DCSIMG
March 2012 - Posts - Manu Cohen-Yashar's Blog

Manu Cohen-Yashar's Blog

March 2012 - Posts

Application security auditing and logging

Auditing is one of the main pillars of security policies. The question is how to do it wisely

The infrastructure can log almost everything. For example access to files, registry keys databases etc. The problem is that the infrastructure has no knowledge about the application use cases. It means that the context for these logs is missing.

Let us ask what is the purpose of auditing? The trivial reason is to collect information that will be useful in case of a problem, yet how do you know that there is a problem after all?

Auditing can help you identify that you are in an abnormal state and something is wrong.
To do that you have to be able to distinguish between normality and abnormality. The application knows its use cases. It knows their behavior patterns and so can identify that something is wrong. This is why only the application layer can perform smart security auditing.

Application logging and auditing is used to collect enough information to analyze the behavior of the application use cases and identify any abnormal situation, then the information collected with traditional logging is used to identify the problem and find the best action.

Enjoy

Manu

Posted: Mar 26 2012, 08:26 PM by Manu Cohen-Yashar | with no comments
תגים:, ,

Http error 405 when calling STS

I wrote a simple example for demonstrating delegation with Windows Identity Framework (WIF).
I created a simple web site that used a simple custom STS for authentication. The web site called another web service to calculate a simple calculation (calculator).

The web site used passive federation using a simple asp.net STS. SOAP Web service in general can only use passive federation for authentication, so I created another WCF custom STS.

The idea was that the web application will obtain an act-as token from the active STS using the token it received from the client (using the passive STS) and then call the calculator web service.

When I run the code I got the "http error 405 method not allowed".

Http error 405 means that there is a mismatch between the http verb (e.g. Post, Get) between the call and the service. If the service waits for a http put and we send a http get request this is the error that will be triggered.

My problem was simple. I called the base address of the STS instead of the STS itself. I did that by specifying the base address of the STS in the issuer configuration. When I fixed the address to the real address of the STS the problem was solved.

 <customBinding>
   <binding name="CustomBinding_ICalc">
     <security authenticationMode="IssuedTokenForCertificate" 
           messageSecurityVersion="WSSecurity11WSTrust13WSSecureConversation13WSSecurityPolicy12BasicSecurityProfile10">
            <issuedTokenParameters keyType="SymmetricKey"
                                   tokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1">
              <issuer address="http://manu-newlap/WCFSTS/service.svc"
                      binding="ws2007HttpBinding"
                      bindingConfiguration="http://manu-newlap/WCFSTS">
              </issuer>
              <issuerMetadata address="http://manu-newlap/WCFSTS/mex" />
            </issuedTokenParameters>
          </security>
          <httpTransport/>
   </binding>
 </customBinding>

The call to the STS to obtain an Act-As token is implemented by sending a http post request that contains the bootstrap token received from the passive STS. The base address does not allow non Get requests so my Post request was rejected.

remember that STS is a simple WCF service. The same rules that applies in simple WCF applies here.

Hope this will help.

Manu

Posted: Mar 18 2012, 04:52 PM by Manu Cohen-Yashar | with no comments
תגים:, ,

כלכלת ענן

Hi this post will be written in Hebrew (sorry for all English speakers)

כולנו שומעים על ענן מכל כיוון אפשרי. נשאלת השאלה למה?
מה עושה את הענן הזה לשם החם הבא? מה הסוד מאחורי המושג הזה?

הכול מתחיל ונגמר בכסף. הסיפור הוא כלכלי.

מחוק מור למדנו שכל שנתיים מערכות מכפילות את יכולתן הטכנולוגית השאלה שנשאלת מה קורה למחיר? בסביבה הטכנולוגית כיום הלקוח התרגל לא רק לקבל מערכות טובות יותר ככל שהזמן עובר, אלא גם לשלם פחות. זה מוזר מבחינה כלכלית – לקבל יותר אך לשלם פחות.

