Sunday, June 1, 2008

Speaking on BizTalk ESB Guidance at MOCSDUG

I'm going to give the June presentation to the Mid-Ohio Connected Systems Developers User Group (MOCSDUG) on "Introduction to the Microsoft ESB Guidance for BizTalk Server 2006 R2". The talk will be on Thursday, June 5, 2008 at 6:00 PM. You can see it in person or over the web via LiveMeeting.

The ESB Guidance gives you free, prebuilt components and services, complete with source code, that allow you to turn BizTalk into a true Enterprise Service Bus.

Here's some of what the ESB Guidance can do:
  • Discover and configure message endpoints at runtime
  • Discover and perform message transformations at runtime
  • Select which combination of services to execute, in what sequence, at runtime
  • Handle exceptions consistently from anywhere inside or outside BizTalk

Many of the cool things we're expecting in Oslo are available in the ESB Guidance right now. So come check it out!

Thursday, May 22, 2008

The 30-Day PowerShell Diet

Inspired by this example, I have resolved to go on a 30-day PowerShell diet. For 30 days I will not use the Windows command window. I will use PowerShell instead. It should hopefully take only a few days to get used to using PowerShell to do all the things I normally do in a command window, and then I can start learning all the cool extra things in PowerShell. If after 30 days I don't like it,then I will stop using PowerShell for good.

The first challenge to the beginner is getting hold of a copy. A quick search leads to the official Microsoft site, but unfortunately you can't download there without installing a Windows Genuine Advantage plug-in, which I avoid whenever possible. (Not that I'm a thief, but I consider WGA an intrusion of privacy.) Happily this site lets us take advantage of PowerShell downloading without any Genuine Advantage.

After the installation I had a shortcut to PowerShell on my Start menu, which I copied to my desktop and thence to my Quick Start tray. And then came the second challenge. I almost never run the plain vanilla command window; instead I run the Visual Studio command window, which pre-loads path and environment variables so I'll be ready to run devenv.exe, sn.exe, wsdl.exe, and the whole rest of the Visual Studio tools. The command window shortcut does this by running a batch file, which in VS2008 is called vcvarsall.bat. If you try passing the batch file as a startup parameter to PowerShell you'll get syntax errors which I'm too green to understand yet. Plus, if you make it work it won't help, because PowerShell will run the batch file in a separate process, so it won't affect PowerShell's own environment.

The solution is for the shortcut to run the batch file first, then launch PowerShell. And so I edited the shortcut's properties as follows:

* this is the default

Target: %comspec% /k ""D:\Programs\Microsoft Visual Studio 9.0\VC\vcvarsall.bat"" x86 && %SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe

And now I think I'm ready to live in PowerShell for the next 29 days.

Monday, May 19, 2008

WCF Security at Cleveland Day of .NET

I want to say that Cleveland Day of .NET was terrific experience for me. Between the excellent presentations and the stimulating conversations, I learned a lot and had a great time. I won't try to list all the folks I should thank, 'cause I'd leave some out, but to everyone who helped put on the event, Thank You and Well Done!

I was gratified by the turnout at my presentation, on "WCF Security", especially considering that we started at 8:30 AM! A copy of the slides and the demo code is available from the Cleveland .NET SIG site. (I've discovered I can't upload the files directly to this blog. I don't pay anything to BlogSpot, so I guess I'm not in a position to complain.) I've also sent the material to DoDN and will post a link to it on their site as soon as it's available.

I've made a bunch of enhancements to the demo code. The service host now has five different endpoints, one for each demo scenario, and the test client calls all five in succession. The demo also includes the two scenarios that I didn't have time to show in the presentation. You're welcome to post comments here or contact me directly if you have any questions or suggestions. I'm also planning to write some more blog posts about WCF Security in coming weeks.

Tuesday, May 13, 2008

Speaking at Cleveland Day of .NET

I've been added to the speakers lineup at Cleveland Day of .NET this Saturday, May 17. This is such a late-breaking development that it's not on the schedule yet, though it may be by the time you read this. My topic will be "WCF Security", not the sexiest but it might help you keep your job (certainly helped me keep mine).

And yes, it's been a while since I updated this blog! Stay tuned ...

