Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
WEB404 ASP.NET Web Service Internals “I didn’t know you could do that!” Clemens Vasters ([email protected]) newtelligence AG In an ideal world … … there would only be XML superheroes … SOAPERMAN … like this guy. However … Many developers … Ooops! Many developers … … need help and easy-to-use tools … … and that‘s true for very many. ASP.NET Bigotry – The Good Very simple: You just write classes and methods Simple enough for everybody Write, compile, done The WSDL contract is generated on the fly Wire format is rendered on the fly Proxies are automatically code-generated ASP.NET Bigotry – The Bad Too simple: You just write classes and methods Suggests that a Web Service is just like anything else The WSDL contract is generated on the fly Contract should dominate the programming model Wire format is rendered on the fly Somewhere in deep inside the infrastructure Proxies are automatically code-generated Hard to maintain customized versions The Middle Ground Many developers need simplicity They have no time to deal with XML philosophy They have no time to carefully craft Schema and WSDL They have no time to even learn Schema or WSDL They have even less time to deal with GXA, etc. Whether we like it or not … … the programming model must be kept easy … it's hard to move from RPC to messages Bridging the gap is an infrastructure job. [CheckArguments] Data Authentication Transactions Monitoring Validation and and and and Authorization Diagnostics Reliability Security [TipTransaction] [PrincipalPermission] [ExceptionMonitor][MethodStatistics] [WebMethod] public string MakeReservation( [MinLength(8), MaxLength(8)] string FlightCycleId, [Between(1,100)] int Row, [Between('A','K')] char Seat, [Match(@"[A-Z]")] string Fare, [MinLength(1),MaxLength(80)] string FirstName, [MinLength(1),MaxLength(80)] string LastName, [OneOf("MR","MRS")] string Title, [Match(@"[0-9]*"),MaxLength(20)] string CustomerCode) Building A Pipeline Identity Timestamp Signature etc Authentication User access to service WebMethod Access Control Transport Runtime Logging, Monitoring Usage Control Signature Conversation Managmt. WSE Pipeline stages and SOAP extensions HTTP Infrastructure Logging, Monitoring Access Decrypt Accounting Timestamp Billing Statistics Royalties Availability Performance Encrypt Encryption Conversation Managmt. Asynch. messaging support Queuing Service Implementation ASP.NET Runtime Environment HTTP Request Host environment: IIS with authentication infrastructure and additional ISAPI filters for compression, etc. ASP.NET hooked into IIS via ISAPI Filter and Extension for .asmx extension (customizable) ASP.NET: Managed runtime running as separate process. Processes IIS requests asynchronously. Doesn't tie up IIS threads. HTTP Module chain allows for raw data filtering and processing. Modules are hooked in as callbacks. Web Service Request Handler maps request to WebService class and method. SoapExtensions hooked in as callbacks. [SoapMethod] Host (IIS) ISAPI Filters ASP.NET HTTP Runtime HTTP Module HTTP Module WS Request Handler Soap Extension Soap Extension Target Service ASP.NET „SOAP Extensions“ Plug-in architecture for ASP.NET Web Services Declarative and configurable plug-ins for Web Services Can intercept and manipulate payloads and headers Interception-driven functionality Can extend WSDL and inject code into proxies ServiceDescriptionFormatExtension Injects attributes into WSDL ServiceDescriptionReflector reads metadata Injects "operation binding" into WSDL ServiceDescriptionImporter reads WSDL Injects code into CodeDOM at proxy creation time The Pipeline Call Chain SoapExtension BeforeDeserialize Handler BeforeDeserialize Handler AfterDeserialize Handler AfterDeserialize Handler BeforeSerialize Handler BeforeSerialize Handler AfterSerialize Handler AfterSerialize Handler Chained Copy [WebMethod] Web Service Request Handler Request Stream SoapExtension Chained Copy WSE Pipeline Transport-independent pipeline Hooked into ASP.NET using SOAP Extension Can be used outside of ASP.NET Can intercept and manipulate payloads and headers Interception-driven functionality Infoset based, not stream based Eliminates stream-writes/reads for every stage WSE Pipelines Endpoint SoapOutputFilter Endpoint Header Header SoapInputFilter Input message Body Body SOAP message SOAP message B A Transport BA BA SoapInputFilter Header Header Body Body SOAP message Output message SOAP message SoapOutputFilter The WSE Pipeline SoapInputFilter ProcessMessage SoapInputFilter ProcessMessage ProcessInputMessage SoapEnvelope Pipeline SoapEnvelope ProcessOutputMessage ProcessMessage ProcessMessage SoapOutputFilter SoapOutputFilter The WSE Pipeline as SOAP Ext. SoapInputFilter ProcessMessage SoapExtension BeforeDeserialize Handler SoapInputFilter ProcessMessage ProcessInputMessage SoapEnvelope Pipeline SoapEnvelope ProcessOutputMessage AfterDeserialize Handler ProcessMessage BeforeSerialize Handler AfterSerialize Handler SoapOutputFilter ProcessMessage SoapOutputFilter Implementing Tracing Assumes Write ACE Logfile SoapExtension Web Service Request Handler BeforeDeserialize Handler AfterDeserialize Handler BeforeSerialize Handler AfterSerialize Handler Queue Service .NET Error Trace Queue Event Log Debug-Time Traces Service WMI and Event Log must run in separate process with privileged account. WMI Tracing is better with queues SoapExtension WT Web Service Request Handler BeforeDeserialize Handler B Enterprise Svc QC AfterDeserialize Handler