Rashim's Blog

Posts Tagged ‘C#


There is a special data type in .Net which is called string and it is a reference type, isn’t it? Of course it is but it also behaves much like a value type. That means it can directly accept values and does not require creating an instance. Have we ever thought for a single time how could we incorporate such a feature in our own class? Well, if we really need such type of feature we can easily implement it since operator overloading gives us the planetary for these purposes.

Operator overloading is a way to implement user-defined operator to be specified for operations where one or both of the operands are of a user-defined class or struct type. It also consents us to outline how the operators work with our class and struct. There are mainly three types of overload operators called unary, binary, and conversion. But not all operators of each type can be overloaded. According to MSDN, an implicit keyword is used to declare an implicit user-defined type conversion operator. In other words, this gives the power to our C# class, which can accept any reasonably convertible data type without type casting. And such a kind of class can also be assigned to any convertible object or variable.  By using this operator we can design our class which can take a value as well. Let’s move to the code.

public class StringManipulationHelper
{
private string _value;
private static StringManipulationHelper _stringManipulationHelper;

public StringManipulationHelper()
{
_value = string.Empty;
}

public StringManipulationHelper(string submittedValue)
{
_value = submittedValue;
}

public static implicit operator StringManipulationHelper(string submittedValue)
{
_stringManipulationHelper = new StringManipulationHelper(submittedValue);
return _stringManipulationHelper;
}

public static implicit operator string(StringManipulationHelper objHelper)
{
return objHelper._value;
}
}

Now you can use in any way like this,

StringManipulationHelper helper = null;
or
StringManipulationHelper helper = "This is test";
or
var helper = new StringManipulationHelper();
or
var helper = new StringManipulationHelper("This is a Test");

Easy enough right? But it will help us a lot when we are in need such kinds of features.


As a series of article, this time, I am going to introduce you with Event-based asynchronous communication. I have used here same service operation of IAsyncResult asynchronous operation that I have mentioned earlier. Service implementation and hosting are also same with IAsyncResult asynchronous. So, in this case I will not go to explain service section again as well as will not go for in details all parts as i have discussed it clearly in other two posts. I would suggest you to have a look on the given links first.

To develop a client is just straight forward. Here I have shown you a console app as a client,

public class Program
 {
 static void Main(string[] args)
 {
 var proxy = new MessageServiceProxy("MessageServiceEndpoint");
 proxy.GetMessageCompleted += GetMessageCompleted;
 proxy.GetMessageAsync("HI");
 Console.WriteLine("waiting");
 Console.ReadLine();
 }
 static void GetMessageCompleted(object sender, GetMessageCompletedEventArgs e)
 {
 Console.WriteLine(e.Result.ToString(CultureInfo.InvariantCulture));
 }
 }

And its corresponding configuration has been given below,

<?xml version="1.0" encoding="utf-8" ?>
<configuration>
 <system.serviceModel>
 <bindings />
 <client>
 <endpoint address="http://localhost/Rashim.Rnd.WCF.Asynchronous.Services/"
 binding="basicHttpBinding" contract="Rashim.Rnd.WCF.Asynchronous.Services.IMessageService"
 name="MessageServiceEndpoint">
 <identity>
 <dns value="ServerCertificate" />
 </identity>
 </endpoint>
 </client>
 </system.serviceModel>
</configuration>

Now the important thing is how we develop our ServiceProxy which in our case is MessageServiceProxy .

public class MessageServiceProxy : ClientBase<IMessageService>, IMessageService
 {
 public event EventHandler<GetMessageCompletedEventArgs> GetMessageCompleted;
 private BeginOperationDelegate _onBeginGetMessage;

private EndOperationDelegate _onEndGetMessage;

private SendOrPostCallback _onGetMessageCompleted;

public MessageServiceProxy()
 {
 }

public MessageServiceProxy(string endpointConfigurationName) :
 base(endpointConfigurationName)
 {
 }

public IAsyncResult BeginGetMessage(string message, AsyncCallback callback, object asyncState)
 {
 return Channel.BeginGetMessage(message, callback, asyncState);
 }