הכול טוב ויפה מצדו של הצרכן אבל נותן השירות או ספק התוכנה נמצא במצב מביך, הלקוח דורש דרישות הולכות וגדלות אך מצד שני הוא מוכן לשלם פחות. בימינו הצרכן דורש אמינות מושלמת זמינות מוחלטת, ביזור ועמידה בעומסים משתנים. ניתן כמובן לספק יכולות כאלו הבעיה רק שזה ממש יקר. והלקוח כאמור לא מוכן לשלם.

במצב כזה אין ברירה אלא לשנות משהו בסיסי כי במצב הנוכחי פשוט אי אפשר לספק את הדרישות במחירי השוק. פה מגיע הענן.

הענן הוא ההזדמנות של השוק לגדול מבחינה טכנולוגית ועדיין להישאר רלוונטי מבחינה כלכלית. זוהי הסיבה שכולם מדברים על הענן מפני שזו היא התשתית עליה תתבסס התעשייה בעתיד הקרוב.

הרעיון שעומד מאחורי הענן אינו חדש. תשתיות הן דבר יקר ובעל נצילות נמוכה. שיתוף תשתיות הוא פוטנציאל אדיר לחיסכון בכסף. המימוש המפורסם ביותר של הרעיון הזה מגיע מתשתיות החשמל. למי מאתנו יש תחנת כוח ביתית שמספקת את כל תצרוכת החשמל שלנו? לרובנו זו נראית שאלה מגוחכת. למה לי לבנות תשתית יקרה של גנרטורים שיספקו לי הרבה חשמל למזגנים בקיץ ולחימום בחורף ומעט חשמל באביב ובסתיו כשאני יכול בפשטות כה רבה לקנות חשמל בזול מחברת חשמל ולשלם בדיוק לפי הצריכה שלי?

האנלוגיה ברורה. למה לי להקים מרכז מחשוב יקר שיספק לי את הכוח הדרוש לשעות העומס ויעמוד בטל בשאר ימות השנה כשאני יכול בפשטות לקנות כוח מחשוב ואזורי אחסון בענן ולשלם בדיוק לפי צריכה?

כנראה עוד מספר שנים השאלה עם לעבוד בענן תראה טריוויאלית בדיוק כמו השאלה אם לרכוש חשמל מספק מרכזי. כיום אנו בתחילתו של עידן אבל הכיוון ברור והתעשייה כולה מתנהגת בהתאם. ספקי התקשורת (Telecoms) בונים לנו ערוצים ייעודיים לענן כדי להבטיח ביצועים בסביבה מבוזרת. ספקי הענן בונים מרכזי מחשוב (Data Centers) ענקיים ומשקיעים מיליארדים בפיתוח הטכנולוגיה אשר תאפשר לנו בקלות להשתמש בשירותי הענן שלהם. יצרני מערכות ההפעלה וה – Hypervisors בונים תשתיות תוכנה ייעודיות לבניית מרכזי מחשוב ענן (ראה Windows Server 8 כדוגמא). יצרני החומרה בונים רכיבים מיוחדים עבור שרתים בענן וספקי התוכנה מספקים את מרכולתם כ – Software as a Service.

בקיצור הענן הוא הדבר הבא כי הוא מספק את ההזדמנות הכלכלית שכל כך דרושה לתעשיית המידע.

Posted: Mar 15 2012, 03:40 PM by Manu Cohen-Yashar | with no comments
תגים:,

Azure ServiceBus Topic using REST API – Part 4

In the three last post's we learned how to use Azure ServiceBus REST API to send and receive messages using Topics.

The difference between Queues and Topics is the fact that with topics different customers can receive different messages according message filtering which is deployed as filtering rules on the subscription. MSDN describe the following about topics and rules:

image

Topics extend the messaging features provided by Queues with the addition of Publish-Subscribe capabilities.
Each Subscription can define one or multiple Rule entities. Each Rule specifies a filter expression that is used to filter messages that pass through the subscription and a filter action that can modify message properties. In particular, the SqlFilterExpression class allows you to define a SQL92-like condition on message properties:

  • OrderTotal > 5000 OR ClientPriority > 2
  • ShipDestinationCountry = ‘USA’ AND ShipDestinationState = ‘WA’

Conversely, the SqlFilterAction class can be used to modify, add or remove properties, as the filter expression is true and the message selected, using a syntax similar to that used by the SET clause of an UPDATE SQL-command.

