Net services
Download
1 / 47

.NET Services - PowerPoint PPT Presentation


  • 106 Views
  • Uploaded on

.NET Services. Architects Council 27.01.2009. Dariusz Parys Developer Evangelist Developer Platform and Strategy Group Microsoft Deutschland GmbH. Kontakt. Email dparys@microsoft.com Blog http://blogs.msdn.com/dparys IM developerevangelist@live.com. Dienste in Azure.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' .NET Services' - bellini-fadden


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Net services

.NET Services

Architects Council 27.01.2009

  • Dariusz Parys

    Developer Evangelist

    Developer Platform and Strategy Group

    Microsoft Deutschland GmbH


Kontakt
Kontakt

  • Email

  • dparys@microsoft.com

  • Blog

  • http://blogs.msdn.com/dparys

  • IM

  • developerevangelist@live.com


Dienste in azure
Dienste in Azure

Your Applications

ServiceBus

Workflow

Database

Analytics

Identity

Contacts

AccessControl

Reporting

Devices

Compute

Storage

Manage


Net services1
.NET Services

  • Offene Zugriffstandards

    • REST, SOAP, RSS, AtomPub, …

    • Bibliotheken für Java, PHP, Ruby, …

  • 3 Fokus Themen

    • Anwendungs Integration

    • Zugriffskontrolle in verteilten Systemen

    • Anwendungs Erweiterbarkeit



Enterprise service bus
Enterprise Service Bus

Service Orchestration

Federated Identity and Access Control

Naming

Service Registry

Messaging Fabric

CRM

Point Of Sale

Supply Chain

Leads

Order Entry

Product Catalog

Inventory

Customers

POS Integration

Trends

Planning

Returns

Campaigns

Purchasing

Web Store


Internet service bus
Internet Service Bus

Service Orchestration

Federated Identity and Access Control

Naming

Service Registry

Messaging Fabric

Your Services

Clients

On-Premise ESB

MS/3rd Party Services

ESB

Desktop, RIA, Web

Desktop, RIA, & Web


Wer ben tigt connectivity
Wer benötigt „Connectivity“?

  • Instant Messaging/Communication App

    • Access Control, Relay, Direct Connect

  • Multiplayer Spiele

    • Access Control, Relay, Direct Connect

  • Home Media Integration System

    • Access Control, Relay, Direct Connect

  • Enterprise Integration System

    • Access Control, VPN/VAN


Was muss man tun wenn
Was muss man tun wenn…

  • …man Anwendungen miteinander integrieren möchte die

    • in verschiedenen Netzwerken zu Hause sind?

    • unterschiedliche Benutzerverwaltungen haben?

    • nicht immer erreichbar sind?


Connectivity challenges
Connectivity Challenges

  • IPv4 Adressraum

    • Dynamic IP Adresszuordnung

    • Network Address Translation (NAT)

  • Internet voller “Bad Guys”

    • Firewall auf Firewall auf Firewall…

Network Address Translation

Network Firewall

Dynamic IP

Machine Firewall

?

Sender

Receiver


Es gibt m glichkeiten
Es gibt Möglichkeiten

  • Dynamic DNS

  • NAT Port Mappings / UPnP

  • Open Inbound Firewall Ports

JededieserEntscheidungbringtRisikenmit

Network Address Translation

Network Firewall

Dynamic IP

Machine Firewall

?

Sender

Receiver


Service bus naming
Service Bus – Naming

Federated Identity and Access Control

Naming

Service Registry

Messaging Fabric


Naming scheme
Naming Scheme

[http|sb]://servicebus.windows.net/services/account/svc/…

Service Registry Root

account

svc

The service registry provides a mapping from URIs to services

servicebus.windows.net

services

Root

contoso

Multi-Tenant


Service bus service registry
Service Bus – Service Registry

Federated Identity and Access Control

Naming

Service Registry

Messaging Fabric


Service registry
Service Registry

  • Registry nurfür Service Endpunkte

    • Nichtsanderes

  • ProgrammatischerZugriffüber

    • Discover: Atom 1.0 feed hierarchy

    • Publish: Atom Publishing Protocol, WS-Transfer

WS-Transfer

Client

Service Registry

AtomPub

Naming


Registry feed structure
Registry Feed Structure

  • Solution Root Feed

    • http://servicebus.windows.net/services/solution/

    • Hierarchisch

solution

svc

WS-Transfer

Client

SBWN

services

Naming Root

AtomPub

solution

svc


Services in registry feeds
Services in Registry Feeds

  • <?xml version="1.0" encoding="utf-8"?><feed xmlns="http://www.w3.org/2005/Atom"xmlns:wsa="http://www.w3.org/2005/08/addressing"> <title>Title</title> <link href="http://servicebus.windows.net/services/my/svc"rel="self"/> <id>urn:uuid:82a76c80-d498-12d5-b91C-0103839e0ef6</id> … <entry> <title>MyEndpoint</title> <link href="http://swn/services/my/svc/ep1"/> <id>urn:uuid:1225c695-cfb8-4ebb-aaaa-80da344efa6a</id> <wsa:EndpointReference> <wsa:Address> http://servicebus.windows.net/services/my/svc/ep1 </wsa:Address> </wsa:EndpointReference> </entry> </feed>