Wednesday, April 23, 2008

Review: John Stockton Silverlight 2.0 Presentation

Last night I got to the Cleveland C#/VB.NET SIG to hear John Stockton talk about Silverlight 2.0 Beta 1. Although this beta has only been out a few weeks, John has already written a couple of apps in it, which he demonstrated. The first demo was based on a POC John had written for an actual client in about 10 days. It took an XML file containing a description of a telephone switching system, and it drew a two-dimensional picture of the system. Drawing the picture seemed straitforward enough (they're just boxes stacked in racks), but each box was animated to display its specs when touched with the mouse. The second demo was an early iteration of the web page that will display events at Cleveland Day of .NET. I was a bit disturbed by that one because it said John and I would be the only presenters. (Fear not, that will change!)

Though he freely admits that he's still learning, John's experience playing with Silverlight 2.0 beta 1 from its day of release has made him already one of the world's top experts. I admired his willingness to get right to work with it, and he made it seem approachable to the rest of us.

I still have a lot of questions about how ready Silverlight is for prime time. (How's the security? How's it deal with latency, concurrency, message brokering? Is the cross-platform cross-browser story real? How far can you really get away from Javascript?) And of course a lot of that approachability we perceived is because it's .NET and we're .NET developers. But the fastest way to the answers is to try the stuff out, as John has done.

After the meeting a gang of 16 or so escaped to Winking Lizard, which appears to be a strong tradition with this SIG, although we're doing much more of it now in that other Cleveland .NET SIG that I chair. I enjoyed meeting new .NET developers as well as catching up with Sam and some Twitterati.

Overall a very enjoyable and informative geek night out.

Saturday, April 12, 2008

Fixing BizTalk's WCF Message Contract Mix-Up, Part 3

The final solution to the Message Contract Mix-Up doesn’t require you to define your own message contracts, but does require some tricks in both the operation contract and the BizTalk ports.

First, modify the operation contract by adding a MessageParameterAttribute to the argument and return type:

[return:MessageParameter(Name="OrderStatus")] PurchaseOrderStatus PlaceOrder([MessageParameter(Name="PurchaseOrder")]PurchaseOrder po);

MessageParameterAttribute lets you change the names that the parameter and return value will have in the SOAP body. The names need to be changed to “PurchaseOrder” and “OrderStatus” so BizTalk can associate the schemas PurchaseOrder.xsd and OrderStatus.xsd with those elements. (Without MessageParameterAttribute, WCF would force the names of the parameter and return value to be “po” and “PlaceOrderResult”, which mean nothing to BizTalk).

Now you need to modify the WCF adapter settings in the two-way receive location in BizTalk. For general instructions and screenshots illustrating the following steps see the BizTalk documentation here. Open the Messages tab of the WCF adapter. Under “Specify the source of the inboud BizTalk message body”, check the third radio button, “Path – content located by body path”. In the text box type an XPATH expression consisting of the name of your operation contract, followed by the name of your data contract schema:


Make sure the combo box below the text box, “Node encoding”, is set to XML.

The first element in the XPATH is actually the WCF-generated message contract, which has the same name as the operation contract (“PlaceOrder”). The following element is the name of the parameter inside the message contract, which we forced to be “PurchaseOrder” by applying the MessageParameterAttribute.

The consequence of these settings is that the WCF adapter will drill through the message contract and pass the PurchaseOrder element to BizTalk as the message body. Bingo!

Since this is a two-way port, we need to return a data contract back to the caller, and to do that we need to tell the WCF adapter how to wrap the data contract inside a message contract. To do that, go to the bottom half of the tab and check “Template – content specified by template.” In the text box below, be careful not to delete or change the bts-msg-body element that’s already there, since that represents the data contract part of the message. Instead, insert an XML element around the bts-msg-body to represent the message contract. The name of this element is the operation contract’s name plus the suffix “Response”, and it must include the correct XML namespace:

<PlaceOrderResponse xmlns="urn://" >
<bts-msg-body xmlns="" encoding="xml" >
</PlaceOrderResponse >

If this were a one-way send port we would follow the same procedure.

The result is that BizTalk will send the return value to client wrapped inside the same message contract that WCF would have generated automatically if the service were hosted in a pure .NET application. Bingo Bingo!

So there you have three ways to solve the Message Contract Mix-Up with the BizTalk WCF adapters. If you’ve read all the way through this series, I surmise that you either find the subject fascinating, or you need to solve these problems as badly as I did.

