I don’t really like Microsoft. Nothing new there, anything MS has been out of my computer for a very long time (except from a couple of VMWare images). I’ve never done any real development on Windows, and I haven’t wanted to. I have, however, heard many people ramble about how great Visual Studio is, so up until recently, I had the feeling that maybe I was missing out on something. I now know that I was not.
The past few weeks, I’ve been working on interoperability between identity based webservices. I won’t go into any more detail than saying that it involves, among others, these specs: SAML 2.0, XML DSig, XML Encryption, WS-SecurityPolicy, WS-Trust, and Liberty ID-WSF. Plus of course basic SOAP, WS-Addressing, and WS-Security. On Java, a lot of this is handled by Metro/WSIT, but we’ve also had to write our own WS-Trust client, and a SOAP client for generating just the right requests with the right signatures.
On the Micrsoft side, there’s the absolutely fantastic and revolutionary Geneva API. Of course, by fantastic I mean completely undocumented and untested, and by revolutionary I mean a WSIT ripoff.
That just about sets the mood. We were asked to do a simple setup which could demonstrate interop between a Java client and a .NET service. Should be easy. Microsoft people told us at a meeting that everything was supported, so there should be no problems. Except there were. And are. Two weeks later, we’ve not made much progress – it’s still not possible to send a signed request and get a signed response back, and WCF/Geneva just keeps on throwing exceptions in weird places.
Based on this quite unpleasant time, here are some of my main issues:
- Who in his right mind would want exception messages localized? Localized exceptions are often completely meaningless, and quite obviously translated by Babelfish anno 1998. At the very least include an error code, but no. Or even better, make it possible to switch language. Also no.
- When returning a SOAP fault, why not include the original error message? InvalidSecurity can mean anything, but if the service exception says “unable to find element with id #xxx referenced from signature xxx”, why not send that out? Or at least log it somewhere?
- Overselling. Geneva is advocated as something which will rock your world and solve all problems. Except it won’t, and many scenarios have never been tested. Or if they have, information about it is not available anywhere.
- Source code. I can live with poor documentation, but then at least make it possible for me to go look at the source when there’s something which doesn’t work as expected. It might not be pretty (I’ve spent a good amount of time in the WSIT source, and that’s not necessarily pleasant, but it gets the job done. I can even patch it. Who would have thought it possible???), but you’re never completely stuck. With most Microsoft products, once you’ve found out that something doesn’t work as you expected, you can try googling, ask on a forum, and that’s just about it.
- Visual Studio. Who actually think that this is a pleasant environment? The very least they could to is to buy ReSharper, but where’s Quick Fix? Where’s type completion which is actually useful? Why does the object browser suck so badly? Where has all the LOCs gone for Visual Studio?
- Debug logging. Look at just about any Java API, and there’s lots of debug logging just waiting to be enabled. Number of debug lines in Geneva encountered so far: 0. Thanks for the help.
There are probably somebody out there who think I’ve missed the point completely, and that I’m completely ignorant. I won’t say that it’s completely unthinkable, but when I’m done with this project, I’ll not be going near anything Microsoft for a very long while.