public string EndGetMessage(IAsyncResult result)
 {
 return Channel.EndGetMessage(result);
 }

private IAsyncResult OnBeginGetMessage(object[] inValues, AsyncCallback callback, object asyncState)
 {
 var message = ((string)(inValues[0]));
 return BeginGetMessage(message, callback, asyncState);
 }

private object[] OnEndGetMessage(IAsyncResult result)
 {
 string retVal = Channel.EndGetMessage(result);
 return new object[] {
 retVal};
 }

private void OnGetMessageCompleted(object state)
 {
 if ((GetMessageCompleted != null))
 {
 var e = ((InvokeAsyncCompletedEventArgs)(state));
 GetMessageCompleted(this, new GetMessageCompletedEventArgs(e.Results, e.Error, e.Cancelled, e.UserState));
 }
 }

public void GetMessageAsync(string message)
 {
 GetMessageAsync(message, null);
 }

private void GetMessageAsync(string message, object userState)
 {
 if ((_onBeginGetMessage == null))
 {
 _onBeginGetMessage = OnBeginGetMessage;
 }
 if ((_onEndGetMessage == null))
 {
 _onEndGetMessage = OnEndGetMessage;
 }
 if ((_onGetMessageCompleted == null))
 {
 _onGetMessageCompleted = OnGetMessageCompleted;
 }
 InvokeAsync(_onBeginGetMessage, new object[] {
 message}, _onEndGetMessage, _onGetMessageCompleted, userState);
 }
 }

Here I have used three delegates namely onBeginGetMessage, onEndGetMessage and onGetMessageCompleted and these three delegates will register when we first call GetMessageAsync() method. onGetMessageCompleted  is a SendOrPostCallback which represents a callback method that we want to execute when a message is to be dispatched to a synchronization context.

Finally the GetMessageCompletedEventArgs,

public class GetMessageCompletedEventArgs : AsyncCompletedEventArgs
 {
 private readonly object[] _results;

public GetMessageCompletedEventArgs(object[] results, Exception exception, bool cancelled, object userState) :
 base(exception, cancelled, userState)
 {
 _results = results;
 }

public string Result
 {
 get
 {
 RaiseExceptionIfNecessary();
 return ((string)(_results[0]));
 }
 }
 }

Download Source code


Last couple of months, I was in rush and could not contribute to the community as much as I have been expected, but regularly I have been answering the questions and giving solutions of different technical problems that I have got through e-mail from different know-how guys.  Solving and replying those critical problems engage me 2-3 hours a day and at the same time I have to spend 8-9 hours a day in my office, so it is really tough to allocate time for writing about something new. But, then again, it is all about our part of  life; I would come up writing with new and cutting edge technologies very soon again.

Today I would like to give a solution of a weird problem that I had confronted for deploying SQLite.

”Could not load file or assembly ‘System.Data.SQLite.dll’ or one of its dependencies.”

For solving this issue I had tried a whole variety of ways but had not got my problem solved. What I had done to solve this issue was that I installed   the version sqlite-netFx40-setup-bundle-x86-2010-1.0.89.0 and then copy the System.Data.SQLite.dll to my project folder and refer this dll to my project. It solved the problem in my development PC but when I had gone for deployment I had got another error which is like that,

“Unable to load DLL ‘SQLite.Interop.dll’: The specified module could not be found. (Exception from HRESULT: 0x8007007E)”

It shows that the native interop assembly is required either for x86 or x64 architecture. As  ‘System.Data.SQLite.dll’  is a mixed mode assembly, I suspected it would automatically loads its native code. But I had got no luck really!! The reason behind this is might be that a particular mixed mode assembly is either for x86 or x64 not for both. Anyway I really don’t know what was the exact reason inside for this issue. After trying in many different ways I had come across the solution finally. Here it is.

First we need to install SQLite and in my case I installed it from NuGet gallery.To do that you can follow the steps that have been given below:

Go to the TOOLS->Library Package Manager->Package Manager Console of the Visual studio.

