WEB 404 ASP NET Web Service Internals I
WEB 404 ASP. NET Web Service Internals “I didn’t know you could do that!” Clemens Vasters (clemensv@newtelligence. com) newtelligence AG
In an ideal world …
… there would only be XML superheroes … SOAPERMAN
… like this guy.
However …
Many developers …
Ooops!
Many developers …
… need help and easy-to-use tools …
… and that‘s true for very many.
ASP. NET Bigotry – The Good Very simple: You just write classes and methods Simple enough for everybody Write, compile, done The WSDL contract is generated on the fly Wire format is rendered on the fly Proxies are automatically code-generated
ASP. NET Bigotry – The Bad Too simple: You just write classes and methods Suggests that a Web Service is just like anything else The WSDL contract is generated on the fly Contract should dominate the programming model Wire format is rendered on the fly Somewhere in deep inside the infrastructure Proxies are automatically code-generated Hard to maintain customized versions
The Middle Ground Many developers need simplicity They have no time to deal with XML philosophy They have no time to carefully craft Schema and WSDL They have no time to even learn Schema or WSDL They have even less time to deal with GXA, etc. Whether we like it or not … … the programming model must be kept easy … it's hard to move from RPC to messages Bridging the gap is an infrastructure job.
[Check. Arguments] Data Authentication Transactions Monitoring Validation and and Authorization Diagnostics Reliability Security [Tip. Transaction] [Principal. Permission] [Exception. Monitor][Method. Statistics] [Web. Method] public string Make. Reservation( [Min. Length(8), Max. Length(8)] string Flight. Cycle. Id, [Between(1, 100)] int Row, [Between('A', 'K')] char Seat, [Match(@"[A-Z]")] string Fare, [Min. Length(1), Max. Length(80)] string First. Name, [Min. Length(1), Max. Length(80)] string Last. Name, [One. Of("MR", "MRS")] string Title, [Match(@"[0 -9]*"), Max. Length(20)] string Customer. Code)
Building A Pipeline ¥ Identity ¥ Timestamp ¥ Signature ¥ etc ¥ User access to service ¥ Authentication Web. Method Access Control Transport Runtime Logging, Monitoring Usage Control Access Logging, Monitoring ¥ Signature ¥ Timestamp ¥ Billing ¥ Statistics ¥ Royalties ¥ Performance Conversation Managmt. WSE Pipeline stages and SOAP extensions HTTP Infrastructure ¥ Availability Decrypt Accounting Encrypt ¥ Encryption Conversation Managmt. ¥ Asynch. messaging support ¥ Queuing Service Implementation
ASP. NET Runtime Environment HTTP Request Host environment: IIS with authentication infrastructure and additional ISAPI filters for compression, etc. ASP. NET hooked into IIS via ISAPI Filter and Extension for. asmx extension (customizable) ASP. NET: Managed runtime running as separate process. Processes IIS requests asynchronously. Doesn't tie up IIS threads. HTTP Module chain allows for raw data filtering and processing. Modules are hooked in as callbacks. Web Service Request Handler maps request to Web. Service class and method. Soap. Extensions hooked in as callbacks. [Soap. Method] Host (IIS) ISAPI Filters ASP. NET HTTP Runtime HTTP Module WS Request Handler Soap Extension Target Service
ASP. NET „SOAP Extensions“ Plug-in architecture for ASP. NET Web Services Declarative and configurable plug-ins for Web Services Can intercept and manipulate payloads and headers Interception-driven functionality Can extend WSDL and inject code into proxies Service. Description. Format. Extension Injects attributes into WSDL Service. Description. Reflector reads metadata Injects "operation binding" into WSDL Service. Description. Importer reads WSDL Injects code into Code. DOM at proxy creation time
The Pipeline Call Chain Soap. Extension Before. Deserialize Handler After. Deserialize Handler Before. Serialize Handler After. Serialize Handler Chained Copy [Web. Method] Web Service Request Handler Request Stream Soap. Extension Chained Copy
