be used to access the service over SSL (this is a self-signed certificate using makecert):
The need for WS-Trust
In a previous article I talked about how clients use WS-Security to authenticate themselves to services using variety of tokens. So if authentication is covered by WS-Security, what exactly does WS-Trust bring to the table?
To answer this, let’s consider the simple scenario of a client wanting to authenticate to a service. As you have seen before, the client will have to present its token to the service. So the first clear disadvantage is that the authentication logic is actually part of the service. Services should satisfy business needs only, and service developers should worry about business only. Anytime spent creating authentication logic is a wasted time from the perspective of business.
Now, what if the service – who used to accept username tokens for authentication – had its policy changed, and now requires client certificates? This requires change to the service policy and code because authentication logic is actually part of the service.
To run the samples download this solution:
I will point out what each project in the solution does in corresponding section.
Steps Overview to configure WS-Security in WCF
Bindings and Behaviors
In general WCF security can be configured using Bindings and Behaviors.
- Using Bindings you can configure message protection and authentication types.
- Using Behaviors you can configure credentials to be used for message protection and authentication as well as credential validation settings
Security Configuration settings – just like the majority of WCF configurations – can be set in the configuration files or programmatically. There are some exceptions to this rule where some configuration can be set only by code; for example, setting usernames and passwords can only be done programmatically in order not to allow developers to hard code these values in the configuration file.
Overview of steps to configure WS-Security
WCF provides a configuration model to set every aspect of WS-Security. This configuration can be achieved in 3 steps:
In Step1, we set the Basic Message Security Settings:
- First, you configure the service to use a binding that supports WS-Security. As is the case in most examples in this course, I will be using the WSHttpBinding
- You then set the service to use Message security. For some bindings, this is the default security mode anyway, but explicit configuration is required when you need to edit the default settings.
- Then you select the sensitive data you want to secure. Recall that a main advantage of message security over transport security is the ability to selectively secure parts of the message, thus reducing overhead.
The Need for Security Standards
Communicating systems or services have to deal with tough challenges when it comes to secure messaging. If a system is sending a message to another, this requires the implementation of important security measures.
- First, the receiving system must authenticate the sender before accepting its message. It must verify that the sender is indeed whoever claims to be.
- During transmission, intruders may be able to peek into messages. If these messages contain sensitive data, then data privacy becomes an issue. Intruders must not be able to understand what they just saw.
- Another concern during transmission, is Data Accuracy – or Integrity – which means that If an intruder intercepts the message and modifies it, this modification must be detected by the receiving system.
The WS-Security Standard
WS-Security is the foundation layer on top which other security standards are created. The WS-Security standard also uses another two important standards, these are XML-Encryption and XML-Signature. These standards were created to secure XML documents independent of SOAP and the WS-* stack. But the WS-Security standard then used these standards to secure SOAP messages.
The Case for Reliable Messaging
The success of interaction between a service consumer and a service provider, is clearly dependent on how much reliable the underlying transport protocol is. However when it comes to networks, we know that even in the most reliable setups, all sorts of things can go wrong.
Let’s consider some scenarios of common problems that might occur during communication between a client and a service.
Lets start by the simplest of scenarios: a client tries to send a message to a service. However, during transmission, something goes wrong on the wire, and the message cannot be delivered.
In this case, there should be a way for the client to be notified about the transmission failure, so that it can send the message again.
In this scenario, the message is actually received at the service. However, before the service could confirm (or acknowledge) the client that it received the message, again there was a problem in the network, and the service does not receive the acknowledgment. In this case, the client risk sending the same message again, which will result in message duplication at the service side.
Need for MTOM
Exchanging different types of binary files between business entities is a common business need. To be transmitted within a SOAP message, these files must be represented as binary data.
Using the default SOAP serialization, only characters are allowed to be transferred within a SOAP XML message. Therefore, for binary data to be transferred within a SOAP message, it must be encoded as characters using base64 encoding.
Binary data encoded as base64 is represented as text. This text is then transferred as part of the SOAP message. Now, this can drastically increase the message size, which can become an issue especially over low-bandwidth networks.
SOAP is NOT Dead!
This is not another REST vs. SOAP discussion. There are endless debates on this topic, that you hardly need yet another view.
This section just tells one thing: While REST has become the preferred choice to build web services, SOAP is not dead just yet.
To understand why SOAP is not dead yet, you need to recall that today, the use of web services can be broadly divided into three set of scenarios:
- Web services that manipulate data entities (or what are commonly called web resources in the web space); these services are known as Web APIs
- Web APIs that are built using the REST architectural style (where hypermedia takes central stage)
- And ‘traditional’ SOAP-based Web services that are used commonly in application or enterprise integrations
Practically there is no competition in the web domain: Web APIs and REST have become the dominant choices for building services that manipulate web resources.
However, in the domain of application and integrations such as middlewares, ESBs, and SOA; SOAP is very much still alive.
So Why is SOAP Still Alive?
Now the reason SOAP is still alive is not necessarily because it’s better than WebAPI/REST in this domain. This is debatable as WebAPI/REST advocates believe WebAPI/REST can be used for enterprise integrations even better than SOAP ever did. While SOAP advocates believe that SOAP and the WS-* standards capabilities still make them the better option for certain scenarios.
i faced this issue recently and hope it helps someone…so here we go:
a service provider gave me a XML Webservice to consume. this service was SSL secured and they gave us the certificate to install. However, they did not give us the CA…lets move on.
i created a .net console app to test the web service and of course i had to write the code to ignore the certificate warning since again i did not have the CA. now do not judge me just yet 🙂 instantly i mailed the web service owner asking for the CA; but it took some time…
so meanwhile, my console app worked just fine. now i went to my main ASP.NET application and used the same code to invoke the web service…and there was a big problem: the first call took forever (more like 30 seconds really), then the subsequent calls were fast until my application is restarted!
now since the console application worked just fine (first call was fast) but the problem was only in the ASP.NET application i moved my attention immediately to the serialzation issue.
i read alot about how the serializer dll might take time to load the first time and thus the first call was slow. Now although this does not really explain why the problem occured only when calling the web service from my IIS hosted web site; however, i still used the SGen tool to pre-generate the serializer assembly in the form of [myproxyassemblyname].XmlSerializers.dll and put it inside my bin folder but without any result…still the first call was too slow.
Note: instead of using the SGen tool you can use the compile options from VS and turn on the generate serialzer assembly option which will create the serialzer dll for you…
now out of no where, the service provider sent my the CA. i installed it in the trusted root certificate authorities folder, removed the warning-ignoring code and boom the first call was fast and the problem was solved!
thinking about it, the SSL handshake on the first call was taking a lot of time to find a problem in the CA and generating a warning.
i have to admit though, it was a by chance. because till this moment i do not know why the console app did not complain about the SSL handshake (or to be more accurate, the SSL handshake did not take much time) while when from IIS the SSL handshake took about 30 seconds…the first logical explanation – although do not quote me on this – is that the IIS worker process was much slower than the .NET managed assembly (console app) in dealing with the SSL handshake issues…
anyway, i can live with this for now 🙂