Image 

  Then run the command Install-Package System.Data.SQLite

Image

Now in your project you have got two folders x86 and x64, underneath this folder you will find those SQLite.Interop.dll’. 

Image

Now go to the properties windows of those dlls and set build action is content and Copy to output directory is Copy always.

Image

Like the way you also need to change the property settings for  ‘System.Data.SQLite.dll’.

That’s it. Now build your app. You are ready to deploy and see it is working perfectly in your client machine too.


Sometimes client applications need to retrieve different types of file (.doc, .xls, .zip…etc.) from web application to do some of their internal works or even just for the users. So, if we could make such web application which provides the facility to the client applications to download different files from the server, we don’t need to change or modify the code of the web application each time we upload the different types of file to the server.

This can be easily achieved by using an HTTP Handler for download operation. We can use normal asp.net web page for this purposes, but the reason behind to choose an HTTP Handler is only for performance issues. Firstly, we get benefit of scalability as we don’t need to show any output value to the page. Secondly, an HTTP handler doesn’t go through the full page events which ultimately improve performance.

The handler code has given below which is self-descriptive and requires no more description,

public class Download : IHttpHandler
{
 public bool IsReusable
 {
    get
    {
     return false;
    }
 }

 public void ProcessRequest(HttpContext context)
 {
    var request = context.Request;
    Stream stream = null;
    var buffer = new byte[2048];
    var fileName = request["FileName"];

    if (string.IsNullOrEmpty(fileName))
       throw new Exception("File name is Empty");

    var fullFileName = Path.Combine(string.Format("{0}", request.PhysicalApplicationPath), "DownloadFiles",fileName);
    try
    {
       stream = new FileStream(fullFileName, FileMode.Open, FileAccess.Read, FileShare.Read);
       var dataToRead = stream.Length;
       while (dataToRead > 0)
       {
          if (context.Response.IsClientConnected)
          {
             var length = stream.Read(buffer, 0, 2048);
             context.Response.OutputStream.Write(buffer, 0, length);
             context.Response.Flush();
             buffer = new byte[2048];
             dataToRead = dataToRead - length;
          }
          else
          {
             dataToRead = -1;
          }
       }
    }
    catch (Exception ex)
    {
       context.Response.Write(ex);
    }
    finally
    {
       if (stream != null)
       {
          stream.Close();
       }
    }
  }
}

The client applications need to send a request to the download handler appending the Filename variable in the QueryString. This is also a laid-back substance. I am giving a sample code for that,

 var fileName = string.Format("{0}","Install.zip");
 var queryString = string.Format("{0}{1}{2}", "FileName", "=", fileName);
 var downloadUrl = URL of Download.ashx;
 var url = string.Format("{0}{1}{2}", downloadUrl,"?", queryString);
 var downBuffer = new byte[2048];

 var webRequest = (HttpWebRequest)WebRequest.Create(url);
 webRequest.KeepAlive = false;
 webRequest.UnsafeAuthenticatedConnectionSharing = true;
 webRequest.Credentials = CredentialCache.DefaultCredentials;
 var webResponse = (HttpWebResponse)webRequest.GetResponse();
 var streamResponse = webResponse.GetResponseStream();
 var fileStream = new FileStream(string.Format("{0}{1}", "D:\\", fileName), FileMode.Create, FileAccess.Write);

 if (streamResponse != null)
 {
     int bytesRead;
     while ((bytesRead = streamResponse.Read(downBuffer, 0, downBuffer.Length)) > 0)
     {
         fileStream.Write(downBuffer, 0, bytesRead);
     }
 }

 fileStream.Close();

Here, I host the web application to the local IIS and the URL for download handler is ‘…/Download.ashx’. WebRequest is for making a request to a URI and HttpWebRequest offers an HTTP specific operation of WebRequest where HttpWebResponse delivers a response from a URI.

Download SourceCode


Though Performance blocking and Sluggishness are the tailbacks for any application, we can easily overcome these bottlenecks by using asynchronous programming. But old-style practice for asynchronous programming is not way easy enough to write, debug and maintain. So what is the contemporary approach??

Well, In my view, this is Task based asynchronous programming, which is updated in .Net 4.5 through the use of keywords await and async. But what do async and await do? async and await are the way of controlling continuation. When a method uses the async keyword, it means it is an asynchronous method, which might have an await keyword inside, and if it has an await keyword, async will activate it. So, simply async activates the await, from which point, the asynchronous has been started. There is a nice explanation that has been given here.

In WCF we can also consider an asynchronous operation while the service operation creates a delaying call. There are three ways to implement asynchronous operations

In this post I am going to use task-based asynchronous operation since this is the most contemporary strategy.

Okay. Let’s move to the code,

A very simple Service contract such as,

 [ServiceContract]
 public interface IMessage
 {
     [OperationContract]
     Task<string> GetMessages(string msg);
 }

With this simple contract, the implementation is just straight forward,

 public class MessageService : IMessage
 {
    async Task<string> IMessage.GetMessages(string msg)
    {
       var task = Task.Factory.StartNew(() =>
                                      {
                                          Thread.Sleep(10000);
                                          return "Return from Server : " + msg;
                                      });
      return await task.ConfigureAwait(false);
    }
 }

Here, the method is marked with the async keyword, which means it might use await keyword inside. It also means that the method will be able to suspend and then resume asynchronously at await points. Moreover, it points the compiler to boost the outcome of the method or any exceptions that may happen into the return type.

Service hosting,

 class Program
 {
     static void Main(string[] args)
     {
        var svcHost = new ServiceHost(typeof (MessageService));
        Console.WriteLine("Available Endpoints :\n");
        svcHost.Description.Endpoints.ToList().ForEach(endpoints=> Console.WriteLine(endpoints.Address.ToString()));
        svcHost.Open();
        Console.ReadLine();
     }
 }

Finally Service Configuration,

<?xml version="1.0"?>
 <configuration>
     <system.serviceModel>
       <services>
          <service name="Rashim.RND.WCF.Asynchronous.ServiceImplementation.MessageService">
             <host>
                 <baseAddresses>
                     <add baseAddress="net.Tcp://localhost:8732/"/>
                     <add baseAddress="http://localhost:8889/"/>
                 </baseAddresses>
             </host>
             <endpoint address="Tcp" binding="netTcpBinding" contract="Rashim.RND.WCF.Asynchronous.Services.IMessage"/>
             <endpoint address="Http" binding="basicHttpBinding" contract="Rashim.RND.WCF.Asynchronous.Services.IMessage">
                 <identity>
                      <dns value="localhost"/>
                 </identity>
             </endpoint>
             <endpoint address="mex" binding="mexTcpBinding" contract="IMetadataExchange"/>
             <endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange"/>
          </service>
       </services>
       <behaviors>
          <serviceBehaviors>
             <behavior>
                 <serviceMetadata/>
             </behavior>
          </serviceBehaviors>
       </behaviors>
     </system.serviceModel>
     <startup><supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5"/></startup>
</configuration>

After Configuring the service,we need to configure the client app to consume the service.

A simple Console Application(Client),

class Program
 {
    static void Main(string[] args)
    {
       GetResult();
       Console.ReadLine();
    }

    private async static void GetResult()
    {
       var client = new Proxy("BasicHttpBinding_IMessage");
       var task = Task.Factory.StartNew(() => client.GetMessages("Hello"));
       var str = await task;
       str.ContinueWith(e =>
       {
          if (e.IsCompleted)
           {
              Console.WriteLine(str.Result);
           }
       });
      Console.WriteLine("Waiting for the result");
    }
 }

Client Configuration,

<?xml version="1.0"?>
 <configuration>
   <system.serviceModel>
     <bindings>
       <basicHttpBinding>
         <binding name="BasicHttpBinding_IMessage" />
       </basicHttpBinding>
     </bindings>
     <client>
       <endpoint address="http://localhost:8889/Http" binding="basicHttpBinding"
          bindingConfiguration="BasicHttpBinding_IMessage" contract="Rashim.RND.WCF.Asynchronous.Services.IMessage"
           name="BasicHttpBinding_IMessage" />
     </client>
   </system.serviceModel>
 </configuration>