  • SET AuditRequired = 1
  • SET Priority = 'High', Severity = 1

Each matching rule generates a separate copy of the published message, so any subscription can potentially generate more copies of the same message, one for each matching rule.

Let us learn how to Add a rule and action using the REST API.

To add a rule to a subscription we need to provide a rule description. To do that I created a rule, action and filter description classes.

Rule Description
  1. /// <summary>
  2. /// Helper class to serialize a rule for a subscription
  3. /// </summary>
  4. [DataContract(Name = "RuleDescription", Namespace = "http://schemas.microsoft.com/netservices/2010/10/servicebus/connect")]
  5. public sealed class RuleDescription
  6. {
  7.     /// <summary>
  8.     /// The default name used in creating default rule when adding subscriptions
  9.     /// to a topic. The name is "$Default".
  10.     /// </summary>
  11.     public const string DefaultRuleName = "$Default";
  13.     public RuleDescription()
  14.         : this(new TrueFilter())
  15.     {
  16.     }
  18.     public RuleDescription(Filter filter)
  19.     {
  20.         if (filter == null)
  21.         {
  22.             throw new ArgumentNullException("filter");
  23.         }
  25.         this.Filter = filter;
  26.     }
  28.     [DataMember(Name = "Filter", IsRequired = false, Order = 1001, EmitDefaultValue = false)]
  29.     public Filter Filter { get; set; }
  31.     [DataMember(Name = "Action", IsRequired = false, Order = 1002, EmitDefaultValue = false)]
  32.     public RuleAction Action { get; set; }
  34.     public string TopicPath { getset; }
  36.     public string SubscriptionName { get; set; }
  38.     public string Name { getset; }       
  40.    
  41. }

The rule description contains rule actions.

Rule actions
  1. /// <summary>
  2. /// Helper class to serialize a rule for a subscription
  3. /// </summary>
  4. [DataContract(Name = "RuleAction", Namespace = "http://schemas.microsoft.com/netservices/2010/10/servicebus/connect")]
  5. [KnownType(typeof(EmptyRuleAction))]
  6. [KnownType(typeof(SqlRuleAction))]
  7. public abstract class RuleAction
  8. {
  9.     internal RuleAction()
  10.     {
  11.     }
  12. }
  14. /// <summary>
  15. /// Helper class to serialize a rule for a subscription
  16. /// </summary>
  17. [DataContract(Name = "EmptyRuleAction", Namespace = "http://schemas.microsoft.com/netservices/2010/10/servicebus/connect")]
  18. public sealed class EmptyRuleAction : RuleAction
  19. {
  20. }
  23. /// <summary>
  24. /// Helper class to serialize a rule for a subscription
  25. /// </summary>
  26. [DataContract(Name = "SqlRuleAction", Namespace = "http://schemas.microsoft.com/netservices/2010/10/servicebus/connect")]
  27. public sealed class SqlRuleAction : RuleAction
  28. {
  29.     public const int DefaultCompatibilityLevel = 20;
  31.     public SqlRuleAction(string sqlExpression)
  32.     {
  33.         if (string.IsNullOrEmpty(sqlBLOCKED EXPRESSION
  34.         {
  35.             throw new ArgumentNullException("sqlExpression");
  36.         }
  38.         this.SqlExpression = sqlExpression;
  39.         this.CompatibilityLevel = DefaultCompatibilityLevel;
  40.     }
  42.     [DataMember(Order = 0x10001)]
  43.     public string SqlExpression { get; private set; }
  45.     [DataMember(Order = 0x10002)]
  46.     public int CompatibilityLevel { get; private set; }
  47. }

