Checking post-conditions in SOA as (or more) important than checking pre-conditions
I agree with Clemens on the postcondition discussion. At the risk of using two quickie "gun/bullet" analogies in a month, I offer this one to explain why checking post-conditions is as (or more) important as checking pre-conditions.
It's better to take the bullets out of the gun, than to wear a bullet-proof vest.
Too often message validation is considered a defensive manuever to protect one's self from bad input. I believe this "knee-jerk" style of coding is an artifact of C and C++ where engineers always check input pointers for nulls and such.
In a system that is constrained by contracts, you certainly know as much about the outgoing messages and inherent contract as the incoming, so there's no reason not validate the outbound messages.
Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.
Comments are closed.
If you get a bad message and carry on regardless, you shoot yourself in the foot.
If you send out a bad message, you shoot someone else in the foot.
So naturally people are going to worry more about the first case than the second. ;)