Download
net application design considerations n.
Skip this Video
Loading SlideShow in 5 Seconds..
.NET Application Design Considerations PowerPoint Presentation
Download Presentation
.NET Application Design Considerations

.NET Application Design Considerations

384 Views Download Presentation
Download Presentation

.NET Application Design Considerations

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. .NET Application Design Considerations Mark SapossnekCS 594 Computer Science Department Metropolitan College Boston University

  2. Prerequisites • This module assumes that you understand the fundamentals of: • Object-oriented programming • C# • ADO.NET • ASP.NET • Web Services • .NET Framework Class Library

  3. Learning Objectives • Understand how to design a .NET application • Understand key design considerations on the following topics: • Scalability • Performance • Availability • Security

  4. Agenda • Design Model and Process • .NET System Architecture • .NET Design Patterns • Security • Scalability • Availability

  5. Design Model and Process • Microsoft Enterprise Services Framework Services-Based Application Design Model • Design Process • Design Principles

  6. Design Model and ProcessMicrosoft Enterprise Services Framework (ESF) Microsoft Readiness Framework (MRF) Microsoft Solutions Framework (MSF) Enterprise Architecture Microsoft Operations Framework (MOF)

  7. Schedule Resources Features Design Model and ProcessMicrosoft Solutions Framework Team Model Process Model Application Model

  8. G E N N I V Z I I S L I I O B N A I T N S G D E G V N I E N L O N P A I N L G P Design Model and ProcessMSF Process Model Release Scope Complete/First Use Vision/Scope Approved Project Plan Approved

  9. Application 1 Application 2 User Services Business Services Data Services Design Model and ProcessServices-Based Application Model Can be implemented as Web Services

  10. Conceptual Logical Physical Scenarios Objects and Services, UI, Logical DB Components, UI, Physical DB http:// Design Model and ProcessMSF Design Process Overview

  11. Conceptual Logical Physical Scenarios Objects and Services, UI, Logical DB Components, UI, Physical DB http:// Design Model and ProcessConceptual Design The goal of conceptual design is to understand what the users do and to identify business needs. The output is scenarios or use cases.

  12. Logical Physical Objects and Services, UI, Logical DB Components, UI, Physical DB http:// Design Model and ProcessLogical Design Conceptual Scenarios The goal of logical design is to lay out the structure of the solution and the communication among elements. The output is a set of objects and services, high-level user interface design, and logical database design.

  13. Conceptual Logical Physical Scenarios Objects and Services, UI, Logical DB Components, UI, Physical DB http:// Design Model and Process Physical Design Conceptual The goal of physical design is to apply real-world technology constraints to the logical model, including implementation and performance considerations. The output is a set of components, UI design for a particular platform, and physical database design.

  14. Design Model and Process Design Principles • Understand and solve the business problem • Communicate effectively with users and project teams • Design based on a modular approach • Consistent • Distributable (Web-centric) • Implementation language-independent • Flexible • Reusable • Reliable • Balance innovation and discipline through each iteration • Pay attention to the Enterprise Architecture and Infrastructure

  15. Design Model and Process Design Principles • Object Stereotypes • Design Patterns • E.g. Factory, Singleton, Proxy, Flyweight, Iterator, Façade, Memento, Adaptor Boundary (Interface) Entity Service (Control)

  16. Agenda • Design Model and Process • .NET System Architecture • .NET Design Patterns • Security • Scalability • Availability

  17. .NET System ArchitectureDistributed System Architecture Input/Output Rendering engine I/O Processing Presentation logic Everything Else Business logic Data Management Data logic Database Data engine

  18. .NET System ArchitectureWindows DNA Application Architecture HTML 3.2 Browser Rendering engine IIS/ASP (.asp) Presentation logic Business logic COM Components Data logic SQL Server Database Data logic Data engine

  19. .NET System Architecture2-Tier Application Architecture VB or PowerBuilderApplication Rendering engine Presentation logic Business logic Data logic SQL Server Database Data logic Data engine

  20. .NET System Architecture.NET Application Architecture HTML 3.2 Browser Rendering engine IIS/ASP (.aspx, .ascx) Presentation logic .NET Assemblies WebServices Business logic Data logic SQL Server Database Data logic Data engine

  21. .NET System ArchitectureWeb Service Architecture SOAP Clients Rendering engine Web Service (.asmx) Presentation logic .NET Assemblies Business logic Data logic SQL Server Database Data logic Data engine

  22. Partner Web Service Web Services Partner Web Service Internet + XML YourCompany.com .NET System ArchitectureWeb ServicesApplication Model Data Access and Storage Tier Application Business Logic Tier Other Applications

  23. Agenda • Design Model and Process • .NET System Architecture • .NET Design Patterns • Security • Scalability • Availability