Finally,proxy class is given below through which the client will consume the services.

public class Proxy : ClientBase<IMessage>, IMessage
 {
    public Proxy()
    {
    }
    public Proxy(string endpointConfigurationName) :
    base(endpointConfigurationName)
    {
    }
    public Task<string> GetMessages(string msg)
    {
      return Channel.GetMessages(msg);
    }
 }

That’s it. Very easy stuff though. You can download the source code from here.


In WCF, a service can call back to its clients. That is to say that, at the time of call back, the service behaves as a client as well as the client becomes the service, and the client must assist hosting the call back object. To support call back, the underlying transport of the binding must support bidirectional. So, for the nature of connectionless, we cannot use all bindings for the call back operation. For instance, BasicHttpBinding or WsHttpBinding does not support callback while WsDualHttpBinding supports it, because this binding establishes two HTTP channel to do that; one for client to service another for service to client. Also, NetTcpBinding and NetNamedPipeBinding supports callback since their underlying transport is bidirectional.

Callback service can be supported by using CallbackContract property in the ServiceContract attribute. Only one callback contract is allowed for a service contract. After defining a callback contract, we require to set up the client for up keeping the callback and also to offer the callback endpoint to the service for each and every call.

In the example given below, the callback contract defines the operations to which the service can call on the client endpoint

public interface INotificationServiceCallBack
{
    [OperationContract(IsOneWay = true)]
    void OnNotificationSend(string message);
}

The implementation of this Service Contract,

[CallbackBehavior(ConcurrencyMode = ConcurrencyMode.Reentrant)]
public class NotificationServiceCallBack : INotificationServiceCallBack
{
    public void OnNotificationSend(string message)
    {
        Console.WriteLine(message);
        Console.ReadLine();
    }
}

Here CallbackBehavior refers how the callback of this operation will act which is similar to ServiceBehavior.

And the service contract has been defined like the way given below,

[ServiceContract(CallbackContract = typeof(INotificationServiceCallBack))]
public interface INotificationServices
{
    [OperationContract]
    void SendNotification(string message);
}

To make a way around for the service to call, clients must expose an endpoint to the service. This has been done by the following way,

public class Program
{
    public static INotificationServices Proxy
    {
        get
        {
            var ctx = new InstanceContext(new NotificationServiceCallBack());
            return new DuplexChannelFactory<INotificationServices>(ctx, "WSDualHttpBinding_INotificationServices").CreateChannel();
        }
    }
    static void Main(string[] args)
    {
        Proxy.SendNotification("Are u ready?");
        Console.ReadLine();
    }
}

Here InstanceContext is the execution scope of inner most service instance. It provides a constructor that takes the service instance to the host.

And now service implementation,

public class NotificationService : INotificationServices
{
    public INotificationServiceCallBack Proxy
    {
        get
        {
            return OperationContext.Current.GetCallbackChannel<INotificationServiceCallBack>();
        }
    }
    public void SendNotification(string message)
    {
        Console.WriteLine("\nClient says :" + message);
        Proxy.OnNotificationSend("Yes");
    }
}

In the above example, we see that the service has the proxy of INotificationServiceCallBack and call its operation which the clients will handle.

That’s it. Now the total code portion that i have used here has been given,

Services and Implementations,

public interface INotificationServiceCallBack
{
    [OperationContract(IsOneWay = true)]
    void OnNotificationSend(string message);
}

 

