Client / Server Communication
.NET Remoting provides a useful way to manage synchronous and asynchronous RPC sessions across application domains. Remote object code can run on the server (such as object activation of the server and client activation), or can run on the client (the remote objects on which it has been serialized through the client / server). In either case, only a small amount of code can only be used in a very simple programming language as long as the initialization and configuration (this is not difficult). The use of the remote object (which is an agent when the agent is generated) is transparent to the programmer. For example, the early Windows RPC mechanism requires familiar types and uses IDL tools to be used to process the developer's public RPC client and server stub management. Remoting is much easier when providing RPC for .NET, and because of the easy-to-understand .NET data type, it eliminates the case where the type mismatch in the early RPC mechanism (this is a very big threat).
By default, transing can be configured to use HTTP or TCP protocol and communicate using XML encoded SOAP or native binary messages. Developers can build custom protocols (channels) or message formats (formatted) and are used by the Remoting framework when needed. Both servers and client components can select ports, just like the communication protocol can be selected. One of the advantages of this is that it is easy to establish and run basic communications.
However, status management is considered when selecting the communication type. This section will then introduce the various communication options provided by Remoting and its related design meanings.
Sense of server activation
"The server activation object" is an object that is controlled by the server. They are created by the server as needed only when the client calls the first method of the object. The object activated object only supports the default constructor. To use the parameterized constructor for remote objects, you can use "Client Activation" or "Dynamic Publish" (see below). The object activated by the server is also known as well known object type because its position (URL) is pre-published and known. The object activated object has two activation modes: Singleton and SingleCall, which will be introduced below. To create an instance of the server activation type, you can configure the application by programming, or a static configuration. The configuration of the server activation is quite simple, for example, the following code snippet
Objecturi = "HelloService.soap" /> Describes a service-activated (WellkNown) type, which is activated to set to SingleCall. For more information on confining Remoting, please refer to "Server-Side Registration" in the .NET Framework Developer's Guide on the MSDN. Singleton These objects follow traditional Singleton design patterns in which there is only one instance in memory at any time, and all clients accept the services provided by this instance. But note that these types have the default survival associated with it. This means that the client does not have to receive references to this class's reference for classes that can be remotely processed. The latter situation is meaningful to state management, and this Remoting mode is different from the traditional Singleton mode (the same object identification). If your design needs to use traditional Singleton status management mode, there are two ways to resolve this issue. One way is to ignore the default object lease behavior so that "always" is always saved in memory when the host application domain is running. The following code snippet shows how to do this: public class myclass: MarshalByrefObject { Public override Object InitializelifetimeService () { Return NULL; } } As mentioned above, this mechanism locks objects into memory and prevents objects from being recycled, but can only do this during the host application. For IIS integration, if the IIS or IIS process of the integrated Remoting session is reclaimed (many reasons can cause this phenomenon), the object will be destroyed. To completely depend on the Remoting thread secure Singleton status data, we need to do three things: 1. Ignore the rental mechanism so that the rent is indefinite, as described above. 2. Integrate Remote Server in our own design, for example, you can fully control system services for its survival. Although this process can also be recovered, its operation is more obvious, more probably compared to the recovery IIS assist process. 3. Develop remote servers as thread secure servers because it can use multiple threads to complete the concurrent request of the client. This means that managing concurrency will write to shared resources and often pay attention to shared access to static memory. SingleCall SingleCall Remote Server Type always sets an instance for each client request. The next method call will be changed by other instances. From a design perspective, the features provided by the SingleCall type are very simple. This mechanism does not provide status management if you need state management, which will be an unfavorable; if you don't need it, this mechanism will be very ideal. Maybe you only care about load balancing and scalability, then in this case, this mode will be your ideal choice because there is only one instance for each request. If you prefer, developers can provide their own status management to the SingleCall object, but this status data will not reside in the object because a new object ID will be instantified each time the new method is called. Dynamically released It is also necessary to consider the last type of server activation method, that is, dynamically published. This is a type of server activation, by providing a programmatic publishing mechanism, more control over the object structure can be made. It allows specific objects to be published in a particular URL and you can choose to use the parameterized constructor. From the structure, this type can be seen as a small variation of the server-activated Singleton type. For information on dynamic publishing, see .NET Framework Developer's Guide. Client activation object "Client Activation Object" is created on the server when the client calls new or activator.createInstance (). The client itself uses the living standard lease system to participate in the living life of these instances. This activation mechanism provides the most widely design flexibility. If you are activated using the client, the activation request will be sent to the server when the client attempts to activate the object. This mechanism allows the use of parameterized constructor and management of connection status for each client. Use client activation, each client accepts its specific server instance provided service, which simplifies a saving process of multiple call timing object status. But be cautious when using these objects, because it is easy to forget the session is distributed, the object is actually not only outside the process, but also in the case of multi-layer applications, it is possible outside the computer (set on the Internet A property is not too much). Practical and non-sprouted interfaces should be the guidelines here: in order to improve performance, we may need to trade between highly combined and loose coupling. To create an instance of the client activation type, you can configure an application by programming, or a static configuration. The configuration is relatively simple on the server on the server, for example, the following code segment Objecturi = "HelloService.soap" /> A type of client activation is described. Please note that we no longer need the URL, because the type itself is enough to activate to the type of client. In addition, the WellkNown tag has been replaced by the Activated tag. For more information on configuring Remoting, please refer to the "Server-Side Registration" in the .NET Framework Developer's Guide on the MSDN. Extensibility During processing remote method calls, .NET Remoting will format the "message" along Remoting to the server from the client. Message formats and channel itself are fully scalable and customizable. By default channels or formatters can be replaced by a custom-defined component. Messages can be intercepted and changed in multiple "reception points" during transmission, allowing a message to customize the message (eg, message encryption). The Custom Mechanism is described in the .NET Framework Developer's Guide (Sinks and Sink Chains), and some custom channels and formatting programs have appeared on the Internet (for example, the implementation of the NAMED PIPE channel). Most people are not interested in this extension because the default formatting procedures and channels provided by this technology have been used in the widest range (ie TCP and HTTP, especially with SOAP message formatting programs). However, in the initial design phase, you need to consider various solution options, remember that this feature is still necessary. Abnormal spread .NET Remoting fully supports exception spread across the Remoting boundary, which is a major improvement to use error code, such as DCOM. Using Remoting exception, it is best to mark an exception class as sequentially and implements the iSerializable interface. In this way, the exception can be properly serially across the Remoting boundary, or the custom data can be added to an abnormality during the construction process. It is best to define your own anomaly class for an exception to be consistent with remote processing and in use. Make sure to use this method to capture all exceptions and correctly propagate, and unprocessed exceptions are allowed to cross the Remoting boundary. Object life management .NET Remoting provides a powerful mechanism for the survival of the management of the remote object. If our server object does not retain any status (such as SingleCall object), you don't have to pay attention to this process, just let the Remoting infrastructure completed the job to be completed, the object will be reclaimed as garbage. If we reserve the status, whether the server activated Singleton or client activation, we may have to participate in the survival management process: object rental. We have seen a small degree of participation, using a simple (and useful) method, is to ignore the Initializer fiFetimeService method, as described above in the introduction of Singleton. This allows us to reserve objects during the process of integrating objects. So, how do this object life work? The object management mechanism provided by Remoting Based on the principle of lease: You will never have an object, just borrow it, you can use it as long as you continue to pay. This process will be further described below. However, first, you must briefly introduce how to handle the object clean in the COM. DCOM integrates two methods using ping and reference counts to determine if the object is still running, which is not only easy to make mistakes, but also high for network bandwidth. When using a reference count, the worst case is never fully understood, and the best situation is also very fragile. In the past (still still) To apply some simple rules to the reference count to make it work. The iUnknown interface of the COM object includes the AddRef and Release methods, which need to be called when the developer is appropriate. Sometimes the programmer makes it wrong, and the result is that the object is not deleted, and the associated memory leakage. Instead, Remoting is integrated based on rental living-by-life management system, using rental, person in charge, and lease manager. Each application domain contains a lease manager that stores the rental object of each Singleton or client activation in its domain. Each lease can have zero or more relevant person in charge, and the person in charge can re-rent when the lease manager determines the rental expiration. This rental function is provided by the Remoting infrastructure through the ILASE interface, by calling InIstIzelifetimeService, as described above. The ILEASE interface defines a lot of properties used to manage object lifetimes: InitialLeasetime. Determine the initial validity period of rent. Renewoncalltime. Update this time unit rental after each method is called. SponsorshipTimeout. The person in charge not know the time after the rent is expired, Remoting is waiting for time. Currentleasetime. Time (read-only) from the rental expiration. After renting expires, the lease manager will notify all rental person in charge, ask if they want to update the rent. If not updated, the related object reference will be released. The person in charge is an object that can be rented for remote objects. To become the person in charge, your class must be exported from the MarshalByrefObject and implements the ISPonsor interface. A rent can have multiple person in charge, and a person in charge can also participate in multiple rental. For lease management mechanisms for programming using these interfaces, see the .NET Framework Developer's Guide documentation on Lifetime Leases (English), this is not repeated here. However, it is worth noting that this powerful mechanism is just a meaningfulness of the survival of the state-based remote object. As mentioned above, you or completely ignore it, use it to save objects in memory while its process container is run, or is fully involved in the rental mechanism. Remote server integration There are many ways to integrate .NET remote servers, mainly divided into two categories, as described below. IIS integration under ASP.NET The ability to integrate remote server-side objects in IIS is provided as standard features. It has many advantages, including supporting security and scalability. To integrate objects under IIS: 1. Develop remote classes and inherit from MarshalByrefObject (or declare the class declaration as sequential). 2. Create a virtual web application using the IIS Manager. 3. Place the assembly containing your class to the BIN subfolder of the virtual web application. 4. Create a web.config file to save the configuration definition of the Remoting server and place it into the virtual root directory of the web application. It's that simple. However, you should know some restrictions: You cannot specify an application name for IIS integration because it is a virtual application name. HHTP channels must be used. If the Remoting client is also a web application, you must call RemotingConfiguration.configure when startup, which is usually in the Application_Start method of the global.asax file. You cannot use the Do not specify ports because IIS will perform port assignment. You can still use IIS management if needed to specify ports for the virtual application. The Remoting application domain will integrate in the ASPNET_WP.EXE assist process, by default, it will use the identity of the process. Note: There is an error in the current ASP.NET, requiring the process identity of the ASPNET_WP.exe auxiliary process to "System" or local computer account, default setting, "Machine" in Machine.Config is incorrect, resulting in domain When the controller's IIS is integrated, an error 500 "Internal Server Error" occurs when the ASP.NET application appears. It can be argued that this error is due to the lack of explanation of how to properly configure the document of the computer account. There is a lot of features in IIS: By default, it is possible to provide scalability, thread, audit, authentication, authorization, and secure communication. The ASP.NET assist process has been running, and you can use the But it also has some shortcomings: you must use HTTP with slow speed than TCP. In addition, IIS may loop the ASP.NET assist process, which will destroy all Singleton's status. For you, this may be a problem or not, depending on your design needs, because the next call of the client will restart Singleton. You can configure IIS to perform an auxiliary process, but this ability is limited, especially in IIS 5, and may result in a further influence. The most fundamentin here is that if the security of the remote server is required, it will undoubtedly use IIS integration. As for performance, only when the problem is actually perceived during system testing / use, and you can always find solutions to problems on hardware. Authentication problem to consider under IIS Authentication option .NET Remoting has no own security mode: authentication and authorization is performed by channels and host processes, and in this case it is executed by IIS. Windows authentication can be used for Remoting, configuring the configured If the remote object is IIS integration (in the ASP.NET assist process) and configured to use Windows authentication, you must use the channel's credential property to specify the credentials you want to use, otherwise it will result in remote calls without passing any credentials. This negligence is a common reason for HTTP access refusal response. To use the credentials of the process of integrated Remote Object Agents (Remoting Client Process), set the channel's credential property to defaultcredentials maintained by the process credentials. This can be done using channel elements (for web clients), i.e. IDictionary channelproperties; ChannelProperties = ChannelServices.getchannenelSinkProperties (Proxy); ChannelProperties ["Credentials"] = CredentialCache.defaultcredentials; To pass the "specific" credentials along with the remote object call, disable the default credentials, set IDictionary channelproperties = ChannelServices.getchannenenesinkProperties (Proxy); NetWorkcredential Credentials; Credentials = New NetworkCredential ("UserName", "Password", "Domain"); Objref ObjectReference = RemotingServices.Marshal (Proxy); URI Objecturi = New URI (ObjectReference.uri); Credentialcache Credcache = New CredentialCache (); // with Negotiate, Basic, Digest, // Kerberos or NTLM