The rule description contains rule filters

Rule Filters
  1. /// <summary>
  2. /// Helper class to serialize a rule for a subscription
  3. /// </summary>
  4. [DataContract(Name = "Filter", Namespace = "http://schemas.microsoft.com/netservices/2010/10/servicebus/connect")]
  5. [KnownType(typeof(SqlFilter))]
  6. [KnownType(typeof(TrueFilter))]
  7. [KnownType(typeof(FalseFilter))]
  8. [KnownType(typeof(CorrelationFilter))]
  9. public abstract class Filter
  10. {
  11.     internal Filter()
  12.     {
  13.     }
  14. }
  16. /// <summary>
  17. /// Helper class to serialize a rule for a subscription
  18. /// </summary>
  19. [DataContract(Name = "SqlFilter", Namespace = "http://schemas.microsoft.com/netservices/2010/10/servicebus/connect")]
  20. [KnownType(typeof(TrueFilter))]
  21. [KnownType(typeof(FalseFilter))]
  22. public class SqlFilter : Filter
  23. {
  24.     public const int DefaultCompatibilityLevel = 20;
  26.     public SqlFilter(string sqlExpression)
  27.     {
  28.         if (String.IsNullOrEmpty(sqlBLOCKED EXPRESSION
  29.         {
  30.             throw new ArgumentNullException("sqlExpression");
  31.         }
  33.         this.SqlExpression = sqlExpression;
  34.         this.CompatibilityLevel = DefaultCompatibilityLevel;
  35.     }
  37.     [DataMember(Order = 0x10001)]
  38.     public string SqlExpression { get; set; }
  40.     [DataMember(Order = 0x10002)]
  41.     public int CompatibilityLevel { get; set; }
  42. }
  45. /// <summary>
  46. /// Helper class to serialize a rule for a subscription
  47. /// </summary>
  48. [DataContract(Name = "TrueFilter", Namespace = "http://schemas.microsoft.com/netservices/2010/10/servicebus/connect")]
  49. public sealed class TrueFilter : SqlFilter
  50. {
  51.     public TrueFilter()
  52.         : base("1=1")
  53.     {
  54.     }
  55. }
  57. /// <summary>
  58. /// Helper class to serialize a rule for a subscription
  59. /// </summary>
  60. [DataContract(Name = "FalseFilter", Namespace = "http://schemas.microsoft.com/netservices/2010/10/servicebus/connect")]
  61. public sealed class FalseFilter : SqlFilter
  62. {
  63.     public FalseFilter()
  64.         : base("1=0")
  65.     {
  66.     }
  67. }
  69. /// <summary>
  70. /// Helper class to serialize a rule for a subscription
  71. /// </summary>
  72. [DataContract(Name = "CorrelationFilter", Namespace = "http://schemas.microsoft.com/netservices/2010/10/servicebus/connect")]
  73. public sealed class CorrelationFilter : Filter
  74. {
  75.     public CorrelationFilter(string correlationId)
  76.     {
  77.         this.CorrelationId = correlationId;
  78.     }
  80.     [DataMember(Order = 0x10001)]
  81.     public string CorrelationId { get; private set; }
  82. }

Now we are ready to add a new rule using REST API

Add a Rule
  1. public static void CreateRule(string serviceNamespace, string topicName, string subscriptionName, RuleDescription description , string token)
  2. {            
  3.     var ruleAddress = string.Format("https://{0}.servicebus.windows.net/{1}/subscriptions/{2}/rules/{3}", serviceNamespace, topicName, subscriptionName, description.Name);
  5.     try
  6.     {
  7.         var defautRuleAddress = string.Format("https://{0}.servicebus.windows.net/{1}/subscriptions/{2}/rules/$Default", serviceNamespace, topicName, subscriptionName);
  8.         DeleteResource(defautRuleAddress, token);
  9.     }
  10.     catch (WebException ex)
  11.     {
  12.         //The default rule was already deleted
  13.         if (ex.Message != "The remote server returned an error: (404) Not Found.")
  14.             throw;
  15.     }                       
  17.     WebClient webClient = new WebClient();
  18.     webClient.Headers[HttpRequestHeader.Authorization] = token;
  19.     webClient.Headers[HttpRequestHeader.ContentType] = @"application/atom+xml;type=entry;charset=utf-8";
  21.     var ruleDescription = Encoding.UTF8.GetString(Serialize<RuleDescription>(description));
  23.     var putData = @"<entry xmlns='http://www.w3.org/2005/Atom'><content type='application/xml'>" + ruleDescription  + @"</content></entry>";
  25.     webClient.UploadData(ruleAddress, "PUT", Encoding.UTF8.GetBytes(putData));
  27. }

