Tuesday, March 20, 2007

Vault 2008 and WSE 3.0

I wrote this post some time ago - when I wasn't sure where the embargo on Vault stood... Now I think I'm in the clear, since at least Productstream has been officially released.

Warning: This is a pretty obscure post - so if you're not involved in Vault development, you might want to pass on this one!

The next version of Vault (2008) is catching up to the latest in Web Standards from Microsoft - Web Services Enhancements 3.0. This will be nice, because WSE 3.0 is the only version that plays nicely with Visual Studio 2005 (leaving developers to jump through some hoops to make things work).

Along the way, I found out about a few issues that make Vault development a little more challenging...

1. Ticket changes
The behavior of the SecurityHeader ticket has been improved... Prior to now it tended to be the same for a long time (I'm not sure if I have it figured out, but you could restart the webserver, and your ticket would still be valid). Now, if you try restarting the webserver, your client's ticket is no longer valid, and you get a SoapException #300.

Working around this scenario means implementing either partial classes or derived classes to be able to store the userID and password, then do a "try/catch" around the actual invoking of the Web Services method... If you get a 300, then you need to try to re-login and then re-Invoke...

2. Download file changes
The signature for the file download has changed - instead of using DIME attachments, the routine just passes back a byte array... However, it's important to note that there is a client config setting called "MTOM" which should be turned on in order to have efficient transfers (if you don't, files will transfer in base-64 ascii mode rather than as binary - making them perhaps 30% less efficient).

3. Time is of the essence
Maybe it was the DST debacle - or maybe either WSE 3.0 or Vault 2008 is more sensitive about time differences between client and server. I know that while doing some wide-area testing, my machine clock was out-of-sync with the Vault 2008 server by about 10-15 minutes - and it would not let me work (buried down deep in the exception was a very clear message about the time tolerance setting). In particular I think it doesn't like it if the SecurityHeader looks like it was generated in the future.

Well - I hope that this was useful to Vault developers out there...

No comments: