Skip to main content

WCF 8192 issue

This was a simple issue which baffled few brains in my project. For the past few weeks i was seeing the mails about this. What was the exact problem?
 Whenever a large xml stream is passed through WCF it generated the following error. Everything was fins at the ASP.net client side. Almost all the known properties of
 
Problem:
The maximum string content length quota (8192) has been exceeded while reading XML data. This quota may be increased by changing the MaxStringContentLength property on the XmlDictionaryReaderQuotas object used when creating the XML reader.

Cause: 
By default WCF allows a string content of size 8192 (8K) to pass through without any problems. If the size increases above this set limit WCF treats the incoming message as bad message & hence throws an exception. This level was set considering the security aspect of distributed system.

If we have to pass more data we will have to manually override this default setting.

Now here the trick. Everyone looked at the client side but there is a server part also :)

When a WCF client is created  automatically all the properties required to run that service is added by default by visual studio.



Changes made in WCF server applications web.config :
Added a new HTTPbinding 
    <bindings>
      <wsHttpBinding>
        <binding name="newHTTPBinding" maxBufferPoolSize="2147483647"maxReceivedMessageSize="2147483647">
          <readerQuotas maxDepth="32" maxStringContentLength="2147483647"
            maxArrayLength="16384" maxBytesPerRead="4096"maxNameTableCharCount="16384" />
        binding>
      wsHttpBinding>
    bindings>

set the value for maxBufferPoolSize, maxReceivedMessageSize,maxStringContentLength

for the HTTPEndpoint i created a new binding configuration and mapped it

<endpoint bindingConfiguration="newHTTPBinding" address="" binding="wsHttpBinding"contract="Abhi.AbhiBiz.IContractBusiness">

After this binding the WCF endpoint will take the new properties and allow more characters through the endpoint

Stringcontent was given a higher value at client- presentation layer but the same configuration was not given in WCF service-endpoint at the business layer.

Security issue : 

2147483647 is the magical figure but most of the applications doesn't need this much data.If not tested properly this configuration can lead to DOS attacks.
We need a realistic figure which matches the datatransfer between the endpoints. BufferSize also should be monitored to check the memory consumption



WCF de-serializes the object passed between endpoints, so if an object of 500 KB is passed the de-serilized data will be much higher. Further complexity can arise if an array of object is passed. So a realistic value for maxBufferPoolSize, maxReceivedMessageSize,maxStringContentLength should be given.

Comments

Popular posts from this blog

PDCA & SCRUM (or Agile); Why is it important?

The PDCA (Plan DO Check Act) cycle was made popular by Dr. W. Edwards Deming. This is a scientific cyclic process which can be used to improve the process (or product). This is cyclic in nature and usually time boxed. Plan  This is the first stage of the process. During this step the team discusses the objectives, the process and the clear conditions of exit (conditions of acceptance). This stage sets the measurable and achievable goals for the team. DO Team works together to achieve the objective set in the planning phase. Team works with the set of agreed process. Check Once the implantation is done team regroups and verifies the output and compares it to the agreed conditions of acceptance decided during the planning phase. The deviation, if any, is noted down. ACT If any deviation in planned tasks is observed during the Check stage, a root cause analysis is conducted. Team brainstorms and identifies the changes required to prevent such deviations in future. Team also

SCRUM- Who should write a user story

Traditionally user stories (or requirements) were written by Business analysts. They used to prepare big documents after months of study. It was a herculean task. I used to get such UI/Functional specification documents. I have fixed a lot of bugs because I missed few text in such 1000 + pages document. This is not the only interesting part. Some of the requirements were so weird that I often wondered why I am creating the features which no one is going to use. If I had the option I would have recommended a better option. If the BA’s misunderstood some requirements & customers failed to correct those few words in the epic requirement then we will have a nice situation. In the agile world the story is different. Product Owners are primarily responsible for user stories. But can anyone else also contribute? Yes. Definitely yes In actual environment many users write user stories. The first requirement may come from end user. The PO, tech architect, scrum master, BA’s... anyone can up

Why is potentially shippable product quality important

Agile teams work in iterations. During this period, they are supposed to work on product increments which can be “delivered” at the end of iteration. But how you know that the correct product was delivered? Many teams have different kinds of acceptance criteria and Definition of Done (DoD). But in many cases, this “done” is not the real “done” there might be some testing pending, some integration or review pending or anything else which prevents the actual use of the product increment. Many of these teams will need additional iterations to finish hardening their products. Many teams will implement different types of “gates” or approval steps to move to next stage. The free flow of product will be interrupted. They might end up doing mini waterfall within their agile process. Many don’t even realize this. This results in poor quality and requires additional effort to “harden” the product. Potentially Shippable Product increment The acceptance criteria and DoD should be modified