In this article we will see some of the coding best practices done to ensure RIA services are secure. The best practices are referred from msdn.
I will be taking paging-caching , authentication and authorization and adding endpoints in subsequent articles.
When you expose a domain service by applying the EnableClientAccessAttribute attribute, the domain service is available to everyone on the network where it is exposed.
Will explain 5, 8 and 9 in next few articles to come.
I will be taking paging-caching , authentication and authorization and adding endpoints in subsequent articles.
When you expose a domain service by applying the EnableClientAccessAttribute attribute, the domain service is available to everyone on the network where it is exposed.
The Client application is accessed not only by your application but also any other application can access the domain service. This consideration is important not just for application with sensitive data hosted to public but also in case of an application hosted behind a firewall.
Here I have tried to list down a few things which we use in our project , reference is msdn.
Best Practices
Sl No
|
1
|
ID
|
D&O_1
|
Best Practice Definition
|
Only the required data should be exposed to the client
|
Explanation
|
If there are 5 columns of a table in the application and say, only 2 columns are needed by the client expose only the two columns required by the client to do the task.
You should also expose only those entities that should be consumed by the client and not all the entities.
|
Example
|
When a column should not be exposed decorate it with [Exclude] attribute.
Exclude specifies that an entity member will not exist in the code-generated client view of the entity, and that the value should never be sent to the client.
Or you can create a separate domain class, which contains only those entities that should be exposed to the client.
|
Sl No
|
2
|
ID
|
D&O_2
|
Best Practice Definition
|
Only the required operations should be exposed to the client
|
Explanation
|
Suppose for an entity Product, Products can be inserted and updated and cannot be deleted, we should not expose delete method to the client.
|
Example
|
You can either create multiple domain services one for the client and other with server exposing the appropriate methods and decorate the methods which are not used by client with [Ignore] attribute in the client’s domain service.
|
Sl No
|
3
|
ID
|
D&O_3
|
Best Practice Definition
|
Retrieve only the required operations and not everything in the database
|
Explanation
|
Pass required parameters to query operations so that the output data can be filtered as required.
|
Example
|
For a method GetReportForAnEmployee , create a separate LINQ query and pass EmployeeID as a parameter instead of using GetReport() and then doing some operations on all the data that is retrieved.
 |
Sl No
|
4
|
ID
|
D&O_4
|
Best Practice Definition
| Use separate query methods for each specific scenario. |
Explanation
|
Pass required parameters to query operations so that the output data can be filtered as required.
|
Example
|
For example, if products are shown by category or supplier, you can provide two methods that accept category or supplier information, instead of a single method that returns all of the products.
|
Sl No
|
5
|
ID
|
D&O_5
|
Best Practice Definition
| Use caching and paging intelligently. |
Explanation
|
Paging helps to show the results when large number of records is retrieved present in the search result, while managing the server load.
Caching decreases load on middle layer.
|
Example
|
Sl No
|
6
|
ID
|
A&A_1
|
Best Practice Definition
| Provide authentication and authorization for data and operations. |
Explanation
|
Apply the RequiresAuthenticationAttribute attribute to a domain method to restrict access to the operation to only authenticated users.
the RequiresAuthenticationAttribute attribute is applied to an entire domain service class, all of the domain operations are restricted to only authenticated users.
The RequiresAuthenticationAttribute attribute prevents the method from being executed when the user is not authenticated.
|
Example
|
[RequiresAuthentication]
public void InsertEmployee(Employee employee)
{
if ((employee.EntityState != EntityState.Detached))
{
this.ObjectContext.ObjectStateManager.ChangeObjectState(employee, EntityState.Added);
}
else
{
this.ObjectContext.Employees.AddObject(employee);
}
}
|
Sl No
|
7
|
ID
|
A&A_2
|
Best Practice Definition
| Provide authentication and authorization for data and operations. |
Explanation
|
RequiresRoleAttribute is applied to a domain method to restrict access to the operation to only authenticated users that belong to one of the specified roles.
When you apply the RequiresRoleAttribute to an entire domain service class, all of the domain operations are restricted to only authenticated users that belong to the specified roles.
The RequiresRoleAttribute prevents the method from being executed when the user does meet the authentication criteria.
|
Example
|
[RequiresRole("Administrator")]
public void DeleteEmployee(Employee employee)
{
if ((employee.EntityState == EntityState.Detached))
{
this.ObjectContext.Employees.Attach(employee);
}
this.ObjectContext.Employees.DeleteObject(employee);
}
|
Will explain 5, 8 and 9 in next few articles to come.
Sl No
|
8
|
ID
|
A&A_3
|
Best Practice Definition
| Always verify data before using it. |
Explanation
| Data sent from client should not be trusted, verify the data for data type , regular expressions, nulls and empty, length etc in the domain service. You can also validate these using custom validators. |
Example
|
Sl No
|
9
|
ID
|
EP_1
|
Best Practice Definition
| Minimize the number of end points |
Explanation
| For RIA Service, binary endpoint is default. New endpoints should be added in the web.config only when needed. |
Example
|
No comments:
Post a Comment