Fixing BizTalk's WCF Message Contract Mix-Up, Part 2

I know of three ways to fix the Message Contract Mix-Up discussed in the last post. The first two require changing the signatures of your operation contracts to replace the WCF-generated message contracts with message contracts you define yourself. (Perhaps you've read books or heard WCF experts who say you needn't bother defining message contracts except in the unusual case. Then I guess BizTalk is an unusual case, as you might have suspected.)

1. Change the operation contract’s parameter and return value to message contracts with IsWrapped = false, like this:

[ServiceContract(Namespace = "urn://")]
public interface IPurchasing
OrderStatusMessage PlaceOrder(PurchaseOrderMessage message);

public class PurchaseOrderMessage
[MessageBodyMember(Namespace = "urn://")]
public PurchaseOrder PurchaseOrder;

public class OrderStatusMessage
[MessageBodyMember(Namespace = "urn://")]
public OrderStatus OrderStatus;

If you declare your own message contracts but set IsWrapped to false (the default is true), then WCF will not generate any message contract element in the SOAP message at all. Instead, WCF will place the field with the MessageBodyMember attribute – which happens to be your data contract, PurchaseOrder – directly at the root of the SOAP body. Thus the SOAP message received by BizTalk will have an element named PurchaseOrder at its message type. Bingo! The great thing about this solution is you don’t need to do anything special on the BizTalk side to make your WCF adapters behave as you originally expected.

2. Same as 1. above, except the message contracts have IsWrapped = true. This will make the message contracts visible in your SOAP bodies, but you'll control their content instead of WCF. Generate XSD schemas for the message contracts and put them in your BizTalk project. Write message maps to transform message contract schemas to and from data contract schemas. Use the message maps to transform message contracts into data contracts in your inbound ports and to transform data contracts into message contracts in your outbound ports.

This solution will increase the number of schemas and message maps you’ll maintain. But unlike the previous solution, this one makes the message structures consistent, whether you look at them from the perspective of the WCF contracts, the BizTalk schemas, or the actual SOAP messages on the wire.

3. If you can’t, or aren’t willing, to define your own message contracts, but you’re able to add some WCF attributes, you can work out a compromise that allows BizTalk to navigate through the WCF-generated message contracts without knowing all about their schemas. The final post in this series will explain how to do that.

Fixing BizTalk's WCF Message Contract Mix-Up, Part 1

WCF developers often write OperationContracts that receive and return DataContracts, like so:

[ServiceContract(Namespace = "urn://")]
public interface IPurchasing
OrderStatus PlaceOrder(PurchaseOrder po);

Suppose you implement this service in BizTalk using an orchestration. First you use a tool such as XSD.exe or SVCUtil.exe to generate XSD schemas for the PurchaseOrder and OrderStatus data contracts. You add these schemas to a BizTalk project, write an orchestration that receives a PurchaseOrder and returns an OrderStatus, and deploy the schemas and orchestration to BizTalk. Then you bind the orchestration’s receive-send port to a two-way receive location using a WCF adapter and the XmlReceive pipeline.

Your may be shocked to find that when a WCF client sends a message to BizTalk, an error occurs in the receive pipeline: “Finding the document specification by message type "urn:// #PlaceOrder" failed. Verify the schema deployed properly.”

It turns out that the SOAP body that your WCF client sent to BizTalk doesn’t begin with the PurchaseOrder data contract. Instead it begins with a message contract that the WCF client generated behind the scenes. The name of this message contract is “PlaceOrder”, i.e. the name of the operation. Inside that message contract is an element named “po” which contains the data exposed by the data contract. Thus although BizTalk expects to receive a message type named PurchaseOrder, there is no element named PurchaseOrder anywhere in the SOAP body!

There's a symmetrical problem at the other end, when the two-way receive port tries to return an OrderStatus to the caller. If the service were hosted in a .NET application, WCF would automatically generate a message contract element named PlaceOrderResponse and wrap it around the OrderStatus. But BizTalk by default will do no such thing.

I call this impedence mismatch the "BizTalk WCF Message Contract Mix-Up". But so much for lingo, how do you fix it? I can suggest three solutions, each with its pros and cons. I’ll discuss them in the next post.

