Abstract:
Not placing a limit on the use of system resources could result in resource exhaustion and ultimately a denial of service.
Explanation:
Windows Communication Foundation (WCF) offers the ability to throttle service requests. Allowing too many client requests can flood a system and exhaust its resources. On the other hand, allowing only a small number of requests to a service can prevent legitimate users from using the service. Each service should be individually tuned to and configured to allow the appropriate amount of resources.
In this case, PDLCWcfService.dll.config does not contain a <serviceThrottling> tag which indicates the service is using default resource allocation values that are likely to be suboptimal.
Recommendations:
Enable WCF's service throttling feature and set limits appropriate for your application.
The following is an example configuration with throttling enabled:
<system.serviceModel>
<behaviors>
<serviceBehaviors>
<behavior name="Throttled">
<serviceThrottling
maxConcurrentCalls="[YOUR SERVICE VALUE]"
maxConcurrentSessions="[YOUR SERVICE VALUE]"
maxConcurrentInstances="[YOUR SERVICE VALUE]" />
...
</system.serviceModel>
0 comments:
Post a Comment