Due the fact that Windows Azure Workflow (Workflow Manager) is designed to run in the cloud, which is multitenant focused architecture, the host of workflow (Workflow Manager) must fulfill several security requirements. One of used approaches is so called “Trusted Surface”. This means that subset of common primitive types is supported only.
Currently the Trusted Surface consists of types and workflow activities from .NET Framework version 4 as well as few new types introduced in Workflow. For each of supported types, there is also a corresponding set of activities for manipulating them. Following table shows the reduced set of supported types:
Type
Supporting Activities
String
String Activities
Date support using DateTime and TimeSpan
Date Support Activities
Numeric support using Int32 and Double
Numeric Type Activities
Boolean
Boolean Activities
Guid
Guid Activities
ICollection, including IList
Collection Activities
IDictionary and KeyValuePair
IDictionary
DynamicValue
DynamicValue Activities
Exception
Exception Activities
Uri
Uri Activities
You might be disappointed that some of you favor types like long or decimal etc. are not supported out of the box?! Me too. But there are good reasons for that. Fortunately there is a way how to embed any unsupported type. For this reason, there is a file called AllowedTypes.xml. This file defines all types which are not supported and you want to support them. Basically, this file extends the Trusted Surface. Following snippet shows to extend the Trusted Surface for types long and decimal:
Copy this file to following location: C:\Program Files\Windows Azure Workflow\1.0\Workflow\WFWebRoot\bin
C:\Program Files\Windows Azure Workflow\1.0\Workflow\Artifacts
"But there are good reasons for that".... what are the reasons that these types are not included? Does that mean they are a security risk?