Here are a few points you should keep in mind while using WCF services:
- Don't put proxies in a
usingstatement. - Use the
FaultExceptionsclass for handling service exceptions. You should use theFaultContractsclass to return error information to the service consumers. - Use message logging to log service operations.
- It is always preferable to use a per call instance model.
- Use WCF tools, such as
SvcUtil.exe,SvcConfigEditor.exe, andSvcTraceViewer.exe. - You should protect logfiles from unauthorized access, and the logfiles should not contain sensitive information.
- Use a proper authentication mechanism to authenticate service consumers.
- Use string passwords, and protect access to the credential store.
- Use IIS to host your service, unless you would like to use a transport protocol that is not supported by IIS.
- Validate input parameters on the server side, and don't rely on client-side validation only.
- Define maintainable services and data contract versioning.
- Define your namespaces clearly to avoid conflict.
- Encrypt configuration sections that contain sensitive data.
- You should manage binding and endpoint information through configuration, and not through code.
- Define services in a class library, and not directly in a host project.
- Include the
FaultContractattribute in the service contract definition. - Use static proxy classes instead of the
ChannelFactoryclass. - Use the Cache to store client proxies if you have to call service methods frequently.
- Use X509 certificates instead of NTLM.
- You should publish metadata only after securing the metadata exchange endpoint with transport or message-level security.
- You should favor data contracts over serializable types.
- Use WAS hosting wherever possible and IIS hosting for external HTTP-only services.
- You can use Protocol Buffer WCF services for better performance. You can learn more about Protocol Buffers and how you can use them in WCF services at http://www.developer.com/net/net/working-with-protobuf-services-in-.net.html.
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.