Versioning Behavioral changes

Topics: Technical Questions
Mar 4, 2008 at 9:20 PM
I have a service with 2 versions. In the 1st version the service was created using ASMX and the users credentials were placed into a soap header. The authentication logic was baked into the service implementation. Security was provided using transport layer ssl. In the second version of the service, we decided to move the heavy processing to BizTalk 2006 R2 (WCF-WSHttp) and some of the lookups to an IIS hosted WCF service. Additionally, we decided to use the authentication and authorization model built into WCF. While this has made the service implementation cleaner, it has made the client implementation quite messy.
I can see how the MSE can help with the versioning differences in the services' contracts, and aggregating the now disparate services. However, I'm not sure how to handle the differences in the authentication model. I believe I could do it with the policy extensibility, but I can't find a single example of how to create a custom policy.
I have 2 questions to that point:
  1. Is it possible to abstract this behavioral change in the service at the MSE layer?
  2. Why not open the source for the RegExContentFilter so the community can see how to do this without having to guess, and research senselessly? A more complex sample would even be more welcome, like the one that was briefly shown at the SOA/BPM conference :-)
Mar 5, 2008 at 6:46 PM
I think I figured out how to apply custom policies. It's essentially a Xaml syntax that contains a list of BehaviorExtensionElements. So to add my own, I need to create a custom implementation of the System.ServiceModel.Configuration.BehaviorExtensionElement. Then I use the Xaml syntax to add a collection of behaviors to the PolicyModel. Correct?

Essentially, the extensibility of the MSE is WCF's extensibility. To add authentication or authorization to an endpoint or operation would be the same way I would do it with a WCF service. The MSE "Policies" mechanism is a way to organize BehaviorExtensionElements into re-usable WCF extensions. Is this correct?
Developer
Mar 5, 2008 at 7:31 PM
You are right on the money. Following this model opens the door for defining custom WCF behaviors (IServiceBehavior, IEnpointBehavior, IContractBehavior) and easily applying them to one or more MSE hosted endpoints. For example, you can implement an IEndpointBehavior that attaches an instance of an IDispatchMessageInspector to perform custom tasks like auditing. Also, this is how the RegExContentFilter policy is implemented.

Another great example of our extensibility is with the Channel Moniker stored in an operation version (also Xaml syntax). By implementing our IChannelBuilder interface, you can construct your own WCF ChannelFactory that the MSE will use to invoke your "service implementation". The channel factory you provide can construct a channel that service enables pretty much anything (database procedures, file system, queues, mainframes, etc.).

We here your request for more complete/complex examples that demonstrate using the extensibility points of the MSE and are working on it.


ctinsley wrote:
I think I figured out how to apply custom policies. It's essentially a Xaml syntax that contains a list of BehaviorExtensionElements. So to add my own, I need to create a custom implementation of the System.ServiceModel.Configuration.BehaviorExtensionElement. Then I use the Xaml syntax to add a collection of behaviors to the PolicyModel. Correct?

Essentially, the extensibility of the MSE is WCF's extensibility. To add authentication or authorization to an endpoint or operation would be the same way I would do it with a WCF service. The MSE "Policies" mechanism is a way to organize BehaviorExtensionElements into re-usable WCF extensions. Is this correct?

May 15, 2008 at 10:39 AM
I already have a behavior configured (given below) I want to use inside mse. It also refers to a custom validator.  
Is there a way to apply this behavior easily on an endpoint inside mse ?  Do we have to use PolicyModel ?
Do we have any samples showing how to do this ?

    <behaviors>
      <serviceBehaviors>
        <behavior name="ServiceBehavior">
          <serviceMetadata httpsGetEnabled="true" />
          <serviceDebug includeExceptionDetailInFaults="true" />
          <serviceCredentials>
            <userNameAuthentication userNamePasswordValidationMode="Custom"
              customUserNamePasswordValidatorType="CustomValidator.MyCustomValidator,CustomValidator" />
          </serviceCredentials>
        </behavior>
      </serviceBehaviors>
    </behaviors>
Developer
May 15, 2008 at 4:31 PM
You are on the right track.  You'll need to use PolicyModel.  Although not specifically for authentication, I'm finalizing a sample/lab that explains how to use Policies.  This will be posted in the next week or two. 
Essentially, since we dynamically create the endpoints any behaviors you'd typically apply in config, need to be applied through the Policy mechanism. 
For your scenario you can:
Create a class that derives from BehaviorExtensionElement.  This class will return a custom IServiceBehavior.
In your IServiceBehavior.ApplyBindingParameters method you can retrieve the existing or define your own ServiceCredentials implementation and set the appropriate properties:

credentials = bindingParameters.Find<ServiceCredentials>();
credentials.UserNameAuthentication.UserNamePasswordValidationMode =

UserNamePasswordValidationMode.Custom
credentials.UserNameAuthentication.CustomUserNamePasswordValidator = new CustomUserNameValidator();

 

 

Then create your policy model and assign it to your endpoint (below assumes your implementation of BehaviorExtensionElement is called CustomSecurityBehaviorElement:

<PolicyModel xmlns="http://microsoft.com/mse/2007/runtime/policyModel" xmlns:mse="clr-namespace:Microsoft.MSE.Runtime.Services.Behaviors;assembly=Microsoft.MSE.Runtime.Services"
xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml" xmlns:wcf="clr-namespace:System.ServiceModel.Configuration;assembly=System.ServiceModel"
xmlns:sec="clr-namespace:<YOUR ASSEMBLY NAMESPACE>;assembly=<YOUR ASSEMBLY>"
xmlns:sys="clr-namespace:System;assembly=mscorlib">
<
sec:CustomSecurityBehaviorElement/>
</PolicyModel>

 

 

 


 


bbalkanli wrote:
I already have a behavior configured (given below) I want to use inside mse. It also refers to a custom validator.  
Is there a way to apply this behavior easily on an endpoint inside mse ?  Do we have to use PolicyModel ?
Do we have any samples showing how to do this ?

    <behaviors>
      <serviceBehaviors>
        <behavior name="ServiceBehavior">
          <serviceMetadata httpsGetEnabled="true" />
          <serviceDebug includeExceptionDetailInFaults="true" />
          <serviceCredentials>
            <userNameAuthentication userNamePasswordValidationMode="Custom"
              customUserNamePasswordValidatorType="CustomValidator.MyCustomValidator,CustomValidator" />
          </serviceCredentials>
        </behavior>
      </serviceBehaviors>
    </behaviors>