WSE Pipeline Transport-independent pipeline Hooked into ASP. NET using SOAP Extension Can be used outside of ASP. NET Can intercept and manipulate payloads and headers Interception-driven functionality Infoset based, not stream based Eliminates stream-writes/reads for every stage
WSE Pipelines Endpoint Soap. Output. Filter Header Body Endpoint Input message SOAP message Header Soap. Input. Filter Body SOAP message B A Transport BA BA Soap. Input. Filter Header Body SOAP message Output message SOAP message Soap. Output. Filter
The WSE Pipeline Soap. Input. Filter Process. Message Process. Input. Message Soap. Envelope Pipeline Process. Output. Message Process. Message Soap. Output. Filter
The WSE Pipeline as SOAP Ext. Soap. Input. Filter Process. Message Soap. Extension Before. Deserialize Handler Soap. Input. Filter Process. Message Process. Input. Message Soap. Envelope Pipeline Process. Output. Message After. Deserialize Handler Before. Serialize Handler After. Serialize Handler Process. Message Soap. Output. Filter
Implementing Tracing Soap. Extension Assumes Write ACE Logfile Web Service Request Handler Before. Deserialize Handler After. Deserialize Handler Before. Serialize Handler After. Serialize Handler Queue Service . NET Error Trace Queue Event Log Debug-Time Traces Service WMI and Event Log must run in separate process with privileged account. WMI
Tracing is better with queues Soap. Extension B WT Web Service Request Handler Before. Deserialize Handler Enterprise Svc QC After. Deserialize Handler Before. Serialize Handler Queue Service WMI After. Serialize Handler A Auto Reset Event Worker Thread . NET Remoting or COM+
Implementing Interception Intercept, Inspect and fail out Soap. Extension After. Deserialize Handler Exception Before. Serialize Handler After. Serialize Handler Chained Copy [Web. Method] Web Service Request Handler Request Stream Before. Deserialize Handler
Implementing XML Injection Soap. Extension Before. Deserialize Handler After. Deserialize Handler Before. Serialize Handler Modify stream copy after serialization After. Serialize Handler Chained Copy [Web. Method] Web Service Request Handler Request Stream Modify stream copy before deserialization
Format Extensions Extensibility mechanism for WSDL Perfectly legal through use of separate namespaces Inject your own tags into „operation bindings“ Operating Binding: Pair of input and output messages Equivalent to a function signature Also defined out-of-band data (headers) Allows WSDL-mapping of method-level attributes Metadata-enhanced WSDL
Format Extensions Applied <operation name="Sample. Kerberos"> <soap: operation soap. Action="urn: schemas-newtelligence-com: Sample. Kerberos" style="document" /> <wsse-kerb-ext: wssecurity. Kerberos. Extension> <wsse-kerb-ext: Service. Class> host </wsse-kerb-ext: Service. Class> <wsse-kerb-ext: Service. Host> ambassador. embassy. newtelligence. com </wsse-kerb-ext: Service. Host> </wsse-kerb-ext: wssecurity. Kerberos. Extension> <input> <soap: body use="literal" /> <soap: header d 5 p 1: required="true" message="s 0: Sample. Kerberos. WSSecurity. Kerberos" part="WSSecurity. Kerberos" use="literal" xmlns: d 5 p 1="http: //schemas. xmlsoap. org/wsdl/" /> </input> <output> <soap: body use="literal" /> <soap: header d 5 p 1: required="true" message="s 0: Sample. Kerberos. WSSecurity. Kerberos" part="WSSecurity. Kerberos" use="literal" xmlns: d 5 p 1="http: //schemas. xmlsoap. org/wsdl/" /> </output> </operation>
Reflectors are locally or globally installed classes <soap. Extension. Reflector. Types> in machine. config or web. config Derived from Service. Description. Reflector Called for every [Web. Method] on "? WSDL" Allow you to: Modify WSDL using Service. Description object model Add Schemas, Imports Modify Messages Add Headers Inject format extensions into operation bindings
