Here's a quick reference on WCF Contract Attributes, jargons etc.
1) MSMQ - message delivery guarantees such as when receiver is offline, transactional delivery of messages, durable storage of messages, exception management through dead letter and poison letter queues dead letter queues used when messages expire or purged from other queues. Poison letter queues used when max retry count is exceeded. Security over AD. MSMQ management console facilitates administration.
NetMsmqBindingFeatures :
ExactlyOnce, TimeToLive (default 1day), QueueTransferProtocol ( SRMP for HTTP expose ), ReceiveRetryCount, MaxRetryCycles, UseMsmqTracing, UseActiveDirectory, UseSourceJournal,
ClientTransactions - TransactionScope, Queued Service Contract - TrasnactionFlow(TransactionFlowOption.Allowed)
Security Features:
Authentication - mutual sender and receiver, Authorization - access level, Integrity , Confidentiality,
SecurityMode - None, Transport, Message, Both - TransportWithMessageCredential and TransportCredentialOnly, Client credentials are passed with the transport layer.
ClientCredentialType can be WindowsClient property, HttpDigest property, UserName property, ClientCertificate property, ServiceCertificate property, IssuedToken property, Peer property,
SecurityPrincipal - roles, identity. ServiceSecurityContext - claims, identity.
Claims based security model - security tokens and claims. using ClaimType, Right and Resource.
A X.509 token has a claim set where a list of claims selected from an indexer set are issued by a particular issuer. Authorization calls based on custom claims
Windows CardSpace is used for creating, managing and sharing digital identities in a secure and reliable manner. CardSpace usually has a local STS that can issue SAML tokens. When a card is used to authenticate, a local or remote STS looks at the claims in the card to generate a token.
In a federated security, AAA is sometimes delegated to STS. The client application authenticates to the STS to request a token for a particular user. The STS returns a signed and encrypted token that can be presented to the relying party.
Exception handling - SOAP faults have faultCode, faultString, faultFactor, and detail.
Exception, SystemException, CommunicationException, FaultException, FaultException<T>.
BindingFeatures - Transport protocols, Message enconding, Message version, transport security, message security, duplex, reliable messaging and Transactions.
Reliability - implemented via RM Buffer on both client and server side and session maintenance. RequireOrderedDelivery, retry attempts, SessionThrottling. Reliable sessions can be configured with Acknowledgement Interval, Flow Control, Inactivity Timeout, Max pending Channels, Max retry count, Max Transfer Size Window, Ordered etc.
1) MSMQ - message delivery guarantees such as when receiver is offline, transactional delivery of messages, durable storage of messages, exception management through dead letter and poison letter queues dead letter queues used when messages expire or purged from other queues. Poison letter queues used when max retry count is exceeded. Security over AD. MSMQ management console facilitates administration.
NetMsmqBindingFeatures :
ExactlyOnce, TimeToLive (default 1day), QueueTransferProtocol ( SRMP for HTTP expose ), ReceiveRetryCount, MaxRetryCycles, UseMsmqTracing, UseActiveDirectory, UseSourceJournal,
ClientTransactions - TransactionScope, Queued Service Contract - TrasnactionFlow(TransactionFlowOption.Allowed)
Security Features:
Authentication - mutual sender and receiver, Authorization - access level, Integrity , Confidentiality,
SecurityMode - None, Transport, Message, Both - TransportWithMessageCredential and TransportCredentialOnly, Client credentials are passed with the transport layer.
ClientCredentialType can be WindowsClient property, HttpDigest property, UserName property, ClientCertificate property, ServiceCertificate property, IssuedToken property, Peer property,
SecurityPrincipal - roles, identity. ServiceSecurityContext - claims, identity.
Claims based security model - security tokens and claims. using ClaimType, Right and Resource.
A X.509 token has a claim set where a list of claims selected from an indexer set are issued by a particular issuer. Authorization calls based on custom claims
Windows CardSpace is used for creating, managing and sharing digital identities in a secure and reliable manner. CardSpace usually has a local STS that can issue SAML tokens. When a card is used to authenticate, a local or remote STS looks at the claims in the card to generate a token.
In a federated security, AAA is sometimes delegated to STS. The client application authenticates to the STS to request a token for a particular user. The STS returns a signed and encrypted token that can be presented to the relying party.
Exception handling - SOAP faults have faultCode, faultString, faultFactor, and detail.
Exception, SystemException, CommunicationException, FaultException, FaultException<T>.
BindingFeatures - Transport protocols, Message enconding, Message version, transport security, message security, duplex, reliable messaging and Transactions.
Reliability - implemented via RM Buffer on both client and server side and session maintenance. RequireOrderedDelivery, retry attempts, SessionThrottling. Reliable sessions can be configured with Acknowledgement Interval, Flow Control, Inactivity Timeout, Max pending Channels, Max retry count, Max Transfer Size Window, Ordered etc.
No comments:
Post a Comment