As you can see the first thing we do is delete the default rule that accepts all messages. Then we attach the serialization of our rule description to a PUT Http request we send to the URI of the new rule at:
https://{serviceNamespace}.servicebus.windows.net/{topicName}/subscriptions/{subscriptionName}/rules/{ruleName}

That is it. We have a new rule on our subscription.

With that I end the Series of post about using REST API of AppFabric Topics.

Enjoy

Manu

Posted: Mar 12 2012, 07:31 PM by Manu Cohen-Yashar | with 48 comment(s)
תגים:, ,

Azure ServiceBus Topic using REST API – Part 3

In the last two posts we showed how to use the Azure ServiceBus service bus REST API to send a message to a topic.
In this post we will see how to listen on a topic and receive a message.

There are two options:

1. Receive a message and delete it from the topic.

Receive and Delete
  1. public static T ReceiveAndDeleteMessage<T>(string serviceNamespace, string topicName,
  2.     string subscriptionName, string token) where T : class
  3. {
  4.     var address = string.Format("https://{0}.{1}/{2}/subscriptions/{3}/messages/head?timeout=10",
  5.         serviceNamespace, sbHostName, topicName, subscriptionName);
  7.     WebClient webClient = new WebClient();
  8.     webClient.Headers[HttpRequestHeader.Authorization] = token;
  10.     byte[] response = webClient.UploadData(address, "DELETE", new byte[0]);
  12.     return Deserialize<T>(response);            
  13. }

2. Receive the message but keep it locked on the queue until we decide to delete it (for example after message processing succeeded).

Receive and Peek
  1. public static T ReceiveAndPeekMessage<T>(string serviceNamespace, string topicName,
  2.     string subscriptionName, string token) where T : class
  3. {
  4.     var address = string.Format("https://{0}.{1}/{2}/subscriptions/{3}/messages/head?timeout=10",
  5.         serviceNamespace, sbHostName, topicName, subscriptionName);
  7.     WebClient webClient = new WebClient();
  8.     webClient.Headers[HttpRequestHeader.Authorization] = token;
  9.     byte[] response = (webClient.UploadData(address, "POST", new byte[0]));
  11.     //use the information in the BrokerProperties to unlock the message
  12.     var serilaizedBrokeredProperties = webClient.ResponseHeaders["BrokerProperties"];
  13.     BrokerProperties brokerProperties = BrokerProperties.Deserialize(serilaizedBrokeredProperties);            
  14.    
  15.     return Deserialize<T>(response);
  16. }

The following table describe the information that will be placed in the brokerProperties object 

Response Header

Description

BrokerProperties{MessageLocation}

The URI of the locked message. This URI is needed to unlock or delete the message.

BrokerProperties{LockTocken}

The lock ID for the locked message. This ID is needed to delete the locked message.

BrokerProperties{LockLocation}

The lock URI for the locked message. This URI is needed to unlock the message for processing by other receivers. The lock URI will be the following format: https://{serviceNamespace}.appfabric.Windows.net/{topic-path}/subscriptions/{subscription-name}/messages/{message-id}/{lock-id}.

To delete a lock or delete message (after the lock is deleted) I will use a general method for deleting service bus resources

Delete Resources
  1. private static void DeleteResource(string address, string token)
  2. {
  4.     WebClient webClient = new WebClient();
  5.     webClient.Headers[HttpRequestHeader.Authorization] = token;
  7.     webClient.UploadData(address, "DELETE", new byte[0]);
  8. }

That's all we received a message. On the next post we will learn how to create a rule for a subscription.

