Zulfiqar's weblog

WebHttpBinding is the non-SOAP binding shipped with .net Framework 3.5. This binding along with WebHttpBehavior will be your friend for REST, POX & AJAX scenarios.

When you expose an endpoint using WebHttpBinding the default error handling mechanism is overridden by a custom error handler added by the WebHttpBehavior. Now if you throw a FaultException from your methods – this handler will simply swallow your exception and will generate a generic 400 Bad Request error message. It will do the same for non-fault exceptions. The reason for this change is that in the SOAP world, Faults have a well known wire representation and based on that your FaultException is translated into a SOAP fault message. There is no such wire representation for the faults in REST or AJAX scenarios. If you own both sides (client & service) of the solution, you might want to customize this default WCF behavior. For example, in my scenario I want to send fault object as a JSON string to the client with a 400, “Bad request” http error code. For non-fault exception I will return a generic message with 500 “Internal Server Error”. 

First step of this customization is to subclass the WebHttpBehavior and replace the default error handler with you own error handler.

public class WebHttpBehaviorEx : WebHttpBehavior

{

    protected override void AddServerErrorHandlers(ServiceEndpoint endpoint, EndpointDispatcher endpointDispatcher)

    {

        // clear default erro handlers.

        endpointDispatcher.ChannelDispatcher.ErrorHandlers.Clear();

        // add our own error handler.

        endpointDispatcher.ChannelDispatcher.ErrorHandlers.Add(new ErrorHandlerEx());

    }

}

Create your own error handler by impelemting IErrorHandler interface.

public class ErrorHandlerEx : IErrorHandler

{

    public bool HandleError(Exception error)

    {

        return true;

    }

    public void ProvideFault(

        Exception error, MessageVersion version, ref Message fault)

    {

     

        //TODO: here we can provide our own fault

    }

}

ProvideFault implementation looks like this:

    public void ProvideFault(

        Exception error, MessageVersion version, ref Message fault)

    {

        if (error is FaultException)

        {

            // extract the our FaultContract object from the exception object.

            var detail = error.GetType().GetProperty("Detail").GetGetMethod().Invoke(error, null);

            // create a fault message containing our FaultContract object

            fault = Message.CreateMessage(version, "", detail, new DataContractJsonSerializer(detail.GetType()));

            // tell WCF to use JSON encoding rather than default XML

            var wbf = new WebBodyFormatMessageProperty(WebContentFormat.Json);

            fault.Properties.Add(WebBodyFormatMessageProperty.Name, wbf);

 

            // return custom error code.

            var rmp = new HttpResponseMessageProperty();

            rmp.StatusCode = System.Net.HttpStatusCode.BadRequest;

            // put appropraite description here..

            rmp.StatusDescription = "See fault object for more information.";

            fault.Properties.Add(HttpResponseMessageProperty.Name, rmp);

        }

        else

        {

            fault = Message.CreateMessage(version, "", "An non-fault exception is occured.", new DataContractJsonSerializer(typeof(string)));

            var wbf = new WebBodyFormatMessageProperty(WebContentFormat.Json);

            fault.Properties.Add(WebBodyFormatMessageProperty.Name, wbf);

            // return custom error code.

            var rmp = new HttpResponseMessageProperty();

            rmp.StatusCode = System.Net.HttpStatusCode.InternalServerError;

            // put appropraite description here..

            rmp.StatusDescription = "Uknown exception...";

            fault.Properties.Add(HttpResponseMessageProperty.Name, rmp);

        }

    }

 

Now if you throw a FaulException with following fault contract.

    [DataContract]

    public class GreaterThan3Fault

    {

        [DataMember]

        public string FaultMessage { get; set; }

        [DataMember]

        public int ErrorCode { get; set; }

        [DataMember]

        public string Location { get; set; }

    }

You will get this on the client side with a 400 error code. You can use the javascript:eval() to convert this string into javascript object.

{"ErrorCode":90192,"FaultMessage":"Count cannot be greate than 3. Please try again later.","Location":"ISB"}

You can plug-in your custom/extended behavior by using a custom ServiceHostFactory.

 

    public class MyFactory : WebServiceHostFactory

    {

        public override ServiceHostBase CreateServiceHost(string constructorString, Uri[] baseAddresses)

        {

            var sh = new ServiceHost(typeof(Service1), baseAddresses);

            sh.Description.Endpoints[0].Behaviors.Add(new WebHttpBehaviorEx());

 

            return sh;

        }

        protected override ServiceHost CreateServiceHost(Type serviceType, Uri[] baseAddresses)

        {

            return base.CreateServiceHost(serviceType, baseAddresses);

        }

    }

And your svc should look like this.

<%@ ServiceHost Language="C#" Debug="true" Service="Test.Service1" CodeBehind="Service1.svc.cs" Factory="Test.MyFactory" %>

I have attached complete solution with this post.

Pablo described here a way to configure federation over TCP. In his approach he gets a SAML token from STS and then uses that token to get a security context token which will be used to provide actual message security throughout the session.

As message security only works in a buffered mode, so his approach is not suitable for a TCP streaming scenario. To enable federation along with TCP streaming you have to use mixed mode security (TransportWithMessageCredential) over TCP.  Let’s consider following binding which uses mixed mode security.

      <netTcpBinding>

        <binding name="tcp" transferMode="Streamed">

          <security mode="TransportWithMessageCredential">

            <message clientCredentialType="IssuedToken"/>

            <transport clientCredentialType="Windows"></transport>

          </security>

        </binding>

      </netTcpBinding>

Now the trouble is that there is no way to configure STS settings in this binding configuration so your only choice is to mimic the above settings in a custom binding.

      <wsHttpBinding>

        <binding name="simpTransport">

          <security mode="Transport">

            <transport clientCredentialType="None"/>

          </security>

        </binding>

      </wsHttpBinding>

 

      <customBinding>

        <binding name="tcp">

          <security authenticationMode="SecureConversation">

            <secureConversationBootstrap authenticationMode="IssuedTokenOverTransport">

              <issuedTokenParameters>

                <issuer address="https://localhost:9000/STS" binding="wsHttpBinding" bindingConfiguration="simpTransport"/>

              </issuedTokenParameters>

            </secureConversationBootstrap>

          </security>

          <windowsStreamSecurity/>

          <tcpTransport transferMode="Streamed" />

        </binding>

      </customBinding>