Service bus messaging
Service Bus – Messaging

Federated Identity and Access Control

Naming

Service Registry

Messaging Fabric


Service bus messaging1
Service Bus - Messaging

  • Aus .NET heraus: WCF

    • Microsoft.ServiceBus


Netonewayrelaybinding
NetOnewayRelayBinding

Service Bus

sb://servicebus.windows.net/services/solution/a/b/

BackendNaming

RoutingFabric

Route

Subscribe

Frontend Nodes

NLB

TCP/SSL 808/828

TCP/SSL 828

outbound connect one-way net.tcp

outbound connect bidi socket

Msg

Msg

Sender

Receiver

NATFirewallDynamic IP


Neteventrelaybinding
NetEventRelayBinding

Service Bus

sb://servicebus.windows.net/services/solution/a/b/

BackendNaming

RoutingFabric

Route

Subscribe

Frontend Nodes

TCP/SSL 808/828

TCP/SSL 828

TCP/SSL 828

outbound connect one-way net.tcp

outbound connect bidi socket

outbound connect bidi socket

Msg

Msg

Msg

Sender

Receiver

Receiver


Nettcprelaybinding relayed
NetTcpRelayBinding / Relayed

Service Bus

sb://servicebus.windows.net/services/solution/a/b/

BackendNaming

RoutingFabric

Oneway

RendezvousCtrl Msg

Frontend Nodes

Ctrl

2

NLB

3

TCP/SSL 818

outbound socket rendezvous

outbound socket connect

1

Socket-SocketForwarder

Ctrl

Sender

Receiver

4


Nettcprelaybinding hybrid
NetTcpRelayBinding / Hybrid

Service Bus

sb://servicebus.windows.net/services/solution/a/b/

BackendNaming

RoutingFabric

Oneway

RendezvousCtrl Msg

Frontend Nodes

TCP/SSL 818, 819

NAT Probing

NAT Probing

relayed connect

relayed rendezvous

upgrade

Ctrl

upgrade

Sender

Receiver

NAT Traversal Connection


Ws basic web httprelaybinding
[WS|Basic|Web]HttpRelayBinding

Service Bus

sb://servicebus.windows.net/services/solution/a/b/

BackendNaming

RoutingFabric

Oneway

RendezvousCtrl Msg

Frontend Nodes

Ctrl

2

NLB

3

HTTP/S80/443

outbound socket rendezvous

HTTPHTTPSrequest

1

HTTP-SocketForwarder

Ctrl

Sender

Receiver

4



Access control

Access Control


Motivation
Motivation

Customers/Partners

?

On-premiseservices

user

*******


Motivation1
Motivation

Cloudservices

1..n

Customers/Partners

?

?

On-premiseservices

user

*******

(A) STS

(R) STS


Scenario with the acs
Scenario withthe ACS

Customers/Partners

Your ACS

Trust

Trust

user

*******

On-premise/cloudservices


Zugriff auf services
Zugriff auf Services

  • DieseDienstenutzen den Access Control Service

  • Microsoft SQL Data Services

    • Username / Passwort und ein Token des Access Control Service

  • .NET Service Bus

  • .NET Workflow Service

  • The Portals


Zusammenspiel
Zusammenspiel

Was?

Integrieren

Wer?

Orchestrieren

Your Customers

Your App

<Any ID Provider>

ServiceBus

WF

Access Control Service

Live ID Users

UI

Data

XYZ Domain Users

Speichern


Bestandteile
Bestandteile

  • Portal

    • Frontend zumAdministrieren von Anwendungen und Regeln

  • Client API

    • ProgrammierbareSchnittstelle

  • Service (STS)

    • ZurVerfügunggestellter STS (Shared STS)

    • Interaktionmittels des Geneva Frameworks


Ablauf der zugriffssicherung
Ablauf der Zugriffssicherung

3. Input Claims  Output Claims

wieimRegelwerkbeschrieben

1. ZugriffsregelnfürKundendeklarieren

.NET Access Control Service

(Managed STS)

0. Cert|Secretaustausch; periodischaktualisiert

4. Token senden (RSTR)

(enhält Claims von 3)

6.Claims werdenüberprüft

2. Claims senden

(RST)

Relying Party

(Service Bus, IhreAnwendung, etc.)

