1 / 47

.NET Services

.NET Services. Architects Council 27.01.2009. Dariusz Parys Developer Evangelist Developer Platform and Strategy Group Microsoft Deutschland GmbH. Kontakt. Email dparys@microsoft.com Blog http://blogs.msdn.com/dparys IM developerevangelist@live.com. Dienste in Azure.

bellini-fadden
Download Presentation

.NET Services

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. .NET Services Architects Council 27.01.2009 • Dariusz Parys Developer Evangelist Developer Platform and Strategy Group Microsoft Deutschland GmbH

  2. Kontakt • Email • dparys@microsoft.com • Blog • http://blogs.msdn.com/dparys • IM • developerevangelist@live.com

  3. Dienste in Azure Your Applications … ServiceBus Workflow Database Analytics Identity Contacts AccessControl … Reporting … Devices … Compute Storage Manage …

  4. .NET Services • Offene Zugriffstandards • REST, SOAP, RSS, AtomPub, … • Bibliotheken für Java, PHP, Ruby, … • 3 Fokus Themen • Anwendungs Integration • Zugriffskontrolle in verteilten Systemen • Anwendungs Erweiterbarkeit

  5. Service Bus

  6. Enterprise Service Bus Service Orchestration Federated Identity and Access Control Naming Service Registry Messaging Fabric CRM Point Of Sale Supply Chain Leads Order Entry Product Catalog Inventory Customers POS Integration Trends Planning Returns Campaigns Purchasing Web Store

  7. Internet Service Bus Service Orchestration Federated Identity and Access Control Naming Service Registry Messaging Fabric Your Services Clients On-Premise ESB MS/3rd Party Services ESB Desktop, RIA, Web Desktop, RIA, & Web

  8. Wer benötigt „Connectivity“? • Instant Messaging/Communication App • Access Control, Relay, Direct Connect • Multiplayer Spiele • Access Control, Relay, Direct Connect • Home Media Integration System • Access Control, Relay, Direct Connect • Enterprise Integration System • Access Control, VPN/VAN

  9. Was muss man tun wenn… • …man Anwendungen miteinander integrieren möchte die • in verschiedenen Netzwerken zu Hause sind? • unterschiedliche Benutzerverwaltungen haben? • nicht immer erreichbar sind?

  10. Connectivity Challenges • IPv4 Adressraum • Dynamic IP Adresszuordnung • Network Address Translation (NAT) • Internet voller “Bad Guys” • Firewall auf Firewall auf Firewall… Network Address Translation Network Firewall Dynamic IP Machine Firewall ? Sender Receiver

  11. Es gibt Möglichkeiten • Dynamic DNS • NAT Port Mappings / UPnP • Open Inbound Firewall Ports JededieserEntscheidungbringtRisikenmit Network Address Translation Network Firewall Dynamic IP Machine Firewall ? Sender Receiver

  12. Service Bus – Naming Federated Identity and Access Control Naming Service Registry Messaging Fabric

  13. Naming Scheme [http|sb]://servicebus.windows.net/services/account/svc/… Service Registry Root account svc The service registry provides a mapping from URIs to services servicebus.windows.net services Root contoso Multi-Tenant …

  14. Service Bus – Service Registry Federated Identity and Access Control Naming Service Registry Messaging Fabric

  15. Service Registry • Registry nurfür Service Endpunkte • Nichtsanderes • ProgrammatischerZugriffüber • Discover: Atom 1.0 feed hierarchy • Publish: Atom Publishing Protocol, WS-Transfer WS-Transfer Client Service Registry AtomPub Naming

  16. Registry Feed Structure • Solution Root Feed • http://servicebus.windows.net/services/solution/ • Hierarchisch solution svc WS-Transfer Client SBWN services Naming Root AtomPub solution svc

  17. Services in Registry Feeds • <?xml version="1.0" encoding="utf-8"?><feed xmlns="http://www.w3.org/2005/Atom"xmlns:wsa="http://www.w3.org/2005/08/addressing"> <title>Title</title> <link href="http://servicebus.windows.net/services/my/svc"rel="self"/> <id>urn:uuid:82a76c80-d498-12d5-b91C-0103839e0ef6</id> … <entry> <title>MyEndpoint</title> <link href="http://swn/services/my/svc/ep1"/> <id>urn:uuid:1225c695-cfb8-4ebb-aaaa-80da344efa6a</id> <wsa:EndpointReference> <wsa:Address> http://servicebus.windows.net/services/my/svc/ep1 </wsa:Address> </wsa:EndpointReference> </entry> </feed>

  18. Service Bus – Messaging Federated Identity and Access Control Naming Service Registry Messaging Fabric

  19. Service Bus - Messaging • Aus .NET heraus: WCF • Microsoft.ServiceBus

  20. NetOnewayRelayBinding Service Bus sb://servicebus.windows.net/services/solution/a/b/ BackendNaming RoutingFabric Route Subscribe Frontend Nodes NLB TCP/SSL 808/828 TCP/SSL 828 outbound connect one-way net.tcp outbound connect bidi socket Msg Msg Sender Receiver NATFirewallDynamic IP

  21. NetEventRelayBinding Service Bus sb://servicebus.windows.net/services/solution/a/b/ BackendNaming RoutingFabric Route Subscribe Frontend Nodes TCP/SSL 808/828 TCP/SSL 828 TCP/SSL 828 outbound connect one-way net.tcp outbound connect bidi socket outbound connect bidi socket Msg Msg Msg Sender Receiver Receiver

  22. NetTcpRelayBinding / Relayed Service Bus sb://servicebus.windows.net/services/solution/a/b/ BackendNaming RoutingFabric Oneway RendezvousCtrl Msg Frontend Nodes Ctrl 2 NLB 3 TCP/SSL 818 outbound socket rendezvous outbound socket connect 1 Socket-SocketForwarder Ctrl Sender Receiver 4

  23. NetTcpRelayBinding / Hybrid Service Bus sb://servicebus.windows.net/services/solution/a/b/ BackendNaming RoutingFabric Oneway RendezvousCtrl Msg Frontend Nodes TCP/SSL 818, 819 NAT Probing NAT Probing relayed connect relayed rendezvous upgrade Ctrl upgrade Sender Receiver NAT Traversal Connection

  24. [WS|Basic|Web]HttpRelayBinding Service Bus sb://servicebus.windows.net/services/solution/a/b/ BackendNaming RoutingFabric Oneway RendezvousCtrl Msg Frontend Nodes Ctrl 2 NLB 3 HTTP/S80/443 outbound socket rendezvous HTTPHTTPSrequest 1 HTTP-SocketForwarder Ctrl Sender Receiver 4

  25. Service Bus Demo

  26. Access Control

  27. Motivation Customers/Partners ? On-premiseservices user *******

  28. Motivation Cloudservices 1..n Customers/Partners ? ? On-premiseservices user ******* (A) STS (R) STS

  29. Scenario withthe ACS Customers/Partners Your ACS Trust Trust user ******* On-premise/cloudservices

  30. Zugriff auf Services • DieseDienstenutzen den Access Control Service • Microsoft SQL Data Services • Username / Passwort und ein Token des Access Control Service • .NET Service Bus • .NET Workflow Service • The Portals

  31. Zusammenspiel Was? Integrieren Wer? Orchestrieren Your Customers Your App <Any ID Provider> ServiceBus WF Access Control Service Live ID Users UI Data XYZ Domain Users Speichern

  32. Bestandteile • Portal • Frontend zumAdministrieren von Anwendungen und Regeln • Client API • ProgrammierbareSchnittstelle • Service (STS) • ZurVerfügunggestellter STS (Shared STS) • Interaktionmittels des Geneva Frameworks

  33. Ablauf der Zugriffssicherung 3. Input Claims  Output Claims wieimRegelwerkbeschrieben 1. ZugriffsregelnfürKundendeklarieren .NET Access Control Service (Managed STS) 0. Cert|Secretaustausch; periodischaktualisiert 4. Token senden (RSTR) (enhält Claims von 3) 6.Claims werdenüberprüft 2. Claims senden (RST) Relying Party (Service Bus, IhreAnwendung, etc.) Requestor (IhrKunde) 5. Nachrichtsenden mit Token

  34. Access Control Demo

  35. Workflow

  36. Windows Workflow Foundation Workflow • BeschreibungeinesProgrammablaufs • Tools/Designers • Activity Library • Runtime • Hosts Activity Library WF Runtime Tooling VS Designer VS Debugger Rehosted Designer Hosts IIS/WAS+ “Dublin” Workflow Service your.exe “Direct”

  37. Workflow Service – Überblick Zuverlässiger, skalierbarer off-premises host für Workflows • Portal http://workflow.ex.azure.microsoft.com • NeueAktivitätenfür die Windows Azure Plattform • APIs zuminstallieren, ausführen und betreiben von Workflows “in-the-cloud” • Orchestrierung von Diensten • UnternehmensübergreifendeDienste • ZugrifffürKunden und Partner durch Access Control

  38. Arbeitenmit Workflows • Design Workflows • Auswahl des Workflow Templates • Designer unterstützt • Neue Azure Activities und Subset der WF Activities • Workflows installieren • Upload und Validierung • Verwalten von Workflow Typen • Add, delete, update, view instances • Verwalten von Workflow Instanzen • Create, run, control, track execution

  39. Workflow Service – Design Flow 1 Design Workflows Visual Studio WF Designer 1 2 Deploy Workflows VS – one click deploy 3 Manage Workflow Types Your Apps & Services 2 4 Manage Workflow Instances 2 http:// 3 4 • Workflow Portal • WorkflowClient API • SOAP Web Service Workflow & Rules XAML ServiceBus

  40. Workflow Portal Demo

  41. SQL Data Service

  42. Unit ofgeo-location and billing Tied toDNS name Collectionof Containers Data Model And ACE Concepts Authority Container Entity • Unit of Consistency • Scope for Query and Update • Collectionof Entities • Unit of Storage • Property Bagof Name/Value pairs • No Schema Required

  43. Entity properties may differ in type and instance ConceptsEntity DifferentKinds DifferentInstanceTypes Additional Property

  44. Architecture SQL Data Services Front End REST / SOAP REST / SOAP REST / SOAP REST / SOAP REST / SOAP REST / SOAP REST / SOAP SDS Runtime SDS Runtime SDS Runtime SDS Runtime SDS Runtime SDS Runtime SDS Runtime Data Access Lib Data Access Lib Data Access Lib Data Access Lib Data Access Lib Data Access Lib Data Access Lib Master Cluster Data Cluster SQL Data Services Back End SQL Server SQL Server SQL Server SQL Server SQL Server SQL Server SQL Server Distributed Data Fabric Distributed Data Fabric Distributed Data Fabric Distributed Data Fabric Distributed Data Fabric Distributed Data Fabric Distributed Data Fabric Mgmt. Services Mgmt. Services Mgmt. Services Mgmt. Services Mgmt. Services Mgmt. Services Mgmt. Services

  45. Data And Master Nodes SDS - Back-end SDS - Reliable Master Cluster Manager Partition Manager Partition Placement Advisor SQL Server SQL Server Global Partition Map Leader Elector Database P1 Distributed Data Fabric P2 SDS – Data Nodes P3 Data Node 102 Data Node 103 Data Node 104 P4 P5 Data Node 101 Data Node 105 P6 S5 P3 P1 P2 S1 P5 S6 S5 S2 S2 P6 S6 P4 S4 S1 S3 P3 S4

  46. Zusammenfassung • Anwendungsintegration durch den .NET Service Bus • Zugriffskontrolle durch den .NET Access Control Service • Wiederverwenden von Anwendungslogik durch .NET Workflow Service • Melden Sie sich für den momentanen CTP an unter • http://www.azure.com

  47. Weiterführende Informationen • PDC Videos • BB01, BB02, BB12, BB23, BB28, BB38, BB55 • Blog Posts • Federatingwiththe ACShttp://www.leastprivilege.com/FederatingWithTheNETAccessControlService.aspx • Other resources • http://www.microsoft.com/azure/accesscontrol.mspx • http://msdn.microsoft.com/en-us/library/dd129876.aspx • http://dunnry.com/blog/UsingSDSWithAzureAccessControlService.aspx • Blogs • http://blogs.msdn.com/dparys • http://www.leastprivilege.com

More Related