  24. .NET Design Patterns • Samples • IBuySpy (http://www.ibuyspy.com/) • MSDN Sample: Duwamish 7.0 • MSDN Sample: Fitch & Mather Stocks 7.0 • Using Uniform Modeling Language (UML) • Discuss design patterns of each sample application

  25. .NET Design PatternsIBuySpy Portal Sample

  26. .NET Design Patterns IBuySpy Design Patterns • Clean code/HTML content separation using server controls • Pages that are constructed from dynamically-loaded User Controls • Configurable output caching of portal page regions • Modular site layout defined by XML configuration file

  27. .NET Design Patterns IBuySpy Design Patterns • XML serialization that maps XML config file to custom config classes • Cached config settings automatically reloaded when file changes • Role-based security to control user access to portal content

  28. .NET Design PatternsDuwamish Sample Application

  29. .NET Design PatternsDuwamish Activity Diagram

  30. .NET Design PatternsDuwamish Sequence Diagram

  31. .NET Design PatternsDuwamish Design Patterns • Move processing to the data rather than moving data to the processing • Pass all data back to the client in a method call • Minimize the time that a database resource is locked • Use Binary/HTTP for remoting

  32. .NET Design PatternsDuwamish Design Patterns • Use ASP.NET within its Web layer and utilize the ASP.NET caching features • Publish a single XML Web service named CatalogService to expose its book catalog search functions to the Internet

  33. .NET Design PatternsFitch & Mather 7.0 Sample • A port of the MSDN Fitch & Mather 2000 sample to .NET technologies • Not a complete deployable application • Focus on • Performance • Technology porting issues from the Windows DNA architecture to the .NET Framework • Legacy integration and interoperability • Real-life deployment scenarios in a distributed computing environment.

  34. .NET Design PatternsFitch & Mather 7.0 Architecture

  35. .NET Design PatternsFitch & Mather 7.0 Activity Diagram

  36. .NET Design PatternsFitch & Mather 7.0 - Transactions • Transaction Composability • Transactions are composed by a transaction root object from individual transactional or nontransactional objects • Transaction root objects are located at a layer above the data access layer • No objects in data access layer marked for requiring new transaction • Objects that perform write operation must at least support transactions

  37. .NET Design PatternsFitch & Mather 7.0 - Security • Use forms authentication with the combination of forms and role-based security • Show login page and verify user credentials on access to restricted resources • Issue an authentication cookie as means of re-acquiring user identity at a later stage. • Based on the user’s identity/roles, replace the principal object on the current thread to reflect the identity of the user. • In the application OnAuthenticateRequest event handler of Global.asax, automatically replace the principal on the thread every time authentication happens. • On BLL and DAL components, place code segments into the constructor of each class to verify the identity of the user and whether they are authenticated. Throw an exception if they are not.

  38. .NET Design PatternsUML Models

  39. Agenda • Design Model and Process • .NET System Architecture • .NET Design Patterns • Security • Scalability • Availability

  40. Security Overview • Security is APAIN: • Authentication Who‘s there? • Privacy No eavesdroppers • Authorization What are you allowed to do? • Integrity Did the data get changed? • Nonrepudiation Keep your promises • As always: understand the requirements • E.g. Search vs. bank account vs. news • Do you just need personalization?

  41. SecurityQuestions to Ask • Authentication • How does the user provide their credentials? • Where are credentials stored? • Temporary or persistent

  42. SecurityAuthentication Approaches • IIS/Windows • Basic, Digest, NTLM, Kerberos, Certificates • ASP.NET • Windows • Forms-based (cookie) authentication • Microsoft Passport authentication • Custom authentication

  43. SecurityForms-Based Authentication • Easy to implement • ASP.NET provides redirection • Custom Login UI (no popup dialogs) • Custom credential verification • Custom application roles • Support for advanced usage • Application defined data • Control over cookie lifetime, paths

  44. SecurityAuthorization Strategies • ASP.NET • Windows Security & ACLs • URL Authorization • Custom Authorization • All applications • Declarative Method Authorization • Explicit Authorization

  45. Agenda • Design Model and Process • .NET System Architecture • .NET Design Patterns • Security • Scalability • Availability

  46. Scalability How Do You Handle Success?

  47. Scalability Approach 1 – Scale Up • SMP: SymmetricMulti-Processor … • Can only get so big • Expensive

  48. … ScalabilityApproach 2 – Scale Out • Less expensive, though more to manage • Symmetric (load balancing) or asymmetric (partitioning)

  49. Scalability Approach 3 – Partition Database • Scale out with database … … • Scale up database • Partition database

  50. ScalabilityDesign for Scalability • Design a stateless application if possible • Use a database for state management • Run on a cluster of Web servers • Use caching or offline content generation • Partition the database tier or the Web tier • Use stored procedures • Use transactions intelligently • Use asynchronous programming techniques • Benchmark your application – performance measurement and tuning