Skip to main content

WCF 8192 issue

This was a simple issue which baffled few brains in my project. For the past few weeks i was seeing the mails about this. What was the exact problem?
 Whenever a large xml stream is passed through WCF it generated the following error. Everything was fins at the ASP.net client side. Almost all the known properties of
 
Problem:
The maximum string content length quota (8192) has been exceeded while reading XML data. This quota may be increased by changing the MaxStringContentLength property on the XmlDictionaryReaderQuotas object used when creating the XML reader.

Cause: 
By default WCF allows a string content of size 8192 (8K) to pass through without any problems. If the size increases above this set limit WCF treats the incoming message as bad message & hence throws an exception. This level was set considering the security aspect of distributed system.

If we have to pass more data we will have to manually override this default setting.

Now here the trick. Everyone looked at the client side but there is a server part also :)

When a WCF client is created  automatically all the properties required to run that service is added by default by visual studio.



Changes made in WCF server applications web.config :
Added a new HTTPbinding 
    <bindings>
      <wsHttpBinding>
        <binding name="newHTTPBinding" maxBufferPoolSize="2147483647"maxReceivedMessageSize="2147483647">
          <readerQuotas maxDepth="32" maxStringContentLength="2147483647"
            maxArrayLength="16384" maxBytesPerRead="4096"maxNameTableCharCount="16384" />
        binding>
      wsHttpBinding>
    bindings>

set the value for maxBufferPoolSize, maxReceivedMessageSize,maxStringContentLength

for the HTTPEndpoint i created a new binding configuration and mapped it

<endpoint bindingConfiguration="newHTTPBinding" address="" binding="wsHttpBinding"contract="Abhi.AbhiBiz.IContractBusiness">

After this binding the WCF endpoint will take the new properties and allow more characters through the endpoint

Stringcontent was given a higher value at client- presentation layer but the same configuration was not given in WCF service-endpoint at the business layer.

Security issue : 

2147483647 is the magical figure but most of the applications doesn't need this much data.If not tested properly this configuration can lead to DOS attacks.
We need a realistic figure which matches the datatransfer between the endpoints. BufferSize also should be monitored to check the memory consumption



WCF de-serializes the object passed between endpoints, so if an object of 500 KB is passed the de-serilized data will be much higher. Further complexity can arise if an array of object is passed. So a realistic value for maxBufferPoolSize, maxReceivedMessageSize,maxStringContentLength should be given.

Comments

Popular posts from this blog

PDCA & SCRUM (or Agile); Why is it important?

The PDCA (Plan DO Check Act) cycle was made popular by Dr. W. Edwards Deming. This is a scientific cyclic process which can be used to improve the process (or product). This is cyclic in nature and usually time boxed. Plan  This is the first stage of the process. During this step the team discusses the objectives, the process and the clear conditions of exit (conditions of acceptance). This stage sets the measurable and achievable goals for the team. DO Team works together to achieve the objective set in the planning phase. Team works with the set of agreed process. Check Once the implantation is done team regroups and verifies the output and compares it to the agreed conditions of acceptance decided during the planning phase. The deviation, if any, is noted down. ACT If any deviation in planned tasks is observed during the Check stage, a root cause analysis is conducted. Team brainstorms and identifies the changes required to prevent such deviatio...

SQL Server: GETDATE() & GETUTCDATE() & different time zones

Most of us will use GetDate() function for providing default value in SQL server columns. This function Returns the current database system timestamp as a   datetime   value without the database time zone offset. This value is derived from the operating system of the computer on which the instance of SQL Server is running. This works perfectly if you don’t have to show reports and such stuffs for users from different time zones. In case you want to store time independent of time zones in some universal format; what will do? Well there is GetUtcDate() function for you. This function will return then UTC date based on the setting of the server on which SQL server is installed. I executed the following function & I got the two different date output values. SELECT  GETDATE() AS Expr1, GETUTCDATE () AS Expr2 2/28/2010 1:27:17 PM ,  2/28/2010 7:57:17 AM SQL Server 2008 SQL Server 2008 has two new DataTypes: date & time You can use them to ret...

Why is potentially shippable product quality important

Agile teams work in iterations. During this period, they are supposed to work on product increments which can be “delivered” at the end of iteration. But how you know that the correct product was delivered? Many teams have different kinds of acceptance criteria and Definition of Done (DoD). But in many cases, this “done” is not the real “done” there might be some testing pending, some integration or review pending or anything else which prevents the actual use of the product increment. Many of these teams will need additional iterations to finish hardening their products. Many teams will implement different types of “gates” or approval steps to move to next stage. The free flow of product will be interrupted. They might end up doing mini waterfall within their agile process. Many don’t even realize this. This results in poor quality and requires additional effort to “harden” the product. Potentially Shippable Product increment The acceptance criteria and DoD should be modified...