Introduction to .NET FX 3.0(+ sneak preview of .NET FX 3.5)

Martin ParryDeveloper & Platform GroupMicrosoft LtdMartin.Parry@microsoft.com http://www.martinparry.com

Mike TaultyDeveloper & Platform GroupMicrosoft LtdMike.Taulty@microsoft.com http://www.mtaulty.com

Intro - .NET Framework v3.0

Shipped last yearCardSpace, WCF, WPF, WFSupported on: -

Windows XP SP2Windows Server 2003Windows Vista

Uses CLR v2.0, VS 2005, no language changes

Intro - .NET Framework v3.5

Will ship with Visual Studio 2008Currently available in Beta 1Enhancements to some v3.0 features, plus new bitsStill uses CLR v2.0Visual Studio 2008Some language additions

Agenda

9:45 – 11:00 Martin ParryWCF and Windows

CardSpace11:00 – 11:15 Break11:15 – 12:30 Mike Taulty

WPF and WF12:30 Close

Windows CardSpace &Windows Communication Foundation(3.0 and a bit of 3.5)Martin ParryDeveloper & Platform GroupMicrosoft LtdMartin.Parry@microsoft.com http://www.martinparry.com

Identity - Problems

PasswordsToo easy to crack, or too hard to remember

I want multiple identitiesBecause I don’t trust all recipients the sameResults in identity silos on the web

Banks etc. would like sign-on to be much more complex

Human beings are the limiting factorNobody trusts a single organization...

Identity – What’s the problem?

Identity – What’s the problem?

Identity - Solutions

Must work cross-platformMust allow me several identitiesMust put me in control of my identitiesMust not put a single org. in chargeMust allow recipients to define arbitrarily complex sign-on data...and protect the user from that complexity

What have we got?

WS-* specs give us cross-platform commsSAML tokens are a standard way to exchange identity claimsPutting these together inside an open, consistent architecture gives us...The Identity Metasystem

The Identity MetaSystem

Policy

2.

“I would like a SAML 1.1 token, containing First Name, Surname, issued by *any*”

3. UI filters cards that can satisfy policy

4. User picks a card

5. Token is requested

1. Access resource

6. Token is created

7. Token is presented

Relying Party

Identity Provider

Types of Information Card

Personal CardRefers to self-issued security tokenSecurely stored on user’s PCFixed set of claims available

Managed CardRefers to Identity Provider that can issue tokensUser’s PC stores only the IP detailsClaims are extensible

Windows CardSpace

What’s in the HTML?<form id="form1" method="post" action="login1.aspx"><div> <button type="submit">Click here to sign in</button> <object type="application/x-informationcard" name="xmlToken">  <param name="tokenType" value="urn:oasis:names:tc:SAML:1.0:assertion"/>  <param name="issuer"

value="http://schemas.xmlsoap.org/ws/2005/05/identity/issuer/self"/>  <param name="requiredClaims"   value="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname        http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname        http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress 

http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" />

</object></div></form>

Communications

Basic, OpenComms

ASMX Ent Services

Secure,Transaction

al

WSE

Secure, Open

Comms

Sys.MessagingMSMQ, Txns,

QueuingFast, Secure,

Binary

Remoting

Distributed Applications

Services pass messages described by a contractService may provide metadata, describing: -

The contractThe policy applied to communication

“Client”Message

Message

“Service”

Metadata

Message (SOAP)

Headers: Addressing, Security, etc.

Body: Payload

What do I send?

Where do I send it?

How should I send it?

Contract

Address

Binding

Mechanics of Communication

“Service”“Client”

Transport?

Encoding?

Security?

Mechanics of Communication

“Service”“Client”

EndpointContractBindingAddress

EndpointContractBindingAddress

EndpointContractBindingAddress

Basic WCF

Client

WCF – sketched architecture

Binding(ordered list of channel types & config)

channel type N

channel type 2

channel type 1config

config

config

Your code

Service

Your code

Met

adat

a

objects XML

formatting

channel

channel

channel

Transport Channel (HTTP, TCP, MSMQ, Pipes, Peer)

channel

channel

channel

decodingencoding

behaviours behaviours

Instancing, Concurrency, Sessions

Service classes can be instantiated: -Singleton, Per-Call, Per-Session, Shareable

Service code can be either: -Single threaded, Re-entrant or Multi-threaded

Client

Service

Singleton

Message B

Message C

Message A

Instancing, Concurrency, Sessions

Service classes can be instantiated: -Singleton, Per-Call, Per-Session, Shareable

Service code can be either: -Single threaded, Re-entrant or Multi-threaded

Client

Service

Single Call

Single Call

Single Call

Message B

Message C

Message A

Instancing, Concurrency, Sessions

Service classes can be instantiated: -Singleton, Per-Call, Per-Session, Shareable

Service code can be either: -Single threaded, Re-entrant or Multi-threaded

Client

Service

Per SessionMessage B

Message Asession

Per SessionMessage C

More WCF

Summary

CardSpaceSolving the problems associated with identityIt’s the Identity Selector for WindowsPart of cross-platform, open, identity metasystem

Windows Communication FoundationUnified, highly extensible messaging APIFX3.5 adds non-SOAP messaging

© 2007 Microsoft Ltd. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.

The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the

date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.