Extending Workflow Trusted Surface

Extending Workflow Trusted Surface


Due the fact that Windows Azure Workflow (Workflow Manager) is designed to run in the cloud, which is multitenant focused architecture, the host of workflow (Workflow Manager) must fulfill several security requirements. One of used approaches is so called “Trusted Surface”. This means that subset of common primitive types is supported only.

Currently the Trusted Surface consists of types and workflow activities from .NET Framework version 4 as well as few new types introduced in Workflow. For each of supported types, there is also a corresponding set of activities for manipulating them. Following table shows the reduced set of supported types:

 

Type

Supporting Activities

String

String Activities

Date support using DateTime and TimeSpan

Date Support Activities

Numeric support using Int32 and Double

Numeric Type Activities

Boolean

Boolean Activities

Guid

Guid Activities

ICollection, including IList

Collection Activities

IDictionary and KeyValuePair

IDictionary

DynamicValue

DynamicValue Activities

Exception

Exception Activities

Uri

Uri Activities

 

You might be disappointed that some of you favor types like long or decimal etc. are not supported out of the box?! Me too. But there are good reasons for that.
Fortunately there is a way how to embed any unsupported type.

For this reason, there is a file called AllowedTypes.xml. This file defines all types which are not supported and you want to support them. Basically, this file extends the Trusted Surface.
Following snippet shows to extend the Trusted Surface for types long and decimal:

<!--
Copy this file to following location:
C:\Program Files\Windows Azure Workflow\1.0\Workflow\WFWebRoot\bin
and
C:\Program Files\Windows Azure Workflow\1.0\Workflow\Artifacts
-->
<AllowedTypes>
  <Assembly Name="mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
   <Namespace Name="System">
    <Type>Int64</Type>
    <Type>DateTime</Type>
   </Namespace>
  </Assembly>
</AllowedTypes>
Please note that destination for AllowedTypes.Xml will be changed in release version refer to public documentation, which will officially describe where to copy it:
http://msdn.microsoft.com/en-us/library/windowsazure/jj193517(v=azure.10).aspx#BKMK_CustomTypes
Leave a Comment
  • Please add 7 and 3 and type the answer here:
  • Post
Wiki - Revision Comment List(Revision Comment)
Wikis - Comment List
Sort by: Published Date | Most Recent | Most Useful
Posting comments is temporarily disabled until 10:00am PST on Saturday, December 14th. Thank you for your patience.
Comments
  • "But there are good reasons for that".... what are the reasons that these types are not included?  Does that mean they are a security risk?

Page 1 of 1 (1 items)