Announcing the Policy Injection Application Block

Just when you thought you knew everything there was to know about Enterprise Library 3.0, we have one last surprise in store: a new application block! The Policy Injection Application Block got off to a late start, but we're making good progress now and we'll ship the first public drop in the February 2007 CTP. The final release of Enterprise Library 3.0 (scheduled for late March) will of course contain the final release.

But first things first: what the hell is this thing? The short(ish) answer is that the Policy Injection Application Block will simplify the separation of business logic from cross cutting concerns, by letting you define policies and the objects/methods they apply to in a declarative way. Each policy contains a pipeline of "handlers" that are executed before and after a policy-enabled method is called. The handlers can do whatever you want, but the most common scenario will be to implement cross-cutting concerns such as logging, validation, exception handling and authorization. By amazing coincidence, Enterprise Library already includes blocks that implement these kinds of capabilities, so our out-of-the-box handlers will be simple wrappers over existing application blocks.

For a detailed description of the design and the rationale behind it, check out Ed Jezierski's post - but to get you started, here are a few more details on how this will work. The Policy Injection Application Block will provide a special Factory class that you can use to create instances of objects that may potentially have policies defined on them. I say potentially as one of the big benefits of this block is that you can define and change the policies through configuration, so you won't actually know at compile time which objects will have policies defined. The factory will inspect the configuration and determine if a policy exists. If no such policy exists, the factory will create an instance of the requested object and return it. If a policy does exist, the factory will create a proxy (technically a transparent proxy / real proxy pair) for the object, and wire this up to the chain of handlers and ultimately the real object. To the client, the proxy looks and smells exactly like the real object, but it will have the policies injected between the proxy and the real object.

The configuration for the block will look something like this:

  • Policy Injection Application Block
    • MyPolicy1
      • Matching Rules
        • MyMatchingRule1
        • MyMatchingRule2
        • ...
      • Handlers
        • MyHandler1
        • MyHandler2
        • ...
    • MyPolicy2
      • ...
    • ...

As you can see, each policy consists of a collection of matching rules and a collection of handlers. A matching rule is basically a predicate that defines which types and members the policy should apply to. If you specify more than one matching rule, all must apply for a policy to take effect. Out of the box we will ship matching rules that check for a specific assembly, namespace, type, method signature, or specific attributes on type or member definitions. Of course you'll also be able to write your own matching rules, should you want a policy to apply only when the moon is full or something similarly obscure. In the event that a particular class/method matches more than one policy, all of the matching policies will be executed in the order that they are defined.

Handlers are the classes that do the interesting work before and/or after a method is called. A handler is able to inspect the payload of the method call or return value, act on it, and even change it. In normal situations each handler will do its preprocessing work, invoke the next handler, wait for the call to return, do postprocessing work, and return control to the previous handler. However in certain situations a handler may decide not to call the next handler at all. One good example is an Authorization Handler. Its job is to check whether the current user is authorized to call the method. If the check shows the user is good to go, the handler will invoke the next handler in the chain. However if the user is not authorized, the handler will create an exception, package it up and send it back to the previous handler in the chain as shown below:

From the client's perspective, the result will appear identical to what would happen if the target object threw the exception itself, although in this case the exception was generated without ever calling the real object.

As I mentioned before, the handlers we will supply out of the box will be thin wrappers around existing application blocks, although again you can easily create your own. While the number of handlers and the details on how they will work are not entirely set in concrete, here is what we are hoping to include:

  • Validation Handler. This will look for validation rules applied on the method parameters or within types in the message signature, and call the Validation Application Block to check the supplied parameters against the validation rules. If validation succeeds the method will be called. If not, the handler chain will be aborted and an exception will be returned to the client.
  • Logging Handler. This will call the Logging Application Block to write a log message either before the method is called, after the method is called, or both. Optionally the handler will be able to log details such as supplied parameter values and call execution time.
  • Exception Handling Handler. This handler will do nothing before the method is called, and do nothing after the method is called unless an exception was thrown. If an exception was thrown, the handler will pass it to the Exception Handling Application Block using a specified exception policy, and any resulting exceptions will be returned to the client. In effect this will eliminate the need for boilerplate exception blocks when using the Exception Handling Application Block.
  • Performance Counter Handler. This will create a number of performance counter instances measuring things like number of calls, calls per second, average call execution time and number and rate of exceptions thrown by the target method.
  • Authorization Handler. This handler will use a specified authorization provider configured with the Security Application Block to check if the current user (obtained from the thread principal) is authorized to perform the current task (specified in the handler configuration). If so, the target object is called. If not, an exception will be returned to the client.
  • Caching Handler. This handler will generate a cache key based on the target method signature and values, and use the Caching Application Block to see if the method has already been called with these values within the configured cache threshold. If a value was found in the cache, it will be returned to the client and the handler chain will be aborted (i.e. the object will not actually be called). If a value was not found in the cache, the method will be called, and the return value will be added to the cache on the return path.

