.NET Services

John ShewchukTechnical FellowMicrosoft Corporation

Azure Services PlatformMicrosoft SharePoint Services

Microsoft Dynamics CRM Services

.NET ServicesThree key takeaways

1. Powerful building blocks to help with Access Control and Application Messaging

2. Easy to use3. Based on open standards

Using .NET Services

demo

Facebook

Yahoo

Demo - Access Control

Google App Engine

Browser

www.chefsintl.com

acs.chefsintl.com

.NET AccessControl Service

1 2

3

4*

* To keep the diagram simpler the redirection through the browser is not shown

5*

7

6

8 9

Demo - Service Bus

Google App Engine

Browser

www.chefsintl.com

.NETService Bus

Windows “Toast”

AJAX web site

1

23 3

The Roadmap

First CTP

Fall 2008 Spring 2009

Updated CTPs

Fall 2009

Commercial Availability

Summer 2009

Pricing & SLA Confirmation

.NET Service Bus

Service Bus

ChallengesYou want to make it easy and secure for partners to integrate with your applicationBut you don’t always know ahead of time the characteristics or scale of the integrationPlus partners and customers have devices and services running behind firewalls

ApproachProvide a highly-available “Service Bus” based on standard Internet protocols

The Service Bus Pattern

Service Registry

Applications, Workflows, …

Federated Identity

and Access Control

Clients Cloud ServicesOn-Premises

Desktop, RIA, Web

Storage

Billing

…Comput

e

Desktop, RIA, Web

Web, Desktop, RIAs,

…Corp

Service

Your Servic

es

Application Messaging Patterns

Connectivity Fabric

ESB

Service Bus Capabilties

Connectivity FabricNAT / firewall traversalMobile & intermittently connected receivers

Application Messaging

Bi-directional / peer-to-peer communicationPublish and subscribe – multicast to receivers through a stable URICloud buffering – web integration, “queues”, …

Service RegistryStable URIs for servicesDiscovery – supports Atom pub, …

Service Bus Workflows

Simple hosted message processing activitiesConditional behavior, fire events, transform messages, send mail, …

Mulitcast Chat

Demos

Five Cool Service Bus Tricks

1. Create a custom, peer-to-peer Instant Messenger application in ~20 lines

2. Pop a “toast” when you have a new customer order

3. “Slingbox” your videos from home

4. Easy, secure, web-based sharing from mobile devices

5. Integrate and orchestrate corporate billing and fulfillment systems

.NET Access Control

Access Control

ChallengesLots of identity providers, many vendors, protocol variability – tricky to get it all rightAccess checks strewn throughout applicationsHard to be agile, compliant, and flexible

ApproachFederate a wide-range of identity providers and technologies – pluggable tooFactor out access control logic into manageable collection of rules

The Access Control Pattern

Your Access Control Project

Your App(Relying Party)

2. Send token

(Initial claims;

e.g. identity)

4. Return token

(output claims from

3)

5. Send tokenw/ request

0. Trust exchanged; secrets, certs

User(Application)

1. Define access control

rules

6. Check for

claims

3. Map input claims to output claims based on access control rules

Secure Calculation

Demos

Access Control Capabilties

A hosted security token serviceThe output security token contains claims computed from claims in incoming tokens

Define and manage rules to map claims to claims

Create and manage scopes; e.g. URLsCreate and manage claim typesCreate and manage signing and encryption keysCreate and manage rules within an application scopeRules can be chained; e.g. Bob Manager, Manager Edit – enables RBAC or moreManage permissions on scopes; e.g. delegation

Standards based – works with Java, Ruby, PHP, …

5 Cool Access Control Tricks

1. Share a private Warcraft guild page with friends at Facebook/Yahoo in a few lines

2. Sell ad space in games and enable subleasing

3. Give enterprise users automatic access to a python-based training application

4. Generate access control reports across multiple applications and roles

5. Give friends permission to let their friends access the party pictures

.NET Services in Practice

ScrumWall

Dan ScarfeCEODot Net Solutions

Demo

CinemaMIX

Todd Holmquist-SutherlandPrincipal Program Manager / ArchitectCSD Technical Strategy Team, Microsoft

Demo

Get going with Azure CTPsRegister for a free Azure account Download the SDKshttp://www.azure.com

Learn more about .NET ServicesAccess Control – Justin Smith – 2:30 – this roomService Bus - Clemens Vasters – 4:25 – this room

Next Steps

Please Complete an Evaluation FormYour feedback is important!

Evaluation forms can be found on each chairTemp Staff at the back of the room have additional evaluation form copies

© 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.

The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after

the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.