[ServiceContract(CallbackContract = typeof(INotificationServiceCallBack))]
public interface INotificationServices
{
    [OperationContract]
    void SendNotification(string message);
}
[CallbackBehavior(ConcurrencyMode = ConcurrencyMode.Reentrant)]
public class NotificationServiceCallBack : INotificationServiceCallBack
{
    public void OnNotificationSend(string message)
    {
        Console.WriteLine(message);
        Console.ReadLine();
    }
}
public class NotificationService : INotificationServices
{
    public INotificationServiceCallBack Proxy
    {
        get
        {
            return OperationContext.Current.GetCallbackChannel<INotificationServiceCallBack>();
        }
    }

    public void SendNotification(string message)
    {
        Console.WriteLine("\nClient says :" + message);
        Proxy.OnNotificationSend("Yes");
    }
}

Server and its configuration,

class Program
{
    static void Main(string[] args)
    {
        var svcHost = new ServiceHost(typeof(NotificationService));
        svcHost.Open();
        Console.WriteLine("Available Endpoints :\n");
        svcHost.Description.Endpoints.ToList().ForEach(endpoint => Console.WriteLine(endpoint.Address.ToString()));
        Console.ReadLine();
        svcHost.Close();
    }
}
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
  <system.web>
    <compilation debug="true" />
  </system.web>
  <system.serviceModel>
    <services>
      <service name="Rashim.RND.WCF.CallBack.Services.NotificationService">
        <host>
          <baseAddresses>
            <add baseAddress = "net.Tcp://localhost:8732/"/>
            <add baseAddress="http://localhost:8888"/>
          </baseAddresses>
        </host>
        <endpoint address="CallbackService" binding="netTcpBinding" contract="Rashim.RND.WCF.CallBack.Interfaces.INotificationServices"/>
        <endpoint address="CallbackService" binding="wsDualHttpBinding" contract="Rashim.RND.WCF.CallBack.Interfaces.INotificationServices"/>
        <endpoint address="mex" binding="mexTcpBinding" contract="IMetadataExchange" />
        <endpoint address="http://localhost:8888/mex" binding="mexHttpBinding" contract="IMetadataExchange" />
      </service>
    </services>
    <behaviors>
      <serviceBehaviors>
        <behavior>
          <serviceMetadata />
          <serviceDebug includeExceptionDetailInFaults="False" />
        </behavior>
      </serviceBehaviors>
    </behaviors>
  </system.serviceModel>
</configuration>

Client and its Configuration,

public class Program
{
    public static INotificationServices Proxy
    {
        get
        {
            var ctx = new InstanceContext(new NotificationServiceCallBack());
            return new DuplexChannelFactory<INotificationServices>(ctx, "WSDualHttpBinding_INotificationServices").CreateChannel();
        }
    }
    static void Main(string[] args)
    {
        Proxy.SendNotification("Are u ready?");
        Console.ReadLine();
    }
}
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
  <system.serviceModel>
    <client>
      <endpoint address="http://localhost:8888/CallbackService" binding="wsDualHttpBinding" contract="Rashim.RND.WCF.CallBack.Interfaces.INotificationServices" name="WSDualHttpBinding_INotificationServices">
      </endpoint>
      <endpoint address="net.tcp://localhost:8732/CallbackService" binding="netTcpBinding"
 contract="Rashim.RND.WCF.CallBack.Interfaces.INotificationServices" name="NetTcpBinding_INotificationServices">
      </endpoint>
    </client>
  </system.serviceModel>
</configuration>

When working with distributed application, securing communication between the client and the service is a very vital issue. Windows Communication Foundation provides the facility of transfer security which is responsible for ensuring the integrity and confidentiality of service messages, and also responsible for providing authentication. Transfer security in WCF is achieved through the use of either transport security or message security. Transport-layer security provides integrity and confidentiality, while message-layer security provides a variety of passes which are not possible with transport security mechanisms. When using transport security, user credentials are transport-dependent, which allows fewer authentication options compared to message security. And each transport protocol has its own way for passing credentials and handling message guard. But SSL is the most common approach for encrypting and signing the contents sent over HTTPS. Here I will explain how to configure WCF Services and Clients to communicate over HTTPS by using self-signed Certificates.

When I intend to write any technical stuff, my intention always goes to start with a very simple example as well as gives an overview with the necessary things related to it. There is no difference this time as well. So for the purposes of this blog post I am going to organize it with Self-Signed Certificate Creation, Services and its Configuration, Clients and its Configuration. Please be noted that I would like to use custom binding for the code examples given here.

Self-Signed Certificate Creation

In Certificate based communication, we need to use two certificates for the client and server to authenticate each other. To make those certificates I would like to use the “MakeCert.exe” utility with the following arguments

makecert -pe -ss My -sr LocalMachine -a sha1 -sky exchange -n CN=ServerCertificate

makecert -pe -ss MY -sr LocalMachine -a sha1 -sky exchange -n CN=ClientCerttificate

Image

The complete specification of this is available here

Now,

First bring up the Microsoft Management Console by launching mmc.exe which allows us to browse the local machine’s cache of certificates.

Image

Next add the Certificates MMC Snap-in and select Computer account

Image

Navigate to the “Personal” node to see ClientCertificate and ServerCertificate.

Image

It is also required to export the certificates from the certificate store and import the copies of those into the TrustedPeople store so that WCF can find them for validation purposes.

Since I would like to use IIS hosting, we need to configure IIS for https. To do that,

  • Open IIS Manager
  • Select Default Web site and open its property window
  • Click the Edit Binding.

Image

Click Add and select HTTPS and then Select ServerCertificate that you have created earlier

Image

Okay done .Everything is okay now.

Service and its Configuration

I have used here very simple service which is “Feedback” service. The service contract looks like,

[ServiceContract]
public interface IFeedback
{
    [OperationContract]
    string GiveFeedback(string question);
}

With such a simple contract the implementation is just straight forward

public class Feedback : IFeedback
{
    public string GiveFeedback(string question)
    {
        var feedback = question + " : This is very funny stuff";
        return feedback;
    }
}

The configuration file for this Service is given below,

<configuration>
  <system.web>
    <compilation debug="true" targetFramework="4.0" />
  </system.web>
  <system.serviceModel>
    <services>
      <service
      name="Rashim.RND.WCF.SecureCommunication.WcfService.Feedback"
      behaviorConfiguration="MyCustomBehavior">
        <endpoint address=""
        binding="customBinding"
        contract="Rashim.RND.WCF.SecureCommunication.Interfaces.IFeedback"
        bindingConfiguration="MyCustomBinding"/>
        <endpoint
        address="mex"
        binding="mexHttpsBinding"
        contract="IMetadataExchange" />
      </service>
    </services>
    <behaviors>
      <serviceBehaviors>
        <behavior name="MyCustomBehavior">
          <serviceMetadata httpsGetEnabled="true" />
          <serviceCredentials>
            <clientCertificate>
              <authentication
              certificateValidationMode="PeerTrust"
              trustedStoreLocation="LocalMachine" />
            </clientCertificate>
            <serviceCertificate
            findValue="ServerCert"
            x509FindType="FindBySubjectName"
            storeLocation="LocalMachine"
            storeName="My"/>
          </serviceCredentials>
        </behavior>
      </serviceBehaviors>
    </behaviors>
    <bindings>
      <customBinding>
        <binding name="MyCustomBinding"
        closeTimeout="00:20:00"
        openTimeout="00:20:00"
        receiveTimeout="00:20:00"
        sendTimeout="00:20:00">
          <security
          authenticationMode="CertificateOverTransport"
          requireSecurityContextCancellation="true"/>
          <httpsTransport/>
        </binding>
      </customBinding>
    </bindings>
    <serviceHostingEnvironment
    multipleSiteBindingsEnabled="false" />
  </system.serviceModel>
  <system.webServer>
    <modules runAllManagedModulesForAllRequests="false" />
    <directoryBrowse enabled="true" />
  </system.webServer>
</configuration>

To get a better idea about the different sections of this configuration file I would like to explain it a bit more,

<services>
  <service
  name="Rashim.RND.WCF.SecureCommunication.WcfService.Feedback"
  behaviorConfiguration="MyCustomBehavior">
    <endpoint
    address="" binding="customBinding"
    contract="Rashim.RND.WCF.SecureCommunication.Interfaces.IFeedback"
    bindingConfiguration="MyCustomBinding"/>
    <endpoint address="mex"
    binding="mexHttpsBinding"
    contract="IMetadataExchange" />
  </service>
</services>

In this above section we see that Custom behavior configuration and custom binding configuration has been used.