We're very excited by the potential for this block to help simplify your code and provide increased flexibility to change cross-cutting concerns at different stages of the application lifecycle. Keep in mind that the first drop of the Policy Injection Application Block (in the February 2007 CTP) will still be incomplete, but we'd love to hear your feedback to help us make the final release as valuable as possible.

By the way, if you're not the kind of person who likes surprises, apologies for springing this on you so late. It wasn't our intention to be secretive, however until very recently we were still not sure if we were going to be able to include this functionality in this release of Enterprise Library, so we didn't want to set expectations too early. Hopefully it was worth the wait, and that you can file it under "good surprises" :-)

Thanks to Alex Homer for the great graphics, which were taken from the draft documentation.

Comments

  • Anonymous
    February 23, 2007
    PingBack from http://blogs.msdn.com/edjez/archive/2007/02/23/policy-injection-app-block-behind-the-scenes.aspx

  • Anonymous
    February 23, 2007
    Very cool indeed. Is this all config file driven or are there any attributes to support this functionality a la AOP (Aspect Oriented Prog)

  • Anonymous
    February 23, 2007
    Kris: so far it is all configuration driven, although one of the matching rules will check for the existence of a particular attribute, so you can do something like this: [Tag("AuthorizeMe")] public void DoStuff() ... where there is a policy defined in configuration that will look for this particular tag. For the final release we're hoping to add the ability to explicitly attach handlers to types and methods via attributes, without the need for any configuration. Tom

  • Anonymous
    February 23, 2007
    Hi Tom, I am wondering if (or how) the ObjectBuilder is used in this Policy Injection Application Block? Thanks

  • Anonymous
    February 23, 2007
    Do you wonder how to apply authorization, validation, logging and other requierements to you business

  • Anonymous
    February 23, 2007
    The comment has been removed

  • Anonymous
    February 23, 2007
    The comment has been removed

  • Anonymous
    February 24, 2007
    Many software projects experience disappointing productivity. Often productivity problems are inherent

  • Anonymous
    February 25, 2007
    Hi Tom, Great to see this implemented! As far as the factory for instance creation is concerned, does this place any restrictions on how instances can be instantiated e.g. only via a default constructor, thus no parameterised constructors? Cheers, Matt

  • Anonymous
    February 25, 2007
    The comment has been removed

  • Anonymous
    February 25, 2007
    The comment has been removed

  • Anonymous
    February 25, 2007
    Another point, this time on the implementation. Why taking the MarshalByRef (or really contextboundobject) path? This is really much slower then dynamic runtime subclassing.

  • Anonymous
    February 25, 2007
    Some comments summed up in a post: http://www.lowendahl.net/showShout.aspx?id=118

  • Anonymous
    February 26, 2007
    I can't wait to see how PIAB work and I intend to test out on my project which already using WCSF and WSSF. Currently I am using NAspect and I see usage of attribute for matching rule offers a different kind of flexibility for me. I also wonder how the debugging facility will work in PIAB, ie will the debugger goes into the handler class so I can trace what is going on.

  • Anonymous
    February 26, 2007
    The comment has been removed

  • Anonymous
    February 26, 2007
    Tom and Ed have complimentary articles on the Policy Injection Application Block: Tom's Announcing the

  • Anonymous
    February 26, 2007
    Announcing the Policy Injection Application Block

  • Anonymous
    February 28, 2007
    OK, I know the sun has already set on February in some parts of the world, but over here it's still well

  • Anonymous
    February 28, 2007
    OK, I know the sun has already set on February in some parts of the world, but over here it's still

  • Anonymous
    February 28, 2007
    What a week! Both the new Visual Studio "Orcas" and Enterprise Library 3.0 CTPs are released. Enterprise

  • Anonymous
    March 01, 2007
    Microsoft Patterns and Practices released the Enterprise Library 3.0 February 2007 CTP last night. A

  • Anonymous
    March 01, 2007
    The comment has been removed

  • Anonymous
    March 01, 2007
    Apologies. I realized that you guys aren't actually using context interception, but rather Real/Transparent proxy.  However, the performance drawback is virtually identical.

  • Anonymous
    March 01, 2007
    Patrik Löwendahl har gjort mig uppmärksam på att Patterns och Practices gruppen hos Microsoft har annonserat

  • Anonymous
    March 02, 2007
    Цікавий сьогодні день, на новинки... 1) Enterprise Library 3.0 February 2007 CTP . Останній CTP до релізу.

  • Anonymous
    March 02, 2007
    Harry wonders if it has been a slow week. It started that way for me but its certainly not now with both

  • Anonymous
    March 04, 2007
    As announced on Tom Hollander's blog, the Microsoft Enterprise Library 3.0 will include a new application

  • Anonymous
    March 04, 2007
    Since Both Tom and Ed wrote an article explaining whatever the Policy Injection Application Block [PIAB]

  • Anonymous
    March 05, 2007
    Kijött a februári CTPje az Enterprise Library 3.0-nak , ami RCnek is tekinthető. Miért is jó ez nekünk?

