1 / 43

Microsoft Web Services Technologies Today

Microsoft Web Services Technologies Today. Benjamin Mitchell Independent Consultant Microsoft Regional Director/MVP benjaminm@benjaminm.net http://benjaminm.net. Overview. Sending interoperable messages with ASP.NET Web Services General Issues Around Services

jesusj
Download Presentation

Microsoft Web Services Technologies Today

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Microsoft Web Services Technologies Today Benjamin Mitchell Independent Consultant Microsoft Regional Director/MVP benjaminm@benjaminm.net http://benjaminm.net

  2. Overview • Sending interoperable messages with ASP.NET Web Services • General Issues Around Services • Understanding advanced WS-* protocols • Supporting advanced WS-* protocols with the Web Services Enhancements • Managing Business Processes with BizTalk 2004

  3. Sending interoperable messages with ASP.NET Web Services

  4. ASMX Messaging • Easiest way to send messages via SOAP • Create an *.asmx file • Write a class • Decorate methods with [WebMethod] • OneWay or RequestResponse

  5. Secret Look at the Future [WebMethod(IsInteroperableFastScalableAndReliable=true)] public bool DoSomething() { … }

  6. ASMX 2.0 Improvements • Interoperability • WS-I Base Profile 1.1 Conformance • SOAP 1.2 support • Extensibility • Custom serialization and streaming • Custom proxy code generation

  7. ASMX 2.0 Improvements • Client Programming Model • Easy to use async programming model • Easy databinding • Type sharing across Web services • Performance • Lowered startup latency • Lowered bandwidth utilization through compression • Hosting in any AppDomain with HttpListener on top of HTTP.SYS

  8. Real Time Cache 15min Refresh Routing Based on User Typical Success Story: Danske Bank Institutional Partners Danske Bank Web Services Stock quotes Bond quotes Currency trading ERP Excel WSE Win2K Other Web Service XML Politiken Portal Mainframe Politiken Readers

  9. Problems with ASMX • Simple programming model is not explicit about boundaries • Can be too RPC like • Limited to HTTP • Difficult extension mechanism • Does not support the more advanced WS-* specifications

  10. General Issues Around Services

  11. Schema First[right on the wire] Message Design: Contract First Code First[easy to program]

  12. Does Schema lead to better versioning? <schema targetNamespace="http://people" xmlns="..."> <element name="person"> <complexType> <sequence> <element name="name" type="string"/> <any processContents="lax" minOccurs="0" maxOccurs="unbounded" /> </sequence> <anyAttribute processContents="lax"/> <attribute name="version" type="string" use="required"/> </complexType> </element> </schema>

  13. UDDI 2.0 WSDL 1.1 SOAP 1.1 XSD 1.0 XML 1.0 HTTP(S) Is Base Profile Conformance Enough? • Do we need a Base Profile for Schema?

  14. “Staple” Pull relevant specs into scope “Redline” Add constraints on use of those specs “Glue” Define missing bits between specs Some will migrate back into specs SOAP 1.2 WS-Addressing WS-Metadata Exchange WSDL 1.1 WS-Discovery WS-Eventing What’s the Profile Recipe: Staple, Redline, Glue ThisModel Metadata ThisDevice Metadata Action Filter Conformance Claim Policy Assertions Policy Assertions

  15. Interoperability Recommendations • General Recommendations • Use XSD first to define messages • Keep to the 9 primitive types outlined by XSD • xsd:byte, xsd:boolean, xsd:dateTime, xsd:double, xsd:float, xsd:int, xsd:long, xsd:string, xsd:short • Watch those arrays! • Watch those NULL values! • Watch those xsd:dateTimes!

  16. Are web services fast enough?

  17. Empty Method Call

  18. Larger payload, simple op

  19. Small payload, busy op

  20. Proving that the protocols can work: Web Services Enhancements

  21. WS-* Architecture Profiles and Infrastructure Metadata Devices Profile WS-Management WS-Federation Assurances WS-Secure Conversation WS-Business Activity WS-Metadata Exchange WS-Trust WS-Atomic Transaction UDDI WS-Security WS-Reliable Messaging WS-Coordination WS-Policy Messaging WSDL SOAP WS-Addressing MTOM XML Schema Foundation XML Infoset XML 1.0 XML Namespaces MIME SOAP / HTTP

  22. WS-* Specification Process Specification Published Feedback & Interop Workshops Revise / republish spec Standards Org Profiles Step 3 Standardization Step 1 Develop Step 2 Broader Participation Step 4 Profiling Industry Participation Process reconciles conflicting goals • Quality of engineering • Time to market • Breadth of industry support

  23. Status Step 1-2 Step 2 Step 3-4 Infrastructure and Profiles Metadata WS-Federation WS-Management Devices Profile Assurances WS-Secure Conversation WS-Business Activity WS-Metadata Exchange WS-Trust WS-Atomic Transaction UDDI WS-Security WS-Reliable Messaging WS-Coordination WS-Policy Messaging WSDL SOAP WS-Addressing MTOM XML Schema Foundation XML Infoset XML 1.0 XML Namespaces MIME SOAP / HTTP

  24. Delivering WS-* - Microsoft Windows Server 2003 “R2” Wave Longhorn Wave Indigo • Wire-level interop with WSE3.0 plus • MTOM • SAML Token Profile 1.0 • Security Policy • WS-Federation Active Client • Enables easy to build STS • WS-RM 2005/02, Policy • WS-AT/WS-C 2005/02, Policy • WS-Policy/PolicyAttachment • WS-MEX Easy to use Digital Identity Active Directory: Federation WSD API: Device Profile VS 2005 + WSE 3.0 • SOAP 1.1, 1.2 / WSDL 1.1 • MTOM • WS-Addressing 2004/08 (or REC) • WS-Security 1.0 (U/P, X509, Kerberos) • WS-Secure Conversation • WS-Trust • WS-Policy • Limited wire interop with WSE2.0 AD Federation Services in R2 • Cross-organizational Identity Federation • Web SSO SQL Server 2005 • SOAP 1.1, 1.2 / WSDL 1.1 • WS-Security 1.0 Management • WS-Management VS2003 + Web Services Enhancements (WSE) 2.0 • SOAP 1.1 / WSDL 1.1 • WS-Addressing 2004/03 • WS-Security 1.0 (U/P, X509, Kerberos) • WS-Secure Conversation 2004/04 • WS-Trust 2004/04 • WS-Policy

  25. Delivering WS-* - Other vendors WS-Management WS-XFer / Enum WS-SecureConv WS-Federation WS-Addressing WS-Security SOAP / WSDL Messaging WSDL WS-Trust WS-RM WS-AT RM, TX Mgmt Security Devices Profile WS-Discovery Devices WS-Policy MEX Metadata

  26. WSE supports emerging standards • Implementation of additional WS-* protocols • Security, Policy and Addressing • Support for multiple protocols • Improved support for explicit messaging • Separate pipeline that can be hooked into ASP.NET or hosted • Ability to create SOAP Intermediaries

  27. How does WSE work? User Code SoapContext Policy Trace Referral Custom Security Security Token Manager Custom Filters

  28. Secure CommunicationProtocol-level security • Encrypts the entire message • Sender must trust all intermediaries • Restricts protocols that can be used SSL Security SSL Security

  29. Secure CommunicationMessage-level security • End to end message security independent of transport • Supports multiple protocols and multiple encryption technologies • Encrypt only parts of the message • Sender need only trust endpoint

  30. WSE Security • Secure the message rather than the wire • Secure various parts of the message • Mechanism for carrying security tokens • Independent kind of security token • Support for Kerberos, X509 Certificate and Username/Password • Future support for SAML and other identity tokens

  31. WSE Policy Driven Architecture • Beyond WSDL, what else is needed to describe a Web service? • These other attributes of a service can be described with WS-Policy • XML-based language • Complex: <Or>, <ExactlyOne>, etc… • WSE provides a Policy Framework with send-side and receive-side policy support

  32. WSE Messaging • Support for one-way messaging or client/server model • Full support over dispatch and handling of the messages • Low-level queue for receiver processing.

  33. WSE 2.0 Messaging • WSE 2.0 includes a SOAP-based messaging API • Transport independence • Intra-AppDomain • For testing • Raw TCP • HTTP • Host Independence • Windows application • ASP.NET • Windows Service

  34. WSE 3.0 Feature Highlights • .NET Framework Integration • Extend ASMX programming model on all transports • 64 bit support • Visual Studio 2005 IDE integration • Performance Improvements • Interoperability and Conformance • Policy assertions for standard security scenarios • Wire level interoperability with Indigo and 3rd party stacks • MTOM – Message Transmission Optimization Mechanism • WS-* updates • SOAP 1.2 • Tools • Security settings tool for standard security scenarios • Configuration file migration from WSE 2.0 to WSE 3.0

  35. WS-Security: Interop with Released Products • Requires a configuration change at WSE service • Requires a configuration change at WebSphere service or client • WebSphere 6.0 followed OASIS Oct X509 token profile errata for the value of wsse:KeyIdentifier\@ValueType, which differs from OASIS standard. • WebLogic 8.1.4 uses wrong encryption type on the Body element. Fix is available from BEA support services.

  36. Can I use WSE today? • Support policy is the same as .NET 1.1 • New versions likely to break previous • Side-by-side support so far

  37. Issues with WSE • Complex to setup and use • Requires developers to muck with the plumbing • Small but breaking changes even with point releases • HTTP is still the only protocol for interoperability • Unsupported demos over TCP with Apache Axis

  38. WSE 3.0 - The Road to Indigo • WSE supports service orientated Architectures • Explicit boundaries • Autonomy • Define contracts with schema • Describe requirements with policy • WSE 3.0 is the road to Indigo • Support for standard interoperable security scenarios • Wire level interoperable with Indigo Beta 1 • WSE 3.0 runs side-by-side with Indigo • Upgrade guidance will be provided from WSE 3.0 to Indigo

  39. Process Logic Composite Application Exploiting SOA: Composite Applications • Composite applications can be created using process logic to invoke business services Business Service Business Service Business Service Application A Application B Application C

  40. Implementing Process Logic: Orchestrations • The most commonly used term for process logic today is orchestration • Orchestrations can benefit from a platform expressly designed to support them • An application server isn’t enough • The goal: Business Process Management (BPM) • Supported by a BPM server

  41. Development Tools Management Tools Workflow Services Process Monitoring Services Business Rules Services Other Services Orchestrations Orchestration Runtime Services Communication Services Supporting Orchestrations: BPM Servers Application Server Operating System

  42. Visual Studio .NET Health and Activity Tracking (HAT) Orchestration Designer Human Workflow Services Business Activity Monitoring (BAM) Business Rules Engine More BizTalk Server 2004 Engine Microsoft’s BPM Server: BizTalk Server 2004 Orchestrations .NET Framework Windows

  43. .NET Web Services Platforms • ASMX is the current Web service platform • Supports basic profile for simple services • Doesn’t implement WS-* specifications • WSE is a platform extension • Can be used to extend ASMX behavior • Can be used standalone without ASMX • Provides support for several WS-* specs • Indigo is the next-generation Web service platform • Provide a unified programming model along with comprehensive support for WS-* specs • BizTalk is a Business Processes Management server

More Related