microsoft .net services an introduction
DESCRIPTION
Microsoft .NET Services An Introduction. Clemens Vasters Technical Lead Microsoft Corporation. Azure ™ Services Platform. A Look Inside Azure. Your Applications. …. Service Bus. Workflow. Database. Analytics. Identity. Contacts. Access Control. …. Reporting. …. Devices. …. - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Microsoft .NET Services An Introduction](https://reader035.vdocuments.mx/reader035/viewer/2022062323/56816334550346895dd3ba97/html5/thumbnails/1.jpg)
1
Azure™ Services Platform
Microsoft .NET ServicesAn Introduction
Clemens VastersTechnical LeadMicrosoft Corporation
![Page 2: Microsoft .NET Services An Introduction](https://reader035.vdocuments.mx/reader035/viewer/2022062323/56816334550346895dd3ba97/html5/thumbnails/2.jpg)
2
Azure™ Services Platform
![Page 3: Microsoft .NET Services An Introduction](https://reader035.vdocuments.mx/reader035/viewer/2022062323/56816334550346895dd3ba97/html5/thumbnails/3.jpg)
A Look Inside Azure
ServiceBus
AccessControl
Workflow
…
Database
Reporting
Analytics
…
Compute Storage Manage
Identity
Devices
Contacts
…
…
…
Your Applications
![Page 4: Microsoft .NET Services An Introduction](https://reader035.vdocuments.mx/reader035/viewer/2022062323/56816334550346895dd3ba97/html5/thumbnails/4.jpg)
Extending .NET technologies to the cloudOpen and Interoperable
REST, SOAP, ATOM, …Class libraries for Java, Ruby, …
Easy-to-use from .NET Build on existing skills and concepts
Initial focus on three key challengesApplication IntegrationApplication ExtensibilityFederated Access Control
.NET Services - Principles
![Page 5: Microsoft .NET Services An Introduction](https://reader035.vdocuments.mx/reader035/viewer/2022062323/56816334550346895dd3ba97/html5/thumbnails/5.jpg)
Enterprise Service Bus
Service Orchestration
Service Registry
NamingFederated Identity and
Access Control Messaging Fabric
CRM
Customers Leads
TrendsCampaigns
Supply Chain
Inventory Order Entry
PlanningPurchasing
Point Of Sale
POS Integration
Product Catalog
ReturnsWeb Store
![Page 6: Microsoft .NET Services An Introduction](https://reader035.vdocuments.mx/reader035/viewer/2022062323/56816334550346895dd3ba97/html5/thumbnails/6.jpg)
Internet Service Bus
Service Orchestration
Service Registry
NamingFederated Identity and
Access Control Messaging Fabric
Clients MS/3rd Party ServicesOn-Premise ESB
ESBDesktop, RIA, Web
Desktop, RIA, & Web
Your Services
![Page 7: Microsoft .NET Services An Introduction](https://reader035.vdocuments.mx/reader035/viewer/2022062323/56816334550346895dd3ba97/html5/thumbnails/7.jpg)
Secure Cross-Enterprise Integration
Fabrikam
AD
.NET Service Bus. NET Access Control Service
Contoso
AD
Purcha-sing
Order Entry
IdentityProvider
Trust
Access Control Rules govern endpoint access
Zero Inbound Firewall/NAT Ports
![Page 8: Microsoft .NET Services An Introduction](https://reader035.vdocuments.mx/reader035/viewer/2022062323/56816334550346895dd3ba97/html5/thumbnails/8.jpg)
Secure Cross-Enterprise Integration
Fabrikam
AD
Access Control
Contoso
AD
Purcha-sing
Order Entry
IdentityProvider
Trust
Access Control Rules govern endpoint access
Outbound-only Internet edges
Access Control
AD
Purcha-sing
Order Entry
1 . Acquire Identity Token
2 . Acquire Access
Token w/ ID Token 3 . Send
Message with Access
Token
4 . Validate Access Token
5. Relay Message to
Target
![Page 9: Microsoft .NET Services An Introduction](https://reader035.vdocuments.mx/reader035/viewer/2022062323/56816334550346895dd3ba97/html5/thumbnails/9.jpg)