  • Anonymous
    March 05, 2007
    The next version of Enterprise Library will be getting an AOPish block called the Policy Injection Application...

  • Anonymous
    March 06, 2007
    I wanted to quickly fill you in on a couple of new additions we've made to the Policy Injection Application

  • Anonymous
    March 08, 2007
    This is really a great effort. It will simplify the development by making code clean and configurable. I am concerned about the performance of the PIAB. Thanks

  • Anonymous
    March 18, 2007
    By looking at the .NET Framework in earlier versions there has been a notable gap in enterprise functionality

  • Anonymous
    March 18, 2007
    By looking at the .NET Framework in earlier versions there has been a notable gap in enterprise functionality

  • Anonymous
    March 18, 2007
    Do we have a possibility to change configurations (Logging configurations for Example) at runtime without restarting the application. Kindly provide links if explanation already available.

  • Anonymous
    March 19, 2007
    PolicyInjectionApplicationBlock NEW!ThisreleaseofEnterpriseLibraryincludesanewPolicyIn...

  • Anonymous
    March 23, 2007
    Azért ez nem teljes RC, pont a PIAB döcögős még benne. Különben is jobb többször mint egyszer sem:)

  • Anonymous
    April 05, 2007
    Yes, it's finally here. The patterns & practices team is pleased to announce the official release

  • Anonymous
    April 05, 2007
    How is this different then EDRA?

  • Anonymous
    April 05, 2007
    The comment has been removed

  • Anonymous
    April 05, 2007
    Enterprise Library 3.0 – April 2007 发布

  • Anonymous
    April 05, 2007
    Enterprise Library 3.0 Released

  • Anonymous
    April 05, 2007
    The patterns & practices team has announced the official release of Enterprise Library 3.0 - April

  • Anonymous
    April 06, 2007
    Most excellent. I have looked at Enterprise Library in the past, but never quite found a suitable project

  • Anonymous
    April 06, 2007
    Overview The patterns & practices Enterprise Library is a library of application blocks designed

  • Anonymous
    April 06, 2007
    I hope you're enjoying the new release of Enterprise Library ! One of the more interesting inclusions

  • Anonymous
    April 08, 2007
    Despues de mucho esperaracion oficial del Enterprise Library 3.0 - April 2007 para.NET Framework 2.0 / 3.0. Punntos sobresalientes Si estuvieron tan atentos como yo los CTPs no habra muchas sorpres ...

  • Anonymous
    April 08, 2007
    Buenas hace un par de días se liberó Enterprise Library 3.0 ; y ya empezamos a tener pequeños aplicativos

  • Anonymous
    April 08, 2007
    Buenas hace un par de días se liberó Enterprise Library 3.0 ; y ya empezamos a tener pequeños aplicativos

  • Anonymous
    April 08, 2007
    Buenas hace un par de días se liberó Enterprise Library 3.0 ; y ya empezamos a tener pequeños aplicativos

  • Anonymous
    April 09, 2007
    EntLib 3.0 just dropped . Go get the bits here . For more details, see Tom Hollander's most excellent

  • Anonymous
    April 10, 2007
    Luogo molto buon:) Buona fortuna!

  • Anonymous
    April 11, 2007
    Can we use PIAB in WCF services? What I mean is I want to intercept my service call and do some preprocessing before the real service api gets invoked. For ex. one of the api in my service is AddCustomer(Customer obj). What I want is before this api gets called I want  Customer object to go through some validation, default value filler and what not. In my whole Microsoft career I worked for short duration on Java EJB 3.0 recently. I used Interceptor to do such kind of stuff on EJB Bean api's. So can we use PIAB on WCF services to do similar task?

  • Anonymous
    April 11, 2007
    The comment has been removed

  • Anonymous
    April 23, 2007
    While I was gone (three weeks in the US on vacation) pattern and practices have released Enterprise Library

  • Anonymous
    April 23, 2007
    Kijött a februári CTPje az Enterprise Library 3.0-nak , ami RCnek is tekinthető. Miért is jó ez nekünk

  • Anonymous
    May 15, 2007
    Continuing my journey in Enterprise Library 3.0 mysterious ways, I decided to check out the Policy Injection

  • Anonymous
    May 19, 2007
    Když byla před měsícem zveřejněna Enterprise Library 3.0, stěží jsem tomu věnoval pozornost. Hmmm, co

  • Anonymous
    September 08, 2007
    The comment has been removed

  • Anonymous
    October 01, 2007
    generic zoloft no prescription overnight shipping

  • Anonymous
    June 23, 2008
    Have you used Aspect Oriented Programming (AOP) or Policy Injection? They’re pretty much the same thing.

  • Anonymous
    July 15, 2008
    It's been a long time that I've been thinking of writing this blog post but was strugling to find some