WCF Protection Level

WCF has a huge security component to it and encrypts and signs messages by default. It could be an overkill especially if you are debugging or transporting data using a secured channel and are trying to squeeze out every bit of performance.


To avoid this, you can just implement integrity when confidentiality is not a requirement. In such cases, WCF provides the facility to set the protection level on the message. Also note that protection levels can only be set for messages. WCF does not allow the disabling of protection levels for transport security. The following application file snippet illustrates how to achieve this using configuration files; the messages are required to be signed only before they are sent:

<binding name=”test”>
<security mode=”Message”>
<message defaultProtectionLevel=”Sign”/>

You can also specify the protectionLevel property through code at ServiceContract and OperationContract as well. Message exchange patterns (MEPs) determine how the messages are sent from the sender to the receiver. WCF does implement security support for both one-way and request-reply MEPs. However, duplex MEPs are available only in WsDuaHttpBinding, NetTcpBinding, and NetNamedPipeBinding.

Application Domains

Application Domains

An application domain is the run-time unit of isolation in which a .NET program runs. It provides a managed memory boundary, a container for loaded assemblies and application configuration settings, as well as delineating a communication boundary for distributed applications. Each .NET process usually hosts just one application domain: the default domain, created automatically by the CLR when the process starts. It’s also possible — and sometimes useful — to create additional application domains within the same process. This provides isolation while avoiding the overhead and communication complications that arise with having separate processes. It’s useful in scenarios such as load testing and application patching, and in implementing robust error recovery mechanisms.

Application Domain Architecture

In most cases, the processes housing the application domains are created implicitly by the operating system — when the user double-clicks your .NET executable file or starts a Windows service. However, an application domain can also be hosted in other processes such as IIS or in SQL Server through CLR integration. In the case of a simple executable, the process ends when the default application domain finishes executing. With hosts such as IIS or SQL Server, however, the process controls the lifetime, creating and destroying .NET application domains as it sees fit.

Continue reading “Application Domains”

A Use for Partial Classes/Structs

The keyword partial has been with us for a while now. Until recently I couldn’t find a use for partial classes/structs unless some of the code is auto generated and you want to make sure you don’t interfere with auto generated code. That is until recently I have been asked to create a struct representing a local date – a data that is not affected by time-zones and lacks a time component,

To make it as close as a native CLR type I had to implement a bunch of interfaces, ISerializable, IEquitable<T>, IXmlSerializable. In addition it had to implement some explicit and implicit convertions, !=, ==, >=, <=, > and < operators. Soon, what seemed like a simple struct grew into couple of thousands lines of code,

There is nothing preventing you from putting all the code into one big file, however I think I found a more elegant solution – use the partial keyword and split one large LocalDate by either the interface being implemented or things it’s implementing. So I ended up with:

  • LocalDate.ISerializable.cs
  • LocalDate.IEquitable.cs
  • LocalDate.Operations.cs
  • LocalData.Conversions.cs

I have also used one of the Visual Studio plugins to nest all of those files under a single LocalData.cs.

So far I couldn’t come back with a single draw back of such approach. Please let me know if there are any!

Disable CapsLock Button

To disable caps lock on you pic simply create any file with .reg extension and populate it with the following text and then double click on it

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Keyboard Layout]
"Scancode Map"=hex:00,00,00,00,00,00,00,00,02,00,00,00,00,00,3a,00,00,00,00,00

The reboot your box and the caps locks wouldn’t trouble you anymore

Unity Interception Extension


Starting from Enterprise Library 5.0, Unity supports interception mechanisms which captures the call to an object at invocation time and provides the full implementation of the object through lightweight code generation (ILEmit). It’s something very similar to the aspect-oriented programming (AOP) approach.

However, Unity is NOT an AOP framework implementation for the following reasons:

  • It uses interception to enable only preprocessing behaviors and post-processing behaviors.
  • It does not insert code into methods, although it can create derived classes containing policy pipelines.
  • It does not provide interception for class constructors.

Instance Interception VS Type Interception

With instance interception, when the application resolves the object through the container,

  1. The Unity interception container obtains a new or an existing instance of the object and creates a proxy.
  2. Then it creates the handler pipeline and connects it to the target object before returning a reference to the proxy.
  3. The client then calls methods…

View original post 980 more words

Blog at WordPress.com.

Up ↑