WSDL in the Framework Service. Description Imports Types Messages Port. Types Bindings Services <? xml version="1. 0" encoding="utf-8"? > <definitions xmlns: tm="http: //microsoft. com/ wsdl/mime/text. Matching/" /" xmlns: tm="http: //microsoft. com/wsdl/mime/text. Matching xmlns: soap="http: // schemas. xmlsoap. org/wsdl/soap/" /" xmlns: s 0="urn: this -service" xmlns: soap="http: //schemas. xmlsoap. org/wsdl/soap xmlns: s 0="urn: this-service" xmlns: http="http: // schemas. xmlsoap. org/wsdl/http/" /" xmlns: http="http: //schemas. xmlsoap. org/wsdl/http xmlns: soapenc="http: // schemas. xmlsoap. org/soap/encoding/" xmlns: soapenc="http: //schemas. xmlsoap. org xmlns: mime="http: // schemas. xmlsoap. org/wsdl/mime/" /" target. Namespace=" urn: this-service" xmlns: mime="http: //schemas. xmlsoap. org/wsdl/mime target. Namespace="urn: this xmlns="http: // schemas. xmlsoap. org/wsdl/"> xmlns="http: //schemas. xmlsoap. org/wsdl <types> <s: schema urn: this-service"> <s: schema element. Form. Default="qualified" target. Namespace="urn: this <s: element "> <s: element name="Hello. World"> <s: complex. Type /> </s: element> <s: element "> <s: element name="Hello. World. Response"> <s: complex. Type> <s: sequence> <s: element " type="s: string " /> <s: element min. Occurs="0" max. Occurs="1" name="Hello. World. Result" type="s: string" </s: sequence > </s: sequence> </s: complex. Type> </s: element> <s: element " /> <s: element name="string" nillable="true" type="s: string" </s: schema > </s: schema> </types> <message name="Hello. World. Soap. In "> name="Hello. World. Soap. In"> <part name="parameters" element="s 0: Hello. World" /> </message> <message name="Hello. World. Soap. Out "> name="Hello. World. Soap. Out"> <part name="parameters" element="s 0: Hello. World. Response" /> </message> <port. Type name="Service 1 Soap"> <operation name="Hello. World "> name="Hello. World"> <input message="s 0: Hello. World. Soap. In" /> <output message="s 0: Hello. World. Soap. Out" /> </operation> </port. Type> <binding name="Service 1 Soap" type="s 0: Service 1 Soap"> <soap: binding /soap/http" style="document" /> <soap: binding transport="http: //schemas. xmlsoap. org/soap/http" <operation name="Hello. World "> name="Hello. World"> <soap: operation urn: this-service. Hello. World" " style="document" /> <soap: operation soap. Action="urn: this-service. Hello. World <input> <soap: body use="literal" /> </input> <output> <soap: body use="literal" /> </output> </operation> </binding> <service name="Service 1"> <port name="Service 1 Soap" binding="s 0: Service 1 Soap"> <soap: address location="http: //localhost/Web. Service 2/Service 1. asmx" /> </port> </service> </definitions> <import> <types> <message> <port. Type> <binding> <service> System. Web. Services. Description
Importers are globally installed classes <soap. Extension. Importer. Types> in machine. config Derived from Service. Description. Importer Called for every [Web. Method] "Add Web Reference" or wsdl. exe (extends VS. NET) Allow you to: Modify the proxy code (!) in any. NET language Uses the Code. DOM Add properties, methods to the proxy Add attributes to the proxy methods Allows to automatically hook in client-side Soap. Extensions
Resources Demo code for this talk: http: //www. newtelligence. com/teched-us/ Clemens' Weblog http: //radio. weblogs. com/0108971
Summary ASP. NET Web Services let you do more than you think…. Intercept and inspect messages Manipulate content Manipulate WSDL Manipulate Proxies WSE takes this further … Transport independent pipeline Host yourself for any non-HHTP protocol
Community Resources http: //www. microsoft. com/communities/default. mspx Most Valuable Professional (MVP) http: //www. mvp. support. microsoft. com/ Newsgroups Converse online with Microsoft Newsgroups, including Worldwide http: //www. microsoft. com/communities/newsgroups/default. mspx User Groups Meet and learn with your peers http: //www. microsoft. com/communities/usergroups/default. mspx
evaluations
© 2003 newtelligence AG. All rights reserved. This presentation is for informational purposes only. MICROSOFT AND NEWTELLIGENCE MAKE NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY.
- Slides: 36