BizTalk WCF Adapters: OneWay to Nowhere

Newcomers to the WCF Adapters in BizTalk Server 2006 R2 must be aware of two “gotchas” that they're likely to face when sending or receiving WCF messages with the adapters.

The first gotcha is that the IsOneWay property of operation contracts must be false. Luckily IsOneWay is false by default, but developers sometimes set it to true in an attempt to improve performance.

But the BizTalk WCF adapters always set IsOneWay to false, and so will fail whenever sending to or receiving from a client or service that has IsOneWay = true. (There’s an exception for the NetMsmq adapter.) Details about the errors you’ll receive are in the BizTalk documentation here.

The simple solution is to set IsOneWay back to false on your client or service. If you’re able to do that, the problem goes straight away.

If not – if for instance you lack authority to change the service contract – then you’ll have to put a wrapper service between BizTalk and the real service which, you guessed it, has the same WCF contracts as the real service except that IsOneWay is always false. This can be a pain, though it’s not hard to understand what you’re doing.

The second gotcha requires some deeper knowledge of WCF, so I’ll save it for the next post.

Friday, April 11, 2008

BizTalk Slides and Demos

The slides and demos from my Intelligent Programmer's Guide to BizTalk presentation are here.

Friday, March 28, 2008

Painless SSL On Your Desktop

I was developing a WCF solution that called for UserNameOverTransport authentication. "OverTransport" meant using SSL. Since I'm a coding/architect kind of guy, I had to dig around to find out how to get an X509 certificate installed in my local IIS so I could run SSL on it.

Creating a certificate is easy with makecert.exe, a utility that comes with the Visual Studio SDK. Getting one that works is another matter. By "works" I mean (1) you can install the certificate in IIS, (2) it will be fully trusted by WCF, and (3) you can use it with URLs containing "localhost" without hearing grief about the certificate being issued to a different name.

The keys to success turn out to be (i) installing a ginned-up "authority" into the Trusted Root Certificate Authorities store, and (2) installing a certificate issued by that "authority", in the name of "localhost", into your Personal store.

Getting makecert.exe to do these things requires a lot of fancy parameters. This fine blog post by Michael Howard explains most of what you need to do. The only shortcoming of Howard's otherwise excellent instructions is that he installs the issuer's certificate into the Personal store instead of into Trusted Root Certificate Authorities, and thus WCF won't trust it. To fix that I changed the -ss parameter from "MY" to "ROOT".

Here is text of the batch file I used to create my fully SSL-ready certificate:

@echo off

makecert.exe -r -pe -n "CN=Acme Test And Dev Root Authority" -ss ROOT -sr LocalMachine -a sha1 -sky signature "Acme Test And Dev Root Authority.cer"

makecert -pe -n "CN=localhost" -ss MY -sr LocalMachine -a sha1 -sky exchange -eku -in "Acme Test And Dev Root Authority" -is ROOT -ir LocalMachine -sp "Microsoft RSA SChannel Cryptographic Provider" -sy 12 localhost.cer

Once the batch file ran, I opened the IIS Admin Console and configured Default Web Site to use the certificate named "localhost" for SSL. Et voila, I can use any address on my local machine beginning with https://localhost/..., and it transports over SSL!

Wednesday, March 12, 2008

BIzTalk Presentation at the Cleveland .NET SIG

Next month I'm going to give a presentation to the Cleveland .NET SIG titled "The Intelligent Programmer's Guide to BizTalk". This will be geared to the BizTalk novice and will answer the question, "What can I do with BizTalk?" I'll have time for three demonstrations, which I'm currently planning to cover (1) how to set up decoupled publish/subscribe communication, (2) how to manage long-running transactions, and (2) how to achieve massive performance scalability.

I'd welcome anybody's suggestions of things they like included.

The meeting will be Tuesday, April 8, at 5:45. Directions and other info here.

Friday, March 7, 2008

... Which Sometimes Splits Too Fine

Then there are little gotchas in C++/CLI that just go to show how tough it is to get everything smoothed out in such a complex product.

  • You can strong name your assemblies, but you'll get a runtime exception if you do it the way you're used to, in the AssemblyInfo file. Instead you must use a linker switch.
  • Visual Studio won't automatically rename and copy an app.config file for you. You have to write a custom build event.
  • IntelliSense is brittle and feeble, like C# was in VS 2002. It's comforting that the C++ Team plans to re-architect this feature in the next big release.