BeforeSerialize Handler Queue Service WMI AfterSerialize Handler A Auto Reset Event Worker Thread .NET Remoting or COM+ Implementing Interception Intercept, Inspect and fail out SoapExtension AfterDeserialize Handler Exception BeforeSerialize Handler Request Stream AfterSerialize Handler Chained Copy [WebMethod] Web Service Request Handler BeforeDeserialize Handler Implementing XML Injection SoapExtension Modify stream copy before deserialization AfterDeserialize Handler BeforeSerialize Handler Request Stream Modify stream copy after serialization AfterSerialize Handler Chained Copy [WebMethod] Web Service Request Handler BeforeDeserialize Handler Format Extensions Extensibility mechanism for WSDL Perfectly legal through use of separate namespaces Inject your own tags into „operation bindings“ Operating Binding: Pair of input and output messages Equivalent to a function signature Also defined out-of-band data (headers) Allows WSDL-mapping of method-level attributes Metadata-enhanced WSDL Format Extensions Applied <operation name="SampleKerberos"> <soap:operation soapAction="urn:schemas-newtelligence-com:SampleKerberos" style="document" /> <wsse-kerb-ext:wssecurityKerberosExtension> <wsse-kerb-ext:ServiceClass> host </wsse-kerb-ext:ServiceClass> <wsse-kerb-ext:ServiceHost> ambassador.embassy.newtelligence.com </wsse-kerb-ext:ServiceHost> </wsse-kerb-ext:wssecurityKerberosExtension> <input> <soap:body use="literal" /> <soap:header d5p1:required="true" message="s0:SampleKerberosWSSecurityKerberos" part="WSSecurityKerberos" use="literal" xmlns:d5p1="http://schemas.xmlsoap.org/wsdl/" /> </input> <output> <soap:body use="literal" /> <soap:header d5p1:required="true" message="s0:SampleKerberosWSSecurityKerberos" part="WSSecurityKerberos" use="literal" xmlns:d5p1="http://schemas.xmlsoap.org/wsdl/" /> </output> </operation> Reflectors Reflectors are locally or globally installed classes <soapExtensionReflectorTypes> in machine.config or web.config Derived from ServiceDescriptionReflector Called for every [WebMethod] on "?WSDL" Allow you to: Modify WSDL using ServiceDescription object model Add Schemas, Imports Modify Messages Add Headers Inject format extensions into operation bindings WSDL in the Framework ServiceDescription Imports Types Messages PortTypes Bindings Services <?xml version="1.0" encoding="utf-8"?> <definitions xmlns:tm="http://microsoft.com/wsdl/mime/textMatching/" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:s0="urn:this-service" xmlns:http="http://schemas.xmlsoap.org/wsdl/http/" xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:mime="http://schemas.xmlsoap.org/wsdl/mime/" targetNamespace="urn:this-service" xmlns="http://schemas.xmlsoap.org/wsdl/"> <types> <s:schema elementFormDefault="qualified" targetNamespace="urn:this-service"> <s:element name="HelloWorld"> <s:complexType /> </s:element> <s:element name="HelloWorldResponse"> <s:complexType> <s:sequence> <s:element minOccurs="0" maxOccurs="1" name="HelloWorldResult" type="s:string" /> </s:sequence> </s:complexType> </s:element> <s:element name="string" nillable="true" type="s:string" /> </s:schema> </types> <message name="HelloWorldSoapIn"> <part name="parameters" element="s0:HelloWorld" /> </message> <message name="HelloWorldSoapOut"> <part name="parameters" element="s0:HelloWorldResponse" /> </message> <portType name="Service1Soap"> <operation name="HelloWorld"> <input message="s0:HelloWorldSoapIn" /> <output message="s0:HelloWorldSoapOut" /> </operation> </portType> <binding name="Service1Soap" type="s0:Service1Soap"> <soap:binding transport="http://schemas.xmlsoap.org/soap/http" style="document" /> <operation name="HelloWorld"> <soap:operation soapAction="urn:this-serviceHelloWorld" style="document" /> <input> <soap:body use="literal" /> </input> <output> <soap:body use="literal" /> </output> </operation> </binding> <service name="Service1"> <port name="Service1Soap" binding="s0:Service1Soap"> <soap:address location="http://localhost/WebService2/Service1.asmx" /> </port> </service> </definitions> <definitions> <import> <types> <message> <portType> <binding> <service> System.Web.Services.Description Importers Importers are globally installed classes <soapExtensionImporterTypes> in machine.config Derived from ServiceDescriptionImporter Called for every [WebMethod] "Add Web Reference" or wsdl.exe (extends VS.NET) Allow you to: Modify the proxy code (!) in any .NET language Uses the CodeDOM Add properties, methods to the proxy Add attributes to the proxy methods Allows to automatically hook in client-side SoapExtensions Resources Demo code for this talk: http://www.newtelligence.com/teched-us/ Clemens' Weblog http://radio.weblogs.com/0108971 Summary ASP.NET Web Services let you do more than you think…. Intercept and inspect messages Manipulate content Manipulate WSDL Manipulate Proxies WSE takes this further … Transport independent pipeline Host yourself for any non-HHTP protocol Community Resources Community Resources http://www.microsoft.com/communities/default.mspx Most Valuable Professional (MVP) http://www.mvp.support.microsoft.com/ Newsgroups Converse online with Microsoft Newsgroups, including Worldwide http://www.microsoft.com/communities/newsgroups/default.mspx User Groups Meet and learn with your peers http://www.microsoft.com/communities/usergroups/default.mspx evaluations © 2003 newtelligence AG. All rights reserved. This presentation is for informational purposes only. MICROSOFT AND NEWTELLIGENCE MAKE NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY.