Wcf

Front 1

What are the configuration elements/attributes of Message Logging?
What do they mean?

Back 1

<diagnostics>
<messageLogging
logEntireMessage=”true”
logMalformedMessages=”true” logMessagesAtServiceLevel=”true” logMessagesAtTransportLevel=”false” maxMessagesToLog=”5000” maxSizeOfMessageToLog=”{number of bytes}”/> …

<source name=“System.ServiceModel.MessageLogging”>
<listeners> <add name=”MessageListener” type=”System.Diagnostics.XmlWriterTraceListener” initializeData=”{file path}” /> …

Front 2

How do you set the protection level on a WCF service?

Back 2

[ServiceContract(ProtectionLevel = None | Sign | EncryptAndSign)]

[OperationContract(ProtectionLevel = None | Sign | EncryptAndSign)]

Front 3

Name the five security modes supported by BasicHttpBinding.

Back 3

None
Transport
Message
TransportWithMessageCredential
TransportCredentialOnly

Hint 3

None: The SOAP message is not secured during transfer. This is the default behavior.

Transport: Security is provided using HTTPS. The service must be configured with SSL certificates. The SOAP message is protected as a whole using HTTPS. The service is authenticated by the client using the service’s SSL certificate. The client authentication is controlled through the ClientCredentialType.

Message: Security is provided using SOAP message security. For the BasicHttpBinding, the system requires that the server certificate be provided to the client separately. The valid client credential types for this binding are UserName and Certificate.

TransportWithMessageCredential: Integrity, confidentiality and server authentication are provided by HTTPS. The service must be configured with a certificate. Client authentication is provided by means of SOAP message security. This mode is applicable when the user is authenticating with a UserName or Certificate credential and there is an existing HTTPS deployment for securing message transfer.

TransportCredentialOnly: This mode does not provide message integrity and confidentiality. It provides only HTTP-based client authentication. Use this mode with caution. It should be used in environments where the transfer security is being provided by other means (such as IPSec) and only client authentication is provided by the infrastructure.

Front 4

Describe how to access the ServiceSecurityContext during a service operation call.

Back 4

OperationContext.Current.ServiceSecurityContext

Front 5

What does WSE stand for?

Back 5

Web Service Enhancements

Front 6

Describe how to create a WCF client that will be interoperable with a WSE service.

Back 6

1. Use the SvcUtil.exe to create proxy.
2. Create a class that inherits from Binding.
3. Add properties to the class that specify the WSE turnkey assertion: (SecurityAssertion, RequireDerivedKeys, EstablishSecurityContext, MessageProtectionOrder )
3. Override CreateBindingElements to set the binding properties

Front 7

Which authentication mode authenticates the client using Windows credentials, and allows the client to authenticate the service using an X509 certificate.

Back 7

KerberosOverTransport

Front 8

What are the three types of performance counters?

Back 8

Service
Endpoint
Operation

Hint 8

1. Service performance counters measure the service behavior as a whole and can be used to diagnose the performance of the whole service.
Performance counters for service instance creation are incremented when a new InstanceContext is created. Note that a new InstanceContext is created even when you receive a non-activating message (with an existing service), or when you connect to an instance from one session, end the session, and then reconnect from another session.
2. Endpoint performance counters enable you to look at data reflecting how an endpoint is accepting messages. counter in an endpoint scope is aggregated from counters in a collection of operations.
3.Operation counter enables you to measure how the call is being used and how well the operation is performing.

Front 9

How do you enable performance counters for a WCF service hosted in a Windows Service?

Back 9

<system.ServiceModel>
<diagnostics performanceCounters=”All” />
</system.ServiceModel>

Front 10

What configuration elements/attributes are involved in logging personally identifiable information?

Back 10

machine.confg
<machineSettings enableLoggingKnownPii=”true”/>

app.config/web.config
<source name=”System.ServiceModel.MessageLogging” logKnownPii=”true”> …

Front 11

How do you filter message logging using configuration?

Back 11

<messageLogging logEntireMessage=”true” logMessagesAtServiceLevel=”true”>
<filters>
<add nodeQuota=”1000” xmlns:s11=”http://..”> /s11:Envelope/s11:Header/To[Contains(text(),”Verigon”)]
</add>
</filters>
</messageLogging>

Use XPath

Front 12

Which standard bindings support reliable sessions?

Back 12

WsHttpBinding
WsDualHttpBinding
WsFederationHttpBinding
NetTcpBinding

Hint 12

WsDualHttpBinding is reliable by default.

WsHttpBinding, WsFederationHttpBinding and NetTcpBinding support reliable sessions, but it is not enabled by default.

Front 13

How do you enable WMI for a service?

Back 13

<system.serviceModel>
<diagnostics wmiProviderEnabled=”true”/>
</system.serviceModel>

Front 14

How do you add a service behavior programmatically?

Back 14

host.Description.Behaviors.Add(new ImplOfIServiceBehavior);

Front 15

How do default endpoints work?

Back 15

•If there are zero endpoints when ServerHost.Open is called, the runtime calls a new method called AddDefaultEndpoings.

•AddDefaultEndpoints adds one default endpoint per base address.

•If there are already endpoints defined, no default endpoints are added automatically.

•AddDefaultEndpoints can be called programmatically.

•There can be at most one address per scheme in this collection.

Front 16

When the runtime creates a default endpoint, how does it determine which binding to use?

How can these defaults be changed?

What configuration element is used to change default endpoints?

Back 16

Default schema mapping can be found in machine.config.comments

<system.serviceModel>
<protocolMapping>
<add schema=”http” binding=”basicHttpBinding” bindingConfiguration=”name” />

Add your own mappings in machine.config.

Front 17

What are default binding configurations and how do you define them?

Back 17

You can define default binding configurations by omitting the name attribute on the binding in the configuration file.

WCF will use the default binding configurations for endpoints that don’t already have a binding configuration defined, and that match the binding type of the default configuration.

Front 18

What are standard endpoints and how do you configure your service to use them?

How can standard endpoints be changed?

Back 18

Standard endpoints are like default endpoints, but can be explicitly used.
Standard endpoints can be changed via configuration using

<system.serviceModel>
<services>
<service name=”service”>
<endpoint kind=”basicHttpBinding” contract=”IMyService”/>
</service>
<services>
</system.serviceModel>

Front 19

How are standard endpoints defined and changed?

Back 19

Define an endpoint configuration within the <stardardEndpoints> section.

<system.serviceModel>
<standardEndpoints>
<basicHttpBinding>
<standardEndpoint name=”name” … />

Front 20

What is ‘file-less activation’ and what are the key configuration elements?

Back 20

File-less removes the need for .svc files.
Configuration involves defining virtual activation endpoints within Web.config.

Hint 20

<system.serviceModel>
<serviceHostingEnvironment>
<serviceActivations>
<add relativeAddress="VirtualFile.svc" service="MyServiceClass"/>
</serviceActivations>
</serviceHostingEnvironment>
</system.serviceModel>

Front 21

Name the two operating modes defined by WS-Discovery.

Compare the two operating modes.

Back 21

WS-Discovery Modes: ad-hoc, managed

With ad-hoc mode, clients probe for services sending UDP multicast messages. Services can also announce themselves to clients using multicast messages.

With managed service discovery, you provide a discovery proxy. Clients talk directly to this proxy to locate services. The list of services can be a static list, or services can announce themselves to the proxy.

Front 22

How do you enable ad-hoc discovery on a WCF service?

Back 22

* Add the ServiceDiscoveryBehavior to the ServiceDescription
* Add an endpoint of kind udpDiscoveryEndpoint

See side 3 for a configuration example.

Hint 22

<system.serviceModel>
<services>
<service name="CalculatorService">
<endpoint binding="wsHttpBinding" contract="ICalculatorService" />
<!-- standard UDP discovery endpoint-->
<endpoint name="udpDiscovery" kind="udpDiscoveryEndpoint"/>
</service>
</services>
<behaviors><serviceBehaviors><behavior>
<serviceDiscovery/> <!-- enable service discovery behavior -->
</behavior></serviceBehaviors></behaviors>
</system.serviceModel>

Front 23

How do you configure a client to use ad-hoc discovery.

Back 23

Create an endpoint with the appropriate binding and contract. Instead of setting the address, set the kind to 'dynamicEndpoint'.

Hint 23

<system.serviceModel>
<client>
<!—notice, no address -->
<endpoint
name="calculatorEndpoint"
kind="dynamicEndpoint"
binding="wsHttpBinding"
contract="ICalculatorService">
</endpoint>
</client>
</system.serviceModel>

Front 24

Consider the situation where a discoverable service is able to run in multiple environments (such as DEV, TEST, PROD.) Describe how a client might programmatically probe for and select the correct environment’s endpoint.

Back 24

var discoveryClient = new DiscoveryClient(UdpDiscoveryEndpoint());
var findCriteria = new FindCriteria(typeof(ICalculatorService));
var findResponse = discoveryClient.Find(findCriteria);

EndpointAddress address = null;
foreach (var endpointAddress in findResponse.Endpoints)
if (condition)
address = endpointAddress;

Front 25

By default, WCF uses the DataContractSerializer.

What must you do to make WCF use the XmlSerializer.

Back 25

Apply the XmlSerializerFormat Attribute to the service CONTRACT.

You can apply the attribute to a class, interface, or method, allowing all or part of the service to be serialized using the XmlSerializer.

Front 26

By default, WCF uses the DataContractSerializer. How do you make WCF use the NetDataContractSerializer, or a custom serializer?

Back 26

In order to do this you need to create a custom operation behavior using the IOperationBehavior interface and the Attribute class.

You could then apply this attribute to the service contract.

** Custom serializers are NOT part of the exam.

Front 27

As an alternative to data contracts, explain how to create a message contract.

Back 27

Apply [MessageContract] attribute to the type. Then apply the [MessageHeader] and [MessageBodyMember] attributes to members of the type.

You can apply the MessageHeaderAttribute and MessageBodyMemberAttribute to all fields, properties, and events, regardless of whether they are public, private, protected, or internal.

Front 28

What is the [KnownType] attribute and how is it used.

Back 28

Specifies types that should be recognized by the DataContractSerializer when serializing or deserializing a given type.

It is applied to a data contract and it can be used in one of two ways. If a type is specified as the argument, multiple [KnownType] attributes can be applied. If a string is specified as the argument, only one attribute should be applied since the string refers to the name of a method that returns an IEnumerable of known types.

Front 29

What is IExtensibleDataObject?

Back 29

Interface that is applied to a data contract class that provides a way to store extra data encountered by the XmlObjectSerializer during deserialization.

It provides version round-tripping. Round-tripping occurs when data passes from a new version to an old version and back to the new version of a data contract. Round-tripping guarantees that no data is lost. Enabling round-tripping makes the type forward-compatible with any future changes supported by the data contract versioning model.

Front 30

What are the members of IExtensibleDataObject?

Back 30

The IExtensibleDataObject interface provides a single property that sets or returns a structure used to store data that is external to a data contract.

The property is called ExtensionData and it returns a structure of type ExtensionDataObject.

Front 31

What is the one system-provided binding that only supports message-level security?

Back 31

WSDualHttpBinding

Front 32

What is the one system-provided binding that supports transport-level security only (or none)?

Back 32

NetNamedPipeBinding

Front 33

What is the one system-provided binding that supports both transport and message-level security simultaneously?

Back 33

NetMsmqBinding

Front 34

What are the four system-provided bindings that default to transport-level security?

Back 34

NetTcpBinding
NetPeerTcpBinding
NetNamedPipeBinding
NetMsmqBinding

Front 35

What is Mixed mode security?

Back 35

The Mixed transfer security mode uses Transport security for message privacy and service authentication, and it uses Message security for securing client credentials.

Front 36

What is HttpContext and how do you access the current HttpContext during a WCF service call?

Back 36

HttpContext encapsulates all http information about an individual http request (QueryString for example).

HttpContext.Current *

Hint 36

OperationContext provides some useful http information about a request, but is somewhat limited.

By default, HttpContext.Current is NULL during a service call.
To enable HttpContext, first configure the hosting environment to support asp.net using:

<serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />

Next, add the following to the service implementation:

[AspNetCompatibilityRequirements(RequirementsMode = AspNetCompatibilityRequirementsMode.Allowed)]

Front 37

For which bindings are transport, message and mixed mode supported?

Back 37

http://www.codeproject.com/KB/WCF/WCFFAQPart3.aspx#For which bindings are transport, message and mixed mode supported

Front 38

Name the four security modes supported by NetTcpBinding and WsHttpBinding.

Back 38

SecurityMode:
None
Transport
Message
TransportWithMessageCredential

Hint 38

None: Security is disabled.

Transport: Security is provided using a secure transport (for example, HTTPS).

Message: Security is provided using SOAP message security.

TransportWithMessageCredential: A secure transport (for example, HTTPS) provides integrity, confidentiality, and authentication while SOAP message security provides client authentication.

Front 39

Name the four security modes for NetMsmqBinding.

Back 39

NetMsmqSecurityMode:
None
Transport
Message
Both

Hint 39

None: Disables security.

Transport: MSMQ transport security.

Message: SOAP security

Both: Both MSMQ transport and SOAP security. NetMsmqBinding is the only binding that supports Both.

Front 40

Name the two security modes supported by NetNamedPipeBinding.

Back 40

NetNamedPipeSecurityMode:
None
Transport

Hint 40

None: No security

Transport: Transport-level security is used with the named pipe transport.

Front 41

Name the three security modes support by WebHttpBinding.

Back 41

WebHttpSecurityMode:
None
Transport
TransportCredentialOnly

Hint 41

None: No security

Transport: Transport-level security is used with HTTP requests (HTTPS?)

TransportCredentialOnly: Only HTTP-based client authentication is provided.

Front 42

Name the two security modes supported by WsDualHttpBinding.

Back 42

WSDualHttpSecurityMode:

None
Message

Hint 42

None: No security

Message: SOAP message-level security is used.

Front 43

Name the three security modes support by WsFederationHttpBinding.

Back 43

WSFederationHttpSecurityMode:
None
Message
TransportWithMessageCredential

Hint 43

None: The SOAP message is not secure during transfer. No Security Token Service is contacted. This mode is equivalent to using the wsHttpBinding binding with SecurityMode.None.

Message: Integrity, confidentiality, server authentication and client authentication are provided using SOAP message security. By default, the body is encrypted and signed. The service must be configured with a certificate. Client authentication is based on the token issued to the client by a security token service (STS).

TransportWithMessageCredential: Integrity, confidentiality and server authentication are provided by HTTPS. The service must be configured with a certificate. Client authentication is provided by SOAP message security and is based on the token issued to the client by a security token service.

Front 44

When a client discovers a service, the client could find more than one endpoint that matches the binding/contract. How can the client narrow the search to a single endpoint.

Back 44

By providing additional scoping information.

The service can be configured with one or more scopes to associate with each discoverable endpoint.

The client then adds one of these scopes to the FindCriteria that's used by the Find method to probe for endpoints.

Hint 44

Service Configuration:

<endpointBehaviors>
<behavior name="name">
<endpointDiscovery>
<scopes>
<add scope="http://whatever" />
<add scope="ldap:///ou=ems,o=example,c=us"/>
...

Client:
var scope = new Uri("ldap:///ou=ems,o=exampleorg,c=us");
var findCriteria = new FindCriteria(typeof(IContract));
findCriteria.Scopes.Add(scope);

Front 45

What are the 8 routing filter types?

Back 45

Action
EndpointAddress
PrefixEndpointAddress
And
Custom
EndpointName
MatchAll
XPath

Hint 45

Action: Tests whether the action of a message is one of a specified set of actions.

EndpointAddress: Tests whether a message satisfies the requirements of a specified endpoint address.

PrefixEndpointAddress: Tests whether a message matches an EndpointAddress using a Longest-Prefix Matching for the URI component.

And: Used to filter on two message filters, ANDed together.

Custom: User-defined filter

EndpointName: Filter on the name of the service endpoint.

MatchAll: Matches all messages.

XPath: Filter using an XPath expression.

Front 46

What class defines a routing service, which is responsible for routing messages between endpoints based on filter criteria? (Include the class's namespace.)

Back 46

System.ServiceModel.Routing.RoutingService

Hint 46

<service name="System.ServiceModel.Routing.RoutingService">
<host>
<baseAddresses>
<add baseAddress="http://localhost:5643/Routing" />
</baseAddresses>
</host>
<!-- Special contract -->
<endpoint
binding="wsHttpBinding"
name="Routing"
contract="System.ServiceModel.Routing.IRequestReplyRouter" />
</service>

Front 47

What is a reliable session?

Back 47

A reliable session provides session-based, single, and (optionally) ordered delivery for messages sent across SOAP or transport intermediaries. Session-based delivery groups messages in a session with optional ordering of the messages.

Hint 47

Windows Communication Foundation (WCF) SOAP reliable messaging provides end-to-end message transfer reliability between SOAP endpoints. It does this on networks that are unreliable by overcoming transport failures and SOAP message-level failures.

A client sends a sequence of messages (the sequence may be as short as one message) across a communication link and asks the receiver to acknowledge that it has received the message(s).

The acknowledgement(s) are sent back to the client either individually and for each message, or in a single acknowledgement for a series of messages. Once the client has received the acknowledgement, it knows that the message(s) has been successfully transferred.

Front 48

Describe how to enable reliable sessions.

Back 48

The bindings that support reliable sessions provide a property of type ReliableSession. This property returns OptionalReliableSession. To enable reliable sessions,

binding.ReliableSession.Enabled = true

Hint 48

Configuration:

<bindings>
<wsHttpBinding>
<binding name="Binding1">
<reliableSession enabled="true" />
</binding>
</wsHttpBinding>
</bindings>

Front 49

OptionalReliableSession has three properties. What are they and what do they do?

Back 49

Enabled: Gets/sets boolean that enables or disables the reliable session

InactivityTimeout: Gets/sets timespan that the session can remain inactive before closing.

Ordered: Gets/sets boolean that indicates whether message delivery must preserve the order in which messages are sent.

Hint 49

myReliableSession.Enabled = true; // The default is false.
myReliableSession.Ordered = false; // The default is true.
myReliableSession.InactivityTimeout =
new TimeSpan(0, 15, 0); // The default is 10 minutes.

Front 50

List the three protection levels.

Back 50

None
Sign
EncryptAndSign

Hint 50

None: Authentication only.

Sign: Sign data to help ensure the integrity of transmitted data.

EncryptAndSign: Encrypt and sign data to help ensure the confidentiality and integrity of transmitted data.

Front 51

The built-in RoutingService class implements 4 interfaces to support 4 different types of routing. Name these interfaces.

Back 51

ISimplexDatagramRouter, ISimplexSessionRouter, IRequestReplyRouter, IDuplexSessionRouter

Front 52

Describe how to create a service operation to handle unrecognized client messages.

Back 52

Create an operation with an action of "*", takes a single parameter of type message, and returns void.

Hint 52

[OperationContract(Action = "*")]
void MyOperation(Message message)
{
...
}

Front 53

Describe how to enable streaming on a standard bindings.

Back 53

To enable streaming on one of the standard bindings that support it, set the TransferMode to either Streamed, StreamedRequest, or StreamResponse.

Hint 53

Streamed: The request and response messages are both streamed.
StreamedRequest: The request message is streamed and the response message is buffered.
StreamedResponse: The request message is buffered and the response message is streamed.

Front 54

Describe how to implement an operation that supports streaming.

Back 54

Implement an operation either returns streamed response, accepts a streamed request, or both.

An operation that accepts a streamed request must only have one parameter.

The parameter and/or return value must be of type Stream, Message, or IXmlSerializable.

Hint 54

[ServiceContract(Namespace = "http://Microsoft.ServiceModel.Samples")]
public interface IStreamingSample
{
[OperationContract]
Stream GetStream(string data);
[OperationContract]
bool UploadStream(Stream stream);
[OperationContract]
Stream EchoStream(Stream stream);
[OperationContract]
Stream GetReversedStream();

}

Front 55

What is a message inspector?

Back 55

A message inspector is an extensibility object that can be used in the service model's client runtime and dispatch runtime programmatically or through configuration and that can inspect and alter messages after they are received or before they are sent.

Hint 55

http://msdn.microsoft.com/en-us/library/aa717047.aspx

Front 56

How do you write a message inspector.

Back 56

Create a class that implements IDispatchMessageInspector and/or IClientMessageInspector.

Hint 56

using System.ServiceModel;
using System.ServiceModel.Channels;
using System.ServiceModel.Dispatcher;

namespace Example
{
public class MessageInspector : IDispatchMessageInspector, IClientMessageInspector
{
#region Implementation of IDispatchMessageInspector

public object AfterReceiveRequest(ref Message request, IClientChannel channel,
InstanceContext instanceContext);

public void BeforeSendReply(ref Message reply, object correlationState);

#endregion

#region Implementation of IClientMessageInspector

public object BeforeSendRequest(ref Message request, IClientChannel channel);
public void AfterReceiveReply(ref Message reply, object correlationState);

#endregion
}
}

Front 57

How do you apply a message inspector to a service or a client?

Back 57

Create a class that implements IEndpointBehavior.

For a service inspector, add code to the ApplyDispatchBehavior that adds the message inspector to DispatchRuntime MessageInspectors collection.

For a client inspector, add code to the ApplyClientBehavior method that adds the inspector to the ClientRuntime MessageInspectors collection.

Hint 57

using System.ServiceModel.Channels;
using System.ServiceModel.Description;
using System.ServiceModel.Dispatcher;

namespace MessageInspector
{
public class MessageInspectorBehavior : IEndpointBehavior
{
private readonly MessageInspector _inspector = new MessageInspector();

#region IEndpointBehavior Members

public void Validate(ServiceEndpoint endpoint)
{
}

public void AddBindingParameters(ServiceEndpoint endpoint, BindingParameterCollection bindingParameters)
{
}

public void ApplyDispatchBehavior(ServiceEndpoint endpoint, EndpointDispatcher endpointDispatcher)
{
endpointDispatcher.DispatchRuntime.MessageInspectors.Add(_inspector);
}

public void ApplyClientBehavior(ServiceEndpoint endpoint, ClientRuntime clientRuntime)
{
clientRuntime.MessageInspectors.Add(_inspector);
}

#endregion
}
}

Front 58

What is Instance Management and how is it controlled.

Back 58

Instance management refers to a set of techniques used by Windows® Communication Foundation to bind a set of messages to a service instance.

Instance management is controlled by setting the InstanceConextMode property on the ServiceBehaviorAttribute.

Hint 58

[ServiceBehavior(InstanceContextMode = InstanceContextMode.PerCall)]

Front 59

What are the three instance context modes?

Back 59

PerSession (default)
PerCall
Singleton

Hint 59

PerSession: A new InstanceContext object is created for each session.

PerCall: A new InstanceContext object is created prior to and recycled subsequent to each call. If the channel does not create a session this value behaves as if it were PerCall.

Single: Only one InstanceContext object is used for all incoming calls and is not recycled subsequent to the calls. If a service object does not exist, one is created.
NoteFor singleton lifetime behavior (for example, if the host application calls the ServiceHost constructor and passes an object to use as the service), the service class must set InstanceContextMode to InstanceContextMode.Single, or an exception is thrown when the service host is opened.

Front 60

What are the three concurrency modes and how is the mode set?

Back 60

Single
Multiple
Reentrant

ServiceBehavior.ConcurrencyMode

Hint 60

Single: Each instance context is allowed to have a maximum of one thread processing messages in the instance context at a time. Other threads wishing to use the same instance context must block until the original thread exits the instance context.

Multiple: Each service instance can have multiple threads processing messages concurrently. The service implementation must be thread-safe to use this concurrency mode.

Reentrant: Each service instance processes one message at a time, but accepts re-entrant operation calls. The service only accepts these calls when it is calling out through a WCF client object.

[ServiceBehavior(ConcurrencyMode=ConcurrencyMode.Multiple, InstanceContextMode = InstanceContextMode.Single)]public class CalculatorService : ICalculatorConcurrency
{
...
}

Front 61

How do you write a custom username/password validator, and how do you apply it to a service?

Back 61

1. Derive a custom username validator class from the UserNamePasswordValidator class and override the Validate method. The method should throw a SOAP fault exception if the user credentials are invalid.
2. Configure a binding with message security or transport security using SSL over HTTP. Set the client credential type to UserName if using message security, or to Basic if using transport security.
3. Configure a service behavior with a service credential that has the customUserNamePasswordValidatorType attribute reference the custom username validator class. The userNamePasswordValidationMode attribute should be set to Custom.

Hint 61

The custom validator class should override the Validate method as follows:

public class LegacyValidator : UserNamePasswordValidator {
     public override voidValidate ( string userName, string password ) {

          bool validated;
          //Validate user credentials
          if ( !validated )
          throw new SecurityTokenException( "Invalid username or password." );

   }

}

In the configuration file, you will need to specify the custom validator as follows:

<behaviors>
     <serviceBehaviors>
          <behavior name="CustomValidator">
               <serviceCredentials>
                    <userNameAuthentication
                      userNamePasswordValidationMode="Custom"
                      customUserNamePasswordValidatorType="LegacyValidator" />
               </serviceCredentials>
          </behavior>
     </serviceBehaviors>
</behaviors>

Front 62

Given the following two domains/relms:

Domain A: Client-A, STS-A
Domain B: Service-B, STS-B

Describe the conversation that must take place for Client-A to make a service call to Service-B. Assume that there is a trust relationship (federation) between Domain-A and Domain-B.

Back 62

1. Client-A provides credentials to STS-A.
2. STA-A authenticates the credentials and returns an authentication token to the Client-A.
3. Client-A presents the authentication token to STS-B.
4. STS-B returns an authorization token to Client-A.
5. Client-A presents the authorization token to Service-B
6. Service-B validates the authorization and returns a result to Client-A.

Front 63

Describe how to use POCOs with WCF.

Back 63

Introduced in 3.5 SP1, the DataContractSerializer will serialize a class without any serialization attributes. When used this way, the serializer will only include public read/write fields and properties.

Hint 63

In the example below, the private field "id" is NOT serialized.

public class Person
{
private string id;
public string Id { get { return id; } set { id = value; } }
public string Name;
public Person Spouse;
}

Front 64

Describe version round-tripping and how to implement in WCF.

Back 64

Round-tripping occurs when data passes from a new ver­sion to an old ver­sion and back to the new ver­sion of a data con­tract. Round-tripping guar­an­tees that no data is lost. Enabling round-tripping makes the type forward-compatible with any future changes sup­ported by the data con­tract ver­sion­ing model.

To enable round-tripping for a particular type, the type must implement the IExtensibleDataObject interface. The interface contains one property, ExtensionData (returning the ExtensionDataObject type). The property stores any data from future versions of the data contract that is unknown to the current version.

Hint 64

[DataContract]
public class Person : IExtensibleDataObject
{
[DataMember]
public string fullName;
private ExtensionDataObject theData;

public virtual ExtensionDataObject ExtensionData
{
get { return theData; }
set { theData = value; }
}
}

Front 65

How do you create a restful service contract?

Back 65

Apply the WebInvoke attribute to all service operations. Set the Method property of the attribute to "GET", "POST", "PUT", "DELETE". You can optionally use the WebGet attribute for operations that you wish to invoke as GET.

Front 66

How do you create a RESTful endpoint?

Back 66

Create an HTTP endpoint using the WebHttpBinding. Then apply the webHttp endpoint behavior.

Front 67

How do you enable the help page on a RESTful service?

Back 67

Apply an endpoint behavior and set:

<webHttp helpEnabled="true" />

Front 68

Name the library and namespace where the RESTful classes reside.

Back 68

System.ServiceModel.Web.dll

System.ServiceModel.Web

Front 69

Name the namespace where DataContract attribute and serializer reside.

Back 69

System.Runtime.Serialization

Front 70

Which class is used to SEND discovery announcements?

Back 70

AnnouncementClient

Front 71

Which class is used to LISTEN for discovery announcements?

Back 71

AnnoucementService

Front 72

How do you configure a service to enable client-side JavaScript access?

Back 72

Add the <enableWebScript> endpoint behavior.

Hint 72

<endpointBehaviors>
<behavior name = "forJavaScript">
<enableWebScript />
</behavior>
</endpointBehaviors>

Front 73

MessageHeaderArrayAttribute

vs

MessageHeaderAttribute

Back 73

Use the MessageHeaderArrayAttribute attribute to turn off the standard array wrapper element when you want to emit an unbounded number of identical elements either inside the <soap:Header> directly or inside the first and only child of <soap:Header> without the default wrapper element for array types.

Hint 73

[MessageHeader] public DepositRecord records[];

<records>
<DepositRecord>Record1</DepositRecord>
<DepositRecord>Record2</DepositRecord>
<DepositRecord>Record3</DepositRecord>
</records>

[MessageHeaderArray] public DepositRecord records[];

<records>Record1</records>
<records>Record2</records>
<records>Record3</records>

Front 74

Explain how to configure a binding that will communicate to a COM+ serviced component that uses MSMQ, must be sent only once, must persist even if the queue manager crashes, and authenticates using a Windows domain account.

Back 74

msmqIntegrationBinding (to support legacy COM+ service)
Set the ExactlyOnce to true.
Set the Durable to true.
Set binding.Security.Transport.MsmqAuthenticationMode = MsmqAuthenticationMode.WindowsDomain

Front 75

Name the two security modes supported by MSMQ Integration Binding

Back 75

None
Transport

Front 76

Name the transport security modes supported by MsmqAuthenticationMode

Back 76

None
WindowDomain
Certificate

Front 77

Describe how to throttle run-time throughput.

Back 77

Add the service throttling behavior to the service and set the appropriate attributes/properties.

Front 78

What are the properties of ServiceThrottlingBehavior that control run-time throughput?

Back 78

MaxConcurrentCalls
MaxConcurrentInstances
MaxConcurrentSessions

Front 79

Describe how to create and use a custom service host for an ASP.net application.

Back 79

1. Create a new class derived from ServiceHost.
2. Create a new class derived from ServiceHostFactory.
3. Override the CreateServiceHost method in the factory class and return an instance of the custom ServiceHost.
4. Edit the service's SVC file and specify the custom service host factory in the Factory attribute.

Front 80

Describe how to configure a service with a certificate.

Back 80

Use the SetCertificate method of the X509CertificateRecipientServiceCredential class to add the valid certificate to the service.

Hint 80

host.Credentials.ServiceCertificate.SetCertificate(StoreLocation.LocalMachine, StoreName.My, X509FindType.FindBySubejctName, "localhost");

Front 81

What service behavior allows you to log security authentication and authorization messages?

Back 81

ServiceSecurityAuditBehavior

Front 82

What property of ServiceSecurityAuditBehavior allows you to specify the windows event log for audit messages.

Back 82

AuditLogLocation

What are the valid values?

Hint 82

AuditLogLocation.Application
AuditLogLocation.Security

Front 83

What is the WebMessgeFormat enumeration, where is it used, and what are its values?

Back 83

An enumeration that specifies the format of Web messages.

This enumeration is used by the RequestFormat and ResponseFormat properties of the WebInvoke attribute.

Xml (for POX)
Json

Front 84

What is the WebMessageBodyStyle enumeration, where is it used, and what are its values?

Back 84

WebMessageBodyStyle specifies whether to wrap parameter and return values.

Bare
Wrapped
WrappedRequest
WrappedResponse

Front 85

What contract must you specify for a routing endpoint to support client callbacks?

Back 85

IDuplexSessionRouter

Front 86

Name the authentication mode: Client is anonymous; service uses X.509

Back 86

AnonymousForCertificate

Front 87

Name the authentication mode: Client is anonymous; serivces uses X.509 that is negotiated at run time.

Back 87

AnonymousForSslNegotiated

Front 88

Name the authentication mode: Client uses X.509 via SOAP; service uses X.509 via transport layer.

Back 88

CertificateOverTransport

Front 89

Name the authentication mode: Client sends token; only the real service can decrypt the shared key.

Back 89

IssuedToken

Front 90

What attributes are used in the service implementation to specify that it is a durable service?

Back 90

[Serializable]
[DurableService]
public class TheService : IContract
{
[DurableOperation] public void TheOperation() {}
}