Perhaps my hordes of readers would like to post their own favorite glitches.

C++ fans are fond of sports car metaphores, and it's certainly not always built for comfort!

Wednesday, March 5, 2008

The Split-Brain Language

In C++/CLI we have the merging of two nearly opposite things:
  • C++, a language designed to generate unmanaged code. It offers nearly unlimited run-time access to hardware, operating system and drivers, but almost no run-time access to the program's own type system.

  • CLI, a managed runtime. It offers only limited access to hardware, OS and drivers, but rich access to the program's type system at run-time.

C++/CLI is a language that can write both managed or unmanaged code. We'll leave aside for now whether mixing managed and unmanaged code is something we'd like to do, and just look at how well C++/CLI supports managed code. (We can force the compiler to produce a 100% managed assembly using the /clr:safe switch.)

There's no doubt that the unmanaged legacy of C++ makes some things more awkward, or at least more verbose, than they are in all-managed languages like C#. For instance, in C++/CLI you can't use the traditional C-ish syntax to declare a managed array, as you can in C#. That's because in C++ the C-style syntax is reserved for unmanaged arrays; so if you want a managed array you must explicitly invoke the managed type:

int[] someInts = {1,2,3}; // declares a managed array in C# but an unmanaged array in C++/CLI

array^ someInts = {1,2,3}; // what C++/CLI requires

Then there are time-honored C++ restrictions that, however necessary in the early 1970's, are useless today. For instance, the C++ compiler insists on reading a source file from top to bottom.

ref class A { B^ _b; }; // error: compiler can't find definition of B, even though it's on the next line
ref class B {};

And so the programmer resorts to a forward declaration, just to make the compiler shut up:

ref class B; // declares B but doesn't define it
ref class A { B^ _b; }; // compiler willing to be patient now
ref class B {}; // definition of B

In the next post I'll look at whether the unmanaged legacy of C++ can help us (or force us) to write better managed code.

Monday, March 3, 2008

Another Monster

I now learn that there's a contemporary band out there named "Glorious Monster". According to this review their music is "moody, electro-pop", and includes the lyric: “Am I a brain / Or is my brain me / Consciousness or biology?” I gotta love that, must give them a listen.

C++ as a Domain Modelling Language

In Object Thinking David West says that C++ "inhibits the direct expression of application designs in any domain except that of the computer itself". In other words, C++ is great if you need to be intensely aware of the machine, but if you need to model a domain outside the machine -- say, an order entry system -- then C++ inhibits you. He doesn't spell out what's so inhibiting about it, but no doubt he's thinking of the complexity of the language.

When COM was king, Visual C++ was the only Microsoft language that let you really understand how COM worked and fully exploit what COM could do. A lot of us who struggled to program COM in C++ fancied we could design better programs in C++ than in Visual Basic. But did the ability to express COM better bring along the power to express the problem domain better?

I am going to argue on this blog that C++, whether in its traditional unmanaged form or in .NET C++/CLI, is as strong a language for domain modelling as any other, and I'll try and show that it is actually stronger than simpler languages like C# and Java. If that succeeds, then C++ will have a legitimate claim to being the best language (still) for all-purpose programming.

Perhaps I'll not succeed in persuading you, or even myself. But to find out, I (and perhaps you) will need to start attempting to use C++ to accomplish the same sorts of programming tasks that we now do in our "day job" languages (C#, in my case). Now that nothing forces me to use C++, it will take some extra effort to find out if I want to use it.

Sunday, March 2, 2008

The Title

"The Glorious Monster" is the title of an all-percussion piece by Max Roach. He composed it for his 8-man drumming ensemble, MBoom!, and it appears on MBoom!'s first album. It is notable for featured solos on xylophone, vibraphone and orchestral tom-toms.

"The Glorious Monster" was, for a long time, my pet nickname for my favorite and most dreaded progamming language, C++. The name has a sense of dread and delight, no?

And now I also apply that name to my favorite and most dreaded server technology, Microsoft BizTalk Server 2006 R2.

So this is going to be a blog about programming and software design, but maybe with some music thrown in. Let C++, BizTalk and Max Roach be the blog's xylophone, vibraphone and tom-toms.