Skip to main content

WCF 8192 issue

This was a simple issue which baffled few brains in my project. For the past few weeks i was seeing the mails about this. What was the exact problem?
 Whenever a large xml stream is passed through WCF it generated the following error. Everything was fins at the ASP.net client side. Almost all the known properties of
 Problem:
The maximum string content length quota (8192) has been exceeded while reading XML data. This quota may be increased by changing the MaxStringContentLength property on the XmlDictionaryReaderQuotas object used when creating the XML reader.

Cause: 
By default WCF allows a string content of size 8192 (8K) to pass through without any problems. If the size increases above this set limit WCF treats the incoming message as bad message & hence throws an exception. This level was set considering the security aspect of distributed system.

If we have to pass more data we will have to manually override this default setting.

Now here the trick. Everyone looked at the client side but there is a server part also :)
When a WCF client is created  automatically all the properties required to run that service is added by default by visual studio.



Changes made in WCF server applications web.config :
Added a new HTTPbinding 
    <bindings>
      <wsHttpBinding>
        <binding name="newHTTPBinding" maxBufferPoolSize="2147483647"maxReceivedMessageSize="2147483647">
          <readerQuotas maxDepth="32" maxStringContentLength="2147483647"
            maxArrayLength="16384" maxBytesPerRead="4096"maxNameTableCharCount="16384" />
        binding>
      wsHttpBinding>
    bindings>

set the value for maxBufferPoolSize, maxReceivedMessageSize,maxStringContentLength

for the HTTPEndpoint i created a new binding configuration and mapped it

<endpoint bindingConfiguration="newHTTPBinding" address="" binding="wsHttpBinding"contract="Abhi.AbhiBiz.IContractBusiness">

After this binding the WCF endpoint will take the new properties and allow more characters through the endpoint

Stringcontent was given a higher value at client- presentation layer but the same configuration was not given in WCF service-endpoint at the business layer.

Security issue : 

2147483647 is the magical figure but most of the applications doesn't need this much data.If not tested properly this configuration can lead to DOS attacks.
We need a realistic figure which matches the datatransfer between the endpoints. BufferSize also should be monitored to check the memory consumption


WCF de-serializes the object passed between endpoints, so if an object of 500 KB is passed the de-serilized data will be much higher. Further complexity can arise if an array of object is passed. So a realistic value for maxBufferPoolSize, maxReceivedMessageSize,maxStringContentLength should be given.
Labels:

Comments

Post a Comment

Popular posts from this blog

PDCA & SCRUM (or Agile); Why is it important?

The PDCA (Plan DO Check Act) cycle was made popular by Dr. W. Edwards Deming. This is a scientific cyclic process which can be used to improve the process (or product). This is cyclic in nature and usually time boxed. Plan  This is the first stage of the process. During this step the team discusses the objectives, the process and the clear conditions of exit (conditions of acceptance). This stage sets the measurable and achievable goals for the team. DO Team works together to achieve the objective set in the planning phase. Team works with the set of agreed process. Check Once the implantation is done team regroups and verifies the output and compares it to the agreed conditions of acceptance decided during the planning phase. The deviation, if any, is noted down. ACT If any deviation in planned tasks is observed during the Check stage, a root cause analysis is conducted. Team brainstorms and identifies the changes required to prevent such deviations in future. Team also
Post a Comment
Read more

Why is potentially shippable product quality important

Agile teams work in iterations. During this period, they are supposed to work on product increments which can be “delivered” at the end of iteration. But how you know that the correct product was delivered? Many teams have different kinds of acceptance criteria and Definition of Done (DoD). But in many cases, this “done” is not the real “done” there might be some testing pending, some integration or review pending or anything else which prevents the actual use of the product increment. Many of these teams will need additional iterations to finish hardening their products. Many teams will implement different types of “gates” or approval steps to move to next stage. The free flow of product will be interrupted. They might end up doing mini waterfall within their agile process. Many don’t even realize this. This results in poor quality and requires additional effort to “harden” the product. Potentially Shippable Product increment The acceptance criteria and DoD should be modified
Post a Comment
Read more

Product Backlog: Should you write everything in user story format?

I like user stories a lot. They help everyone talk the same language and results in a better product. User story alone does not constitute product requirement. User story is supposed to be a place holder for discussion which should happen between the team, Product Owner and the customer. This discussion result in a common understanding which along with the user story content is the product requirement. This format captures the essence of requirement without confusing the readers User Story is only one of the many different ways in which requirements can be represented. This is not mandatory in any Agile “process”. But many have made this mandatory. I have seen many spending countless hours trying to write the requirements in user story format when they could have easily written that in simple one-line sentence in few minutes.   I have seen team members refusing to even discuss the requirement until product owner rewrote the requirement in user story format. Once I
Post a Comment
Read more