The custom behavior section is given below,

<behavior name="MyCustomBehavior">
  <serviceMetadata httpsGetEnabled="true" />
  <serviceCredentials>
    <clientCertificate>
      <authentication
      certificateValidationMode="PeerOrChainTrust"
      trustedStoreLocation="LocalMachine" />
    </clientCertificate>
    <serviceCertificate
    findValue="ServerCert"
    x509FindType="FindBySubjectName"
    storeLocation="LocalMachine"
    storeName="My"/>
  </serviceCredentials>
</behavior>

Here clientCertificate describes an X.509 certificate which has been used to validate a client to a service. At the same time, serviceCertificate specify an X.509 certificate that will be used to authenticate the service to clients. There is a detail explanations about this has been given here [^] [^].

And the custom binding configuration section is,

<binding name="MyCustomBinding"
closeTimeout="00:20:00"
openTimeout="00:20:00"
receiveTimeout="00:20:00"
sendTimeout="00:20:00">
  <security
  authenticationMode="CertificateOverTransport"
  requireSecurityContextCancellation="true">
  </security>
  <sslStreamSecurity requireClientCertificate="true"/>
  <httpsTransport/>
</binding>

We know that, WCF provides several modes by which clients and services verify to each other. We can create binding for these authentication modes through configuration or by code. Here I have used CertificateOverTransport which means the service is valid using an X.509 certificate at the transport layer.  And requireSecurityContextCancellation specifies whether security context should be cancelled and terminated when it is no longer required.

That’s it.Now try to  browse https://localhost/Feedback/Feedback.svc and you will get the following page

Image

Client and its Configuration

Once services have been implemented, the implementation of client is pretty simple. The client code has been given below,

System.Net.ServicePointManager.ServerCertificateValidationCallback += (se, cert, chain, sslerror) => true;

        var channel = new ChannelFactory<IFeedback>("FeedbackEndpoint");

        var client = channel.CreateChannel();

        var input = Console.ReadLine();

        while (input != null && input.ToLower() != "exit")
        {
            var feedback = client.GiveFeedback(input);
            Console.WriteLine(feedback);
            input = Console.ReadLine();
        }

The code above will trust any security certificate handed back from the server since it bypasses the SSL certificate validation. As the certificate I have used here is a self-signed certificate and it is not signed by a trusted CA, I need to make own validation logic to check for it .

So the configuration file for the client is,

<?xml version="1.0" encoding="utf-8" ?>
<configuration>
  <system.serviceModel>
    <bindings>
      <customBinding>
        <binding name="MyCustomBinding">
          <security authenticationMode="CertificateOverTransport"/>
          <textMessageEncoding />
          <httpsTransport />
        </binding>
      </customBinding>
    </bindings>
    <behaviors>
      <endpointBehaviors>
        <behavior name="MyCustomBehavior">
          <clientCredentials>
            <clientCertificate
            findValue="ClientCert"
            storeLocation="LocalMachine"
            storeName="My"
            x509FindType="FindBySubjectName" />
            <serviceCertificate>
              <authentication
              certificateValidationMode="PeerOrChainTrust"/>
            </serviceCertificate>
          </clientCredentials>
        </behavior>
      </endpointBehaviors>
    </behaviors>
    <client>
      <endpoint
      address="https://localhost/FeedbackService/Feedback.svc"
      binding="customBinding"
      bindingConfiguration="MyCustomBinding"
      contract="Rashim.RND.WCF.SecureCommunication.Interfaces.IFeedback"
      behaviorConfiguration="MyCustomBehavior"
      name="FeedbackEndpoint"/>
    </client>
  </system.serviceModel>
</configuration>

That’s it. I think this would help you while you will be working with the Certificate based communication.

Source code is available here.


%d bloggers like this: