Calling SharePoint Services with WCF and Impersonation
Feb 5th
After battling with error 0×80004004 the WCF client I was testing started received a new error.
Could not load file or assembly ‘System.Web.Services, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a’ or one of its dependencies. Either a required impersonation level was not provided, or the provided impersonation level is invalid. (Exception from HRESULT: 0×80070542)
A search yielded this post, which contained some key information. Interestingly enough, we were seeing the “White Screen” issue on our local instance under similar circumstances: a WCF client calling the list service.
Since the behaviors section is not specifying the clientCredentials, the allowedImpersonationLevel is set to Identification. This means that the server can get the Identity of the user, but it is unable to impersonate the user.
This was almost identical circumstances to our problem except that we were not running in the context of Biztalk. The solution was to allow Impersonation by adding an endpoint behavior.
<endpointBehaviors> <behavior name="ImpersonationBehavior"> <clientCredentials> <windows allowedImpersonationLevel="Impersonation" /> </clientCredentials> </behavior> </endpointBehaviors>
Once this was set the service client began working and it was back to the SharePoint dev races. For more on calling SharePoint Services with WCF check out this post.
Calling SharePoint Services Over SSL with WCF (WSS 3.0)
Feb 4th
While troubleshooting another SharePoint WSS issue (related to DCOM permissions) I had to test calling the List Service against an Instance of SharePoint that was running over SSL. I was using WCF as the client and the biggest pain was the configuration (which is usually the case with WCF). Based on several other posts, here is what I tried.
1. Added Service Reference which generated configuration info for the service
2. Changed the config and set the security model to “Transport” and clientCredentialType to “Ntlm”. “Transport” is required when calling over SSL.
<system.serviceModel> <bindings> <basicHttpBinding> <binding name="ListsSoap" closeTimeout="00:01:00" openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00" allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard" maxBufferSize="65536" maxBufferPoolSize="524288" maxReceivedMessageSize="65536" messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered" useDefaultWebProxy="true"> <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384" maxBytesPerRead="4096" maxNameTableCharCount="16384" /> <security mode="Transport"> <transport clientCredentialType="Ntlm"/> </security> </binding> </basicHttpBinding> </bindings> <client> <endpoint address="https://someserver/somesite/_vti_bin/lists.asmx" binding="basicHttpBinding" bindingConfiguration="ListsSoap" contract="SharePointServices.ListsSoap" name="ListsSoap" /> </client> </system.serviceModel>
3. In code, the only trick I had to use was to AllowNtlm by setting the property on the ClientCredential object.
using (var client = new SharePointServices.ListsSoapClient()) { try { client.ClientCredentials.Windows.ClientCredential = new NetworkCredential("username", "password", "domain"); client.ClientCredentials.Windows.AllowNtlm = true; var lists = client.GetListCollection(); var listsXElement = XElement.Parse(lists.OuterXml); Console.WriteLine(listsXElement); } catch (Exception ex) { client.Abort(); Console.WriteLine(ex.ToString()); } }
Troubleshooting 0×80004004 in WSS 3.0 (SharePoint)
Feb 3rd
Today I spent some time working through a few issues with SharePoint and DCOM permissions. Hopefully this helps another developer on a quest to solve this issue.
If you’ve found 0×80004004 then you are already pretty far along to the solution. While testing calls to the List service in SharePoint using WCF for the client I received the following error from the List service which I captured by enabling tracing on my WCF client.
<soap:Fault> <faultCode xmlns="">soap:Server</faultCode> <faultString xmlns="">Exception of type 'Microsoft.SharePoint.SoapServer.SoapServerException' was thrown.</faultString> <detail xmlns=""> <errorstring xmlns="http://schemas.microsoft.com/sharepoint/soap">Operation aborted (Exception from HRESULT: 0x80004004 (E_ABORT))</errorstring> <errorcode xmlns="http://schemas.microsoft.com/sharepoint/soap">0x80004004</errorcode> </detail> </soap:Fault>
Repeated searches on Bing and Google yielded nothing with a direct solution. But I did find a few pointers that helped my quest.
Digging through program files\common files\Microsoft Shared\Web Server Extensions\12\LOGS I found log files with rows looking similar to this:
w3wp.exe (0×1718) 0×1418 Windows SharePoint Services General 8e2s Medium Unknown SPRequest error occurred. More Information: 0×80004004
This confirmed the error, but wasn’t helpful. However, the line just above that was slightly more revealing:
w3wp (0×1718) 0×1418 Windows SharePoint Services Database 6f8g Unexpected Unexpected query execution failure, error code 11. Additional error information from SQL Server is included below. “[DBNETLIB][ConnectionWrite (WrapperWrite()).]General network error. Check your network documentation.” Query text (if available): “{?=call proc_GetTpWebMetaDataAndListMetaData( [some values here] ) }
My immediate thought was, “ok, database permissions”. I was able to locate the stored procedure in question as belonging to the Administration database (SharePoint_AdminContent). I tweaked a few permissions to no avail.
The project architect suggested I try the same code against a different SharePoint instance. Sadly, when I tried that the only problem I had to fight was getting the NTLM credentials to work using WCF and SSL. Things worked flawlessly after that.
With the assistance of our IT pro, he found this article which discusses DCOM permission issues with SP. Unfortunately we found ourselves unable to change the IIS WAMREG permissions until we found this article which helped us slay that problem. After taking ownership of the appropriate registry key, we were able to change permissions on the IIS WAMREG DCOM component to allow the SharePoint WPG groups to have Local Launch and Local Activate.
Apparently this issue stems from how the local SharePoint install was configured. Seems that many people run into this issue when trying to consume SharePoint services on a local machine.
After a reboot and an IIS reset the problem went away. Sadly, my WCF client received a new error which I will cover in a future post.
How to Make Coffee Undetected
Feb 3rd
I love coffee. My wife loves coffee. Except when now that she’s pregnant (again). A few weeks ago I received a request to cease coffee making at home because the smell was a little much for my wife to take. Apparently baby on the way (#3) does not appreciate coffee.
This situation wasn’t going to work well because the logistics of taking my coffee making paraphernalia to the office every day is not ideal. Here’s my current set up:
- Aerobie Aero Press
- CoffeeMate coffee grinder
- 1 lb espresso & 1 lb decaf espresso, whole bean, in sealed containers (Kaldi’s or Mississippi Mud beans are the best)
- A collection of Monin syrups (almond, toffee nut, hazelnut to name a few)
I’m at the point where I have my “system” and I can make my coffee fresh each morning in under 5 minutes, including setup & clean up. I really enjoy coffee this way and I am determined to continue it.
I devised a new “system” based on some input from a coworker and trial and error.
Additional items needed:
- Ventilation fan above stove
- Spray bottle with white Vinegar
The new process takes a few extra minutes but minimizes the coffee odor and lessens its effects on my wife. I now perform the process under the hood of the stove with the fan on low. Prior to opening the sealed can of coffee beans and grinding it, I spray a little vinegar in the air near the kitchen doorway. After grinding the beans I spray a little more. The “puck” (as named by the Aerobie documentation) is discarded into a plastic bag with a sprits of vinegar and promptly taken outside to the trash.
In my first few trials my wife still complained about the odor. However, I found that if I do this about an hour before she wakes up and use a healthy amount of vinegar in the air it is far more tolerable.
Fortunately the vinegar odor does not change how fabulous the coffee tastes and I don’t have to deal with the daily grind minus my home brew.
Back to ‘Getting Things Done’
Feb 2nd
Years ago, when I was working in libraries, I had the chance to read David Allen’s Getting Things Done. The impact of that book took a while to really sink in and combining that with Inbox Zero a few years later I was on my way to a GTD system. Unfortunately after a good year or so it began to fall apart for various reasons. Now that I’m back to a fresh start, here are some of the tools and tips I’m using to stay on top of things.
The Tools
- Outlook 2007 – Email & Calendar. Also syncing to my Blackberry, though I have been leaving my Blackberry on silent a lot lately.
- Remember the Milk (RTM) – This guy I sit next to uses it very effectively. Now I am using it too (not so effectively yet).
- White boards and camera phones. I don’t think we have put anything on a white board that did not end up in a picture that is translated to tasks, Visio diagrams, or a document.
The Process (For Now)
Everything goes to my inbox in Outlook. I try to read my email in dashes and clear out the junk, respond to the quick ones and defer the rest. Anything actionable from email goes to my inbox in RTM. Within RTM I’m trying to start weekly and daily reviews where I push tasks from the inbox to their respective lists (Home, Work, Store) and assign due dates. Each day I pick a few tasks from each list to complete. Currently the Home tasks seem to drag on longer than the work ones.
RTM has a host of keyboard shortcuts that make working with it fun. For instance, click on a task, press ‘d’ and start typing a new due date. Hit ‘c’ and mark it completed. In addition, the syntax in RTM is handy, typing “Call Mom Tomorrow #Home” in the task description adds a task to call mom, due tomorrow, to the home list. Very handy.
Other Thoughts
I find that working with a team on a focused iteration is really helping this process. Previous attempts would break down because of fire fighting or “emergencies” that would come up. Dealing with constant fires is a sign of several things (which we will not detail here) and really hampers your ability to guard your attention. Those environments require a lot more discipline to really execute a GTD system well.
SOLID Development Slides + Code
Jan 25th
Solid Development @SlideShare.net
View more presentations from Chris Deweese.
You can download the code for Visual Studio 2010 Beta 2 zipped up and ready to go here.
STL .NET Events 1/25 & 1/26
Jan 22nd
Monday Jan 25th is the first STL .NET User Group meeting of 2010. I’ll be presenting on SOLID development. Meeting starts around 5:30 and there will be food and drinks provided.
Tuesday Jan 26th is the MSDN Event – “Drive Your Development With Visual Studio 2010” presented by three of my favorite community cohorts – Jeff Fattic, Kevin Grossnicklaus, and Clint Edmonson. The event runs from 8:30 to 11:30.
Hopefully you can make one of these events and kick off 2010 right!
Too Much of a Good Thing? Constructor Injection Overload
Jan 21st
This week there have been two posts covering dependency inversion and going too far with constructor injection. In the first post Robert C Martin (Uncle Bob) cautions against littering your code with calls to your IoC container.
I think these frameworks are great tools. But I also think you should carefully restrict how and where you use them.
The post goes on to discuss how to keep the code which builds dependencies contained in one place so that you are not littering your code with calls to the container framework or coupling yourself to other classes using new() statements.
The second post by Jeffrey Palmero takes this a little further and is the one that really got me thinking. Palmero sets up an example where a class requires two interface dependencies in its constructor. However, in the code, both dependencies are not always used. This was a key thing to note, because Palmero’s point was,
The anti-pattern is that one of these constructor arguments is really not a class dependency.
In his example, one of the interface dependencies required in the constructor is only used in some cases. This was a huge “duh” for me because I know there are several times when I have required everything the class might use in the constructor.
I think the key here is balance. Require the real dependencies up front, but also allow for other dependencies to be resolved by blending the use of a container with a factory type pattern. Keep all the dirty details of your dependent objects and how they are resolved hidden and encapsulated in one place. This would allow you to switch containers or stop using one all together.
** Update **
A couple readers have posted comments and I would love to hear more. Be sure to give them a read!
Men’s Room Etiquette – The “No Zone”
Jan 20th
This post has nothing to do with technology.
I’m not sure that anyone has ever posted any “rules” for men’s restrooms but there are some unspoken ones that most guys just figure out. Sometimes, though, there is a need to set some ground rules.
Toilets that flush automatically solved a major problem in men’s rooms everywhere. But today we’ll talk about the “No Zone”. The “No Zone” defines an area in which guys should refrain from preparing to preparatory acts such as, but not limited to, unbuckling belts, unzipping pants, and other such actions.
Rather than trying to explain with text, consider this common bathroom setup (which I created in Paint.NET — about as technology related as I can get). The red area defines the “No Zone” and you’ll see that it extends from the doors, past the sinks, to the divided stall areas. Yellow indicates the awkward area, and green is where said preparatory acts are acceptable.
Five Things to Know About the WCF Runtime
Jan 19th
Since working with WCF I have gleaned quite a bit about how the runtime works through reading various blogs and writing proofs-of-concept/experiments. One thing that has become apparent to me is that many people working with WCF do not fully understand how it works because Visual Studio makes it very easy to create & consume WCF services. In most cases there is no need to understand the “guts” of WCF, but you may reach a point where you want to extend WCF. Here are five things that will help you know where to begin your quest for extension.
.Svc file are the activators that kick off the WCF runtime. In IIS or WAS, .Svc files are what activates a service host which in turn creates a service host and calls your service. The .Svc file specifies the full name of your class and an optional service host factory. If you are self-hosting a service you are responsible for implementing the same functionality in code.
ServiceHosts control your service instances and dispatch calls to your service using ChannelDispatchers. The ServiceHost is the central actor and you can control a lot of behavior by altering the service host or extending it. If you want to use an Inversion of Control container with WCF the best place to stick it is on a custom ServiceHost. The service host also maintains listeners that enable your service to receive calls over the wire at the specified endpoint (e.g., http://mydomain.com/services/myservice.svc).
ServiceHostFactory creates a ServiceHost. If you want to create a custom service host you’ll need a ServiceHostFactory to return an instance of your service host to the WCF runtime.
Everything can be done through configuration or code. I used to be a huge configuration fan, but after dealing with WCF configuration in .NET 3.5 it can get hairy, especially when you have dozens of services. Favor code where you can and save configuration for the stuff that could really change. WCF in .NET 4 has far less configuration, especially in development (which is good because the last thing you want to fight is configuration problems during development of your service).
By default service instances are created per call. This is typically OK and helps you avoid most threading problems. Try to avoid creating expensive objects within your services constructor or any of its dependencies as this could delay your services response time. You can change this using the InstanceContextMode on your service class. Tip: If you are using a container to resolve service instances then you need to remove the InstanceContextMode attribute and let the container manage instances.
(Bonus, a 6th thing to know!) WCF has many extension points, the biggest one being behaviors. Behaviors allow you to control how the service executes at runtime. This applies to anything from instancing to message inspection, and much more. Here are a few posts to get you started:
