3

This question was inspired by Jon Skeet's question here where he asked about people pain points with LINQ so I hope this question isn't out of place ...

Version 4 of WCF tackled, probably, one of the areas where many people struggled with WCF - namely configuration. However, from this tagged set of questions and other forums there are obviously other areas that people struggle with.

I've made a bunch of blog posts and screencasts in the past trying to focus on common issues (such as duplex, sessions, etc). I'm planning another set but want to focus on things that are causing people problems even with the changes in version 4.0.

Areas I see are things like

  • Instancing and Threading
  • Security
  • REST support
  • WCF and Silverlight
  • Large message processing / streaming
  • Configuration (still)
  • Serialization

And I'm sure there are more, so I'd like to get input and maybe we can make sure that the product team also get some feedback to the greatest pain points people have with WCF

Community
  • 1
  • 1
Richard Blewett
  • 6,089
  • 1
  • 18
  • 23
  • I'm afraid people will close your question soon. The problem is that rules on this site have evolved over time and what was allowed before is now considered as off topic, not constructive, subjective, etc. I understand your point but this site is driven by community and community judges it. Also it was a habit to make this type of question community wiki but I'm not sure if they even still exist. – Ladislav Mrnka Jul 13 '11 at 21:57
  • Thanks Ladislav - I'm happy to turn it into community wiki - let me see if I can work out how to do that – Richard Blewett Jul 13 '11 at 22:17
  • I only know how to do it for answer (there is a check box) but it was probably removed from questions. – Ladislav Mrnka Jul 13 '11 at 22:40
  • @Richard: Community Wiki Questions no longer exist. I'm the first close vote - this is very clearly not an appropriate question for [so]. Meybe for [programmers.se]. – John Saunders Jul 14 '11 at 02:37
  • @John - as someone pretty new to Stack Overflow, honestly its not that clear - especially when you see a similar question from John Skeet. Is there a way to move the thread to Programmers or would I just create a new question over there? – Richard Blewett Jul 14 '11 at 06:18
  • @Richard: I've asked the moderators on your behalf to move it. – John Saunders Jul 14 '11 at 13:37
  • Unfortunately, the question by Jon Skeet was asked way back when the topic of the sites were a lot less well-defined. These days, open-ended "please list all X" or "what do you think about Y" or similar, are not constructive on *any* of the sites, not even on programmers.se. This question should be closed, not migrated. – Lasse V. Karlsen Jul 16 '11 at 14:32

1 Answers1

2

I sometimes participate both here and on MSDN and after answering many questions my opinion is that the greatest pains people have are:

Configuration

Configuration is a pain even more then before. Simplified configuration makes a lot of things even worse because before this simplification if you made mistake in the configuration you got an exception. Today you will make typo in your service name (or you will forgot to add namespace) and your service will silently use another configuration.

Security

Security is a paint, it was a pain and it will be a pain.

  • Security itself is complicated and WCF is making this more blured because where programmers on other platforms use shared vocabulary based on real WS standards, WCF uses its own names.
  • Only subset of security standards implemented - one failure is missing UserName token profile with digested password directly in WCF.
  • When hosting services in IIS security features in services are completely shared with IIS and restricts settings for the whole site / virtual directory.
  • When hosting services in IIS basic authentication is handled in IIS - you must build custom module to handle it differently (but if you use self hosting you can use custom user name password validator in WCF directly - IIS should support that as well).
  • Bad support for generating security configuration when creating proxy from WSDL. Currently the best what WCF has is custom binding. Custom binding on client side is useful only when service is also WCF and uses custom binding. We need better support in security binding element to provide same configuration features as its counterpart in code. Then the WSDL importer should be able to use new binding element and create proxies for secured services. Once such importer is not able to import WSDL we will be sure that default WCF doesn't support security requirements expected by the service.

REST

Still a lot of people don't see difference between REST and SOAP and the most common mistake is adding service reference to REST service. Also problem of the REST is that it was added to unified protocol independent API but REST is heavy protocol dependent and is not message oriented. This will be hopefully improved in Web-API.

Protocols

It looks like new protocols or protocols versions are not added to WCF.

Extensibility

WCF has great extensibility unless you are trying to extend existing feature. If you decide to extend existing implementation you usually can't. For example to add mentioned UserName token profile with digested password you must do it completely from the scratch. You cannot extend existing user name implementation.

Edit: Last two are my personal pains.

Ladislav Mrnka
  • 360,892
  • 59
  • 660
  • 670
  • Thanks - for v 4 they added the ability to take over custom HTTP basic auth which plugged one pain point but you're right that generally the "everything is sealed" culture makes it very difficult to augment existing functionality – Richard Blewett Jul 13 '11 at 22:19