Requestor

(IhrKunde)

5. Nachrichtsenden

mit Token


Access control demo

Access Control Demo



Windows workflow foundation
Windows Workflow Foundation

Workflow

  • BeschreibungeinesProgrammablaufs

  • Tools/Designers

  • Activity Library

  • Runtime

  • Hosts

Activity Library

WF Runtime

Tooling

VS Designer

VS Debugger

Rehosted Designer

Hosts

IIS/WAS+

“Dublin”

Workflow

Service

your.exe

“Direct”


Workflow service berblick
Workflow Service – Überblick

Zuverlässiger, skalierbarer off-premises host für Workflows

  • Portal http://workflow.ex.azure.microsoft.com

  • NeueAktivitätenfür die Windows Azure Plattform

  • APIs zuminstallieren, ausführen und betreiben von Workflows “in-the-cloud”

  • Orchestrierung von Diensten

    • UnternehmensübergreifendeDienste

    • ZugrifffürKunden und Partner durch Access Control


Arbeiten mit workflows
Arbeitenmit Workflows

  • Design Workflows

    • Auswahl des Workflow Templates

    • Designer unterstützt

    • Neue Azure Activities und Subset der WF Activities

  • Workflows installieren

    • Upload und Validierung

  • Verwalten von Workflow Typen

    • Add, delete, update, view instances

  • Verwalten von Workflow Instanzen

    • Create, run, control, track execution


Workflow service design flow
Workflow Service – Design Flow

1

Design Workflows

Visual Studio WF Designer

1

2

Deploy Workflows

VS – one click deploy

3

Manage Workflow Types

Your Apps & Services

2

4

Manage Workflow Instances

2

http://

3

4

  • Workflow Portal

  • WorkflowClient API

  • SOAP Web Service

Workflow & Rules XAML

ServiceBus




Data model and ace concepts

Unit ofgeo-location and billing

Tied toDNS name

Collectionof Containers

Data Model And ACE Concepts

Authority

Container

Entity

  • Unit of Consistency

  • Scope for Query and Update

  • Collectionof Entities

  • Unit of Storage

  • Property Bagof Name/Value pairs

  • No Schema Required


Concepts entity

Entity properties may differ in type and instance

ConceptsEntity

DifferentKinds

DifferentInstanceTypes

Additional Property


Architecture
Architecture

SQL Data Services Front End

REST / SOAP

REST / SOAP

REST / SOAP

REST / SOAP

REST / SOAP

REST / SOAP

REST / SOAP

SDS Runtime

SDS Runtime

SDS Runtime

SDS Runtime

SDS Runtime

SDS Runtime

SDS Runtime

Data Access Lib

Data Access Lib

Data Access Lib

Data Access Lib

Data Access Lib

Data Access Lib

Data Access Lib

Master Cluster

Data Cluster

SQL Data Services Back End

SQL Server

SQL Server

SQL Server

SQL Server

SQL Server

SQL Server

SQL Server

Distributed Data Fabric

Distributed Data Fabric

Distributed Data Fabric

Distributed Data Fabric

Distributed Data Fabric

Distributed Data Fabric

Distributed Data Fabric

Mgmt. Services

Mgmt. Services

Mgmt. Services

Mgmt. Services

Mgmt. Services

Mgmt. Services

Mgmt. Services


Data and master nodes
Data And Master Nodes

SDS - Back-end

SDS - Reliable Master Cluster Manager

Partition Manager

Partition Placement Advisor

SQL Server

SQL Server

Global Partition Map

Leader Elector

Database

P1

Distributed Data Fabric

P2

SDS – Data Nodes

P3

Data Node 102

Data Node 103

Data Node 104

P4

P5

Data Node 101

Data Node 105

P6

S5

P3

P1

P2

S1

P5

S6

S5

S2

S2

P6

S6

P4

S4

S1

S3

P3

S4


Zusammenfassung
Zusammenfassung

  • Anwendungsintegration durch den .NET Service Bus

  • Zugriffskontrolle durch den .NET Access Control Service

  • Wiederverwenden von Anwendungslogik durch .NET Workflow Service

  • Melden Sie sich für den momentanen CTP an unter

  • http://www.azure.com


Weiterf hrende informationen
Weiterführende Informationen

  • PDC Videos

    • BB01, BB02, BB12, BB23, BB28, BB38, BB55

  • Blog Posts

    • Federatingwiththe ACShttp://www.leastprivilege.com/FederatingWithTheNETAccessControlService.aspx

  • Other resources

    • http://www.microsoft.com/azure/accesscontrol.mspx

    • http://msdn.microsoft.com/en-us/library/dd129876.aspx

    • http://dunnry.com/blog/UsingSDSWithAzureAccessControlService.aspx

  • Blogs

    • http://blogs.msdn.com/dparys

    • http://www.leastprivilege.com