Point Of Sale Integration
Fabrikam
AD
.NET Service Bus. NET Access Control Service
Partner StoreHelsinki
Analytics Inventory
Factory StoreMadrid
Inventory
FactoryStoreBrussels
Inventory
Real-time Sales and Inventory Analytics
![Page 10: Microsoft .NET Services An Introduction](https://reader035.vdocuments.mx/reader035/viewer/2022062323/56816334550346895dd3ba97/html5/thumbnails/10.jpg)
Document Itineraries
Fabrikam
AD
.NET Workflow Service
.NET Service Bus. NET Access Control Service
Parts VendorB
Purcha-sing
Order Entry
PartsVendorA
Order Entry
LogisticsPartner
Order Entry
Just-In-Time Acquisition and Delivery
On-Demand Delivery
Workflow
![Page 11: Microsoft .NET Services An Introduction](https://reader035.vdocuments.mx/reader035/viewer/2022062323/56816334550346895dd3ba97/html5/thumbnails/11.jpg)
Personal Photo Sharing
. NET Access Control Service
Borge’sHomeServer
Photos
Ahti’sPDA
Photos
Maria’sMac
Photos
Celine’sPC
Photos
.NET Service Bus
Eva’sPhone
Photos
Residential Broadband or
GSM or 3G
![Page 12: Microsoft .NET Services An Introduction](https://reader035.vdocuments.mx/reader035/viewer/2022062323/56816334550346895dd3ba97/html5/thumbnails/12.jpg)
.NET Access Control Service
Service Orchestration
Service Registry
NamingFederated Identity and
Access Control Messaging Fabric
![Page 13: Microsoft .NET Services An Introduction](https://reader035.vdocuments.mx/reader035/viewer/2022062323/56816334550346895dd3ba97/html5/thumbnails/13.jpg)
Many identity providers, many vendors, many protocols, complex semantics – tricky to get rightApplication strewn with one-off access logicHard to get right, not agile, not compliant, many dead ends
Access Control – Key Challenges
Corporate Directory
Solution Identities
Extranet Identities
SaaS Platform Identities
…
![Page 14: Microsoft .NET Services An Introduction](https://reader035.vdocuments.mx/reader035/viewer/2022062323/56816334550346895dd3ba97/html5/thumbnails/14.jpg)
Automate federation for a wide-range of identity providers and technologiesFactor the access control logic from the application into manageable collection of rulesEasy-to-use framework that ensures correct
token processing
Access Control – Approach
Corporate Directory
Solution Identities
Extranet Identities
SaaS Platform Identities
…
.NET Access Control Service
![Page 15: Microsoft .NET Services An Introduction](https://reader035.vdocuments.mx/reader035/viewer/2022062323/56816334550346895dd3ba97/html5/thumbnails/15.jpg)
Access Control Interactions
Your Access Control Project(a hosted STS)
Relying Party(Your App)
2. Send Claims4. Send Token
(output claims from 3)
5. Send Messagew/token
0. Certificate exchange; periodically refreshed
Requestor(Your Customer)
Define access control rules for a customer
6.Claims checked in
Relying Party
3. Map input claims to output claims based on access control rules
IP
1. Acquire Claims
![Page 16: Microsoft .NET Services An Introduction](https://reader035.vdocuments.mx/reader035/viewer/2022062323/56816334550346895dd3ba97/html5/thumbnails/16.jpg)
Scope: Protected resource hierarchySubscope: Delegated, independent branch
Rule: ‘All’ or ‘Any’ input-claims matchPositive rule match yields single output-claim
Access Control Rules Contoso Litware Fabrikam
Scope – http://contoso.com/
Subscope – http://contoso.com/sales/Group ‘CorpSales’ from Contoso ‘Contrib-Internal’
Group ‘Contoso’ from Litware ‘Contrib-External’
Group ‘Purchasing’ from Fabrikam ‘Read-Partners’
Group ‘Admins’ from Contoso ‘Administrator’
![Page 17: Microsoft .NET Services An Introduction](https://reader035.vdocuments.mx/reader035/viewer/2022062323/56816334550346895dd3ba97/html5/thumbnails/17.jpg)
Flexible, rules-driven access controlRich support for a wide range of identity providersThe Geneva framework is the .NET developer experienceEasy to incorporate into existing applicationsWorks with lots of other environments; e.g. Sun’s Java Metro 1.3, …
Access Control Summary
![Page 18: Microsoft .NET Services An Introduction](https://reader035.vdocuments.mx/reader035/viewer/2022062323/56816334550346895dd3ba97/html5/thumbnails/18.jpg)
.NET Workflow Service
Service Orchestration
Service Registry
NamingFederated Identity and
Access Control Messaging Fabric
![Page 19: Microsoft .NET Services An Introduction](https://reader035.vdocuments.mx/reader035/viewer/2022062323/56816334550346895dd3ba97/html5/thumbnails/19.jpg)
Want to describe long-running processesWant to orchestrate work across servicesWant modularity and nestingEasy to describe but in practice harder to run
Hosting and scaling can be challengingSetup and installing, define scale-out approach, ensure long-running availability, manage upgrades, …
Workflow – Key Challenges
![Page 20: Microsoft .NET Services An Introduction](https://reader035.vdocuments.mx/reader035/viewer/2022062323/56816334550346895dd3ba97/html5/thumbnails/20.jpg)
Internet-Scoped Service OrchestrationSpecialized Activity Library
Workflow Service – Overview
.NET Workflow
ServiceTypes Instances
WF Models(XOML)
Control Flow
+Activities
Portal API
Visual Studio Workflow Designer
Custom Designers / Generators
![Page 21: Microsoft .NET Services An Introduction](https://reader035.vdocuments.mx/reader035/viewer/2022062323/56816334550346895dd3ba97/html5/thumbnails/21.jpg)
WF is a general-purpose FrameworkBroad extensibility: Custom and code activitiesSimple hosting options (standalone or via WCF)Sophisticated hosting options via extensions
.NET Workflow Service builds on WFSpecialized, high-scale, resilient hosting environmentSpecialized set of activities for OrchestrationIntentionally not a general-purpose host
Windows Workflow Foundation vs.
.NET Workflow Service
Scalability & Fault Resilience
Less Constrained Runtime More Constrained Runtime
![Page 22: Microsoft .NET Services An Introduction](https://reader035.vdocuments.mx/reader035/viewer/2022062323/56816334550346895dd3ba97/html5/thumbnails/22.jpg)
22
Supported Workflow Activities (PDC)
Standard WF Activity Description
IfElse Conditional Branch
Sequence Sequence of Activities
Suspend Suspends execution until external intervention
Terminate Terminates the workflow
While Executes a conditional loop
.NET Workflow Activity Description
Delay Delays execution for a period of time
HttpSend Sends an outbound HTTP request
HttpReceive Waits for an inbound HTTP request
ServiceBusSend Sends a message via the Service Bus
XPathRead Extracts a value from a message using XPath
XPathUpdate Updates a value in a message using XPath
![Page 23: Microsoft .NET Services An Introduction](https://reader035.vdocuments.mx/reader035/viewer/2022062323/56816334550346895dd3ba97/html5/thumbnails/23.jpg)
Execute Workflows with high availabilityDesign Workflows using existing toolsEasily deploy and manage WorkflowsPortal for easy accessManagement APIs for rich automation
Workflow Service Summary
![Page 24: Microsoft .NET Services An Introduction](https://reader035.vdocuments.mx/reader035/viewer/2022062323/56816334550346895dd3ba97/html5/thumbnails/24.jpg)
.NET Service Bus
Service Orchestration
Service Registry
NamingFederated Identity and
Access Control Messaging Fabric
![Page 25: Microsoft .NET Services An Introduction](https://reader035.vdocuments.mx/reader035/viewer/2022062323/56816334550346895dd3ba97/html5/thumbnails/25.jpg)
Key developer challengesWant to make it easy and secure for partners to use your applicationDon’t always know the characteristics or scale of the integrationPartners / customers / users have devices and services running behind firewalls
Approach Provide a high-scale, high-available “Service Bus” that supports open Internet protocols
Service Bus
![Page 26: Microsoft .NET Services An Introduction](https://reader035.vdocuments.mx/reader035/viewer/2022062323/56816334550346895dd3ba97/html5/thumbnails/26.jpg)
IPv4 Address ShortageDynamic IP address allocationNetwork Address Translation (NAT)
Internet is pwn3d by the bad guysFirewalls layered over firewalls over firewalls
Connectivity Challenges
Sender Receiver?Machine Firewall
Network FirewallNetwork Address Translation
Dynamic IP
![Page 27: Microsoft .NET Services An Introduction](https://reader035.vdocuments.mx/reader035/viewer/2022062323/56816334550346895dd3ba97/html5/thumbnails/27.jpg)
Service Bus Naming
Federated, hierarchical, DNS-integrated, transport-neutral naming system
Root
Solution
Solution
Solution
NameB
NameC
Name1
Name2
Name3
NameA
![Page 28: Microsoft .NET Services An Introduction](https://reader035.vdocuments.mx/reader035/viewer/2022062323/56816334550346895dd3ba97/html5/thumbnails/28.jpg)
[http|sb]://servicebus.windows.net/services/account/svc/…
Service Registry
Rootservicebus.windows.
netservices
account
contoso
…
svc
Service Registry Root
Multi-Tenant
The service registry provides a mapping from URIs to services
![Page 29: Microsoft .NET Services An Introduction](https://reader035.vdocuments.mx/reader035/viewer/2022062323/56816334550346895dd3ba97/html5/thumbnails/29.jpg)
Three key capabilitiesMulti-protocol, relayed connectivity
Ensure applications can interconnectDiscovery via common service registry
NAT-NAT Traversal Uses the relay to establish communication Then shortcuts for efficiency
One-way datagram/event distributionUnicast, Multicast and – soon – Anycast Lightweight publish/subscribe modelModel will expand to cover queues and topics
Available in .NET via WCF Bindings
Connectivity
![Page 30: Microsoft .NET Services An Introduction](https://reader035.vdocuments.mx/reader035/viewer/2022062323/56816334550346895dd3ba97/html5/thumbnails/30.jpg)
Relayed Communication
Service Bus
Sender Receiver
sb://servicebus.windows.net/services/solution/a/b/
outb
ound
conn
ect o
ne-w
ay n
et.tc
p TCP/SSL 828
BackendNamingRoutingFabric
Frontend Nodes
TCP/SSL 808/828
outbound connect bidi socket
Msg Msg
NATFirewallDynamic IP
SubscribeRoute
NLB
![Page 31: Microsoft .NET Services An Introduction](https://reader035.vdocuments.mx/reader035/viewer/2022062323/56816334550346895dd3ba97/html5/thumbnails/31.jpg)
Service RegistryRelay and direct connect connectivityEvent distributionIntegrated with Access Control services
Service Bus Summary
![Page 32: Microsoft .NET Services An Introduction](https://reader035.vdocuments.mx/reader035/viewer/2022062323/56816334550346895dd3ba97/html5/thumbnails/32.jpg)
32
Q & A
![Page 33: Microsoft .NET Services An Introduction](https://reader035.vdocuments.mx/reader035/viewer/2022062323/56816334550346895dd3ba97/html5/thumbnails/33.jpg)