Replace AuthenticationType Credcache.Add (Objecturi, "AuthenticationType", Credentials; ChannelProperties ["CREDENTIALS"] = CREDCACHE; ChannelProperties ["preauthenticate"] = TRUE; Note: Set the PreAuthenticate property to true (as described above) will cause the WWW Authentication header to pass with the initial request. This will stop the web server to reject access to the original request, and perform authentication for subsequent requests. Integrated outside IIS There are many ways to remotely integrate outside IIS, as shown below. Integrate in the console application Developers can write a console application that launches the Remoting infrastructure, and then "stay in nearby". Leave it in the nearby reason because it contains an application domain integrating remote call. Writing a program is very simple: just call the RemotingConfiguration.configure method, pass your remote host profile to it, and then stop the process by waiting for an event, such as a button or receive a specific message. The advantage of this method is not required to use IIS on the intermediate layer, but it is not possible to generate at any time, so it is suitable for demo, development and testing. This is not to say that it is nothing, but it is limited. Integrate in the GUI application Developers can also write a Windows GUI application that launches the Remoting infrastructure and "stay in nearby". Similarly, the only reason for continuing execution is that it includes an application domain integrating remote call. Its development method is the same as the console application: the Remoting host can be started directly, or it can be started according to the user's interaction. Similarly, this method also has the advantage of IIS without the intermediate layer and can be used for demos and testing. Do some changes to this program can get peer-to-peer network (logic) WinForms applications, such as applications for chat types. Similarly, the range of use of the program is also very limited. Integrate in system services This possibility is very interesting, because the function provided by the Remoting infrastructure does not have the function of the system service concept itself. The system service can be configured to start when the computer is started and retained around until you let them leave, which is ideal for remote integration. Note that by setting "high isolation mode" for the virtual application, you can configure the IIS application to have similar behavior. There are still a lot of content worth discussing about this issue. This article does not discuss it. The customer asked many questions about this mechanism, including its use. First, introduce some of its advantages: We have introduced the benefits of the service itself; in addition, we can fully control the activation of the host process, for example, can choose to use dynamic publish or use client activation; do not need IIS, because we can load User profile and you can use binary coding messages on TCP to achieve good performance. But it's a lot of disadvantages. First, you have to build your own authentication and authorization mechanism if needed. .NET Remoting Security Solution, Part 1: Microsoft.samples.security.sspi assembly This article introduces the "security solution for .NET Remoting": "...... implemented SSPI managed packaging, providing verification client And the server and the core function needed to sign and encrypt the message sent between the two. "This is undoubtedly a valuable resource, which provides a mechanism to add this function, which is very useful. But the problem is that it is not a supported product, but a "informal" method for providing supplementary functions. And there is still a threat to developers because the solution depends on formatting programs and channel scalability. All of this requires avoidance, to get functions, you must add an entry to the Remoting Configuration to illustrate using Windows NT Challenge / Response (NTLM). But such security mechanisms are likely to join .NET Remoting's future versions. System services also need to be scalable and can be reused as a Remoting server because these functions will be required. For example, if there is no IIS, integration services will have to manage their audit and authorization, and both of these are IIS attached to standards. For these reasons, the use of system service integration mechanisms is limited, and you have to use in a constrained environment. The news in this environment is queued for separate exchange, and security is not a problem, or you can use IPsec on TCP. . Enterprise service management In order for remote components to participate in the COM environment (and run in COM context), you need to inherit from ServiceDComponent. Other features provided in ServicedComponent and System.EnterpriseServices Namespaces allow CLR components to specify multiple COM properties, such as representative of transaction requirements and server processes. Plus the strict naming mechanism and use the regsvcs command, the remote component can be part of the entire COM environment. Suppose the remote component needs to inherit from MarshalByrefObject, and the COM component needs to inherit from the servicedcomponent (and there is no multiple inheritance function in .NET managed code), how to achieve this? Fortunately, ServicedComponent is derived from ContextBoundObject, while the latter is derived from the MarshalByrefObject we need. Build a COM integration on Remoting is fully available, and it is indeed possible to obtain an apparent advantage provided by the enterprise service, such as the object pool, distributed transaction support, and role-based security. However, how to do this and such a method does what effect on future verification architecture, or not. We have reason to look forward to, with time, COM context infrastructure and Remoting's context infrastructure will be getting closer. But at this stage, how to do this and when this is not very clear.