Enjoy

manu

Posted: Mar 11 2012, 08:21 PM by Manu Cohen-Yashar | with 7 comment(s)
תגים:, , ,

Azure ServiceBus Topic using REST API – Part 2

In the last post I described why to use REST API when working with Azure service bus and demonstrated how to create a topic and subscription.

In this post we will actually send a message to the topic.

When sending a http request with a message to a topic we have to provide two special headers
1. Authorization header with the token we received from ACS
2.  BrokerProperties with Json serialization of metadata of metadata about our message.

To do that let us create a special class that will help us represent and serialize the metadata.

Broker Properties
  1. /// <summary>
  2. /// Container for general properties of messages that are placed in the "BrokerProperties" http header and can be used to filter messages
  3. /// </summary>
  4. [DataContract]
  5. public sealed class BrokerProperties
  6. {
  7.     private static readonly DataContractJsonSerializer serializer = new DataContractJsonSerializer(typeof(BrokerProperties));
  9.     [DataMember(EmitDefaultValue = false)]
  10.     public string CorrelationId { get; set; }
  12.     [DataMember(EmitDefaultValue = false)]
  13.     public string SessionId { get; set; }
  15.     [DataMember(EmitDefaultValue = false)]
  16.     public int? DeliveryCount { get; set; }
  18.     [DataMember(EmitDefaultValue = false)]
  19.     public Guid? LockToken { get; set; }
  21.     [DataMember(EmitDefaultValue = false)]
  22.     public string MessageId { get; set; }
  24.     [DataMember(EmitDefaultValue = false)]
  25.     public string Label { get; set; }
  27.     [DataMember(EmitDefaultValue = false)]
  28.     public string ReplyTo { get; set; }
  30.     [DataMember(EmitDefaultValue = false)]
  31.     public long? SequenceNumber { get; set; }
  33.     [DataMember(EmitDefaultValue = false)]
  34.     public string To { get; set; }
  36.     public DateTime? LockedUntilUtc { get; set; }
  38.     public DateTime? ScheduledEnqueueTimeUtc { get; set; }
  40.     public TimeSpan? TimeToLive { get; set; }
  42.     [DataMember(EmitDefaultValue = false)]
  43.     public string ReplyToSessionId { get; set; }
  45.     [DataMember(Name = "LockedUntilUtc", EmitDefaultValue = false)]
  46.     public string LockedUntilUtcString
  47.     {
  48.         get
  49.         {
  50.             if (this.LockedUntilUtc != null && this.LockedUntilUtc.HasValue)
  51.             {
  52.                 return this.LockedUntilUtc.Value.ToString("r");
  53.             }
  55.             return null;
  56.         }
  58.         set
  59.         {
  60.             try
  61.             {
  62.                 // When deserializing from JSON format, attempt to parse the value.
  63.                 // If the value cannot be parsed as a date time, ignore it.
  64.                 this.LockedUntilUtc = DateTime.Parse(value, CultureInfo.InvariantCulture, DateTimeStyles.RoundtripKind);
  65.             }
  66.             catch
  67.             {
  68.             }
  69.         }
  70.     }
  72.     [DataMember(Name = "ScheduledEnqueueTimeUtc", EmitDefaultValue = false)]
  73.     public string ScheduledEnqueueTimeUtcString
  74.     {
  75.         get
  76.         {
  77.             if (this.ScheduledEnqueueTimeUtc != null && this.ScheduledEnqueueTimeUtc.HasValue)
  78.             {
  79.                 return this.ScheduledEnqueueTimeUtc.Value.ToString("r");
  80.             }
  82.             return null;
  83.         }
  85.         set
  86.         {
  87.             try
  88.             {
  89.                 // When deserializing from JSON format, attempt to parse the value.
  90.                 // If the value cannot be parsed as a date time, ignore it.
  91.                 this.ScheduledEnqueueTimeUtc = DateTime.Parse(value, CultureInfo.InvariantCulture, DateTimeStyles.RoundtripKind);
  92.             }
  93.             catch
  94.             {
  95.             }
  96.         }
  97.     }
  99.     [DataMember(Name = "TimeToLive", EmitDefaultValue = false)]
  100.     public double TimeToLiveString
  101.     {
  102.         get
  103.         {
  104.             if (this.TimeToLive != null && this.TimeToLive.HasValue)
  105.             {
  106.                 return this.TimeToLive.Value.TotalSeconds;
  107.             }
  109.             return 0;
  110.         }
  112.         set
  113.         {
  114.             // This is needed as TimeSpan.FromSeconds(TimeSpan.MaxValue.TotalSeconds) throws Overflow exception.
  115.             if (TimeSpan.MaxValue.TotalSeconds == value)
  116.             {
  117.                 this.TimeToLive = TimeSpan.MaxValue;
  118.             }
  119.             else
  120.             {
  121.                 this.TimeToLive = TimeSpan.FromSeconds(value);
  122.             }
  123.         }
  124.     }
  126.     public static BrokerProperties Deserialize(string jsonString)
  127.     {
  128.         using (MemoryStream ms = new MemoryStream(Encoding.UTF8.GetBytes(jsonString)))
  129.         {
  130.             return (BrokerProperties)serializer.ReadObject(ms);
  131.         }
  132.     }
  134.     public string Serialize()
  135.     {
  136.         using (MemoryStream memoryStream = new MemoryStream())
  137.         {
  138.             serializer.WriteObject(memoryStream, this);
  140.             memoryStream.Position = 0;
  141.             using (StreamReader reader = new StreamReader(memoryStream))
  142.             {
  143.                 return reader.ReadToEnd();
  144.             }
  145.         }
  146.     }
  147. }

Now we know how to create a token (previous post) and represent metadata. so let us send a message

Code Snippet
  1. public static void SendMessage<T>(string serviceNamespace, string topicName,
  2.     T content, string token, string receiverName) where T : class
  3. {
  4.     var fullAddress = string.Format("https://{0}.{1}/{2}//messages?timeout=60",
  5.         serviceNamespace, sbHostName, topicName);
  7.     BrokerProperties brokeredProparties = new BrokerProperties();
  8.     brokeredProparties.To = receiverName;
  10.     WebClient webClient = new WebClient();
  11.     webClient.Headers[HttpRequestHeader.Authorization] = token;            
  12.     webClient.Headers["BrokerProperties"] = brokeredProparties.Serialize();
  13.                 
  14.     //All the message's properties are propagated so they can be used in a Sql Filter
  15.     foreach (var prop in typeof(T).GetProperties())
  16.     {
  17.         webClient.Headers[prop.Name] = prop.GetValue(content, null).ToString();
  18.     }            
  20.     webClient.UploadData(fullAddress, "POST", Serialize(content));
  21. }

As you can see I put the receiver name in the "To" properties of the BrokerProperties object. This will allow us later to create a rule that filter the messages accordingly (e.g. To=receiver)

Also you can see that I propagated all of the message's properties. A propagated property is placed as a Http header and provide the ability to later filter messages according to its value by creating a relevant rule.
In production I assume that you will propagate only the properties you need !!!

The body message contains the DataContract Serialization of our data.
All we need to do is send the Http Request (using POST verb) to our topic at:
https://{namespace}.{appfabric.windows.net}/{topicname}//messages?timeout=60

Serialization
  1. private static byte[] Serialize<T>(T content) where T : class
  2. {
  3.     try
  4.     {
  5.         var serializer = new DataContractSerializer(typeof(T));
  6.         MemoryStream memstream = new MemoryStream();
  7.         var writer = XmlDictionaryWriter.CreateTextWriter(memstream, Encoding.UTF8);
  8.         serializer.WriteObject(writer, content);
  9.         writer.Flush();
  11.         return memstream.ToArray();
  12.     }
  13.     catch (Exception)
  14.     {
  15.         // log this
  16.         return null;
  17.     }           
  18. }


Enjoy

Manu

Posted: Mar 08 2012, 12:56 PM by Manu Cohen-Yashar | with 7 comment(s)
תגים:, ,