Docstoc

Connected Application Foundations cardspace

Document Sample
Connected Application Foundations cardspace Powered By Docstoc
					Name
Title
Microsoft Corporation
http://blog.address
Modeling processes via WF
Exposing and consuming services via WCF
A new identity via CardSpace
The workflow framework and tools for
       Microsoft products and
    partner/customer ecosystem

Single workflow technology for Microsoft®
Windows®
A framework for building workflow, not an
application or server
Make declarative workflow a mainstream
development paradigm
 Real-World Examples         Workflow Value-Add

“Orders are confirmed in   Long Running and Stateful
48 hours and shipped       Workflows run for up to 30
within 30 days.”           days and maintain state
                           throughout
“Most suppliers
                           Flexible Control Flow
confirm our orders but
                           Flexibility for people to
some forget and we
                           override or skip steps in
need to follow up.”
                           the workflow

“What are the next steps   Transparency
in handling this order?”   Rendering a visualization of
                           next steps based on
                           defined control flow
                                                 Visual Designer

Key Concepts
                                                 A Workflow
  Workflows are a set of Activities
  Workflows run within a Host Process:
  any application or server                      An Activity
  Developers can build their own Custom
  Activity Libraries                             Custom Activity Library
                                                 Windows
Components
                                                 Workflow Foundation
  Base Activity Library: Out-of-box activities
  and base for custom activities                 Base Activity Library
  Runtime Engine: Workflow execution and
  state management                               Runtime Engine
  Runtime Services: Hosting flexibility and
                                                 Runtime Services
  communication
  Visual Designer: Graphical and code-                Host Process
  based construction
Base Activity               Custom Activity           Domain-Specific
Library                     Libraries                 Workflow Packages




                                                      Compliance
                                                                          CRM
                             Compose       Extend
                             activities    activity
     Out-of-Box
   (OOB) Activities               Author new          RosettaNet
                                  activity                              IT Mgmt
 OOB activities, workflow
 types,                      Create/Extend/            Vertical-specific activities
base types                   Compose activities        and workflows
 General-purpose             App-specific building     Best-practice intellectual
 Activity libraries          blocks                    property (IP) and
define workflow              First-class citizens      knowledge
constructs
                        Host App Domain
                        Runtime

                                              Out of Box Services are
                                              provided that support SQL
                        Services              Server 2000 & 2005

PersistenceService
stores and retrieves     PersistenceService
instance state.                                     SQL
TrackingService          TrackingService
manages profiles and
                         SchedulerService
stores tracked
information.
                         TransactionService

Common resource
services for managing
threading, timers and
creating transactions
Advantages
  Service implemented as Workflow
     Leverage Workflow development experience
     Enforces application protocol by default
     Allows long-running, durable Services
  Workflow hosted as Service
     ServiceContract provides typed interface for integrating
     with the Workflow
     Messages enforce by-value, serializable data
     Workflows can be message-activated
Architecture
Service.cs
Workflow.cs or
Workflow.xoml
                               Service Runtime          Service Instance
                                                        Workflow Instance

                                    OperationInvoker
                            WorkflowOperationInvoker          Operation 1
                                                            ReceiveActivity 1
App.config
                                    OperationSelector         Operation 2
                                                            ReceiveActivity 2
       Workflow
      ServiceHost
      ServiceHost                    InstanceProvider
                            DurableInstanceProvider
                                                        Workflow Runtime
                                   MessageInspector
                            MessageContextInspector


 ServiceDescription
                               ContextChannel
         ServiceBehavior
WorkflowServiceBehavior
                                                        WF Persistence DB
                               ListenerChannel
        OperationBehavior
WorkflowOperationBehavior
Name
Title
Group
Modeling processes via WF
Exposing and consuming services via WCF
A new identity via CardSpace
MOBILE EMPLOYEES   CUSTOMERS   CUSTOMERS   MOBILE EMPLOYEES
Our next-generation platform for distributed systems
A set of extensions to the Microsoft.NET Framework 2.0
Build WCF services in Visual Studio 2008 using any .NET Language
    Intelligent code editing, IDE Extensions for WCF, debugging, re-factoring,
    code snippets, etc.
    Visual Basic .NET, Visual C#, etc.
Runs on
    Microsoft Windows Vista
    Microsoft Windows XP
    Microsoft Windows Server 2003
Part of .NET 3.0 and .NET 3.5
                   Unifies today’s distributed technologies
  Unification      Lets you develop/deploy/manage one model
                   Visual Studio 2008 integration



                   Broad support for Web services
Interoperability   (WS-*) specifications and REST
                   Single stop shop for building services



                   Enables development of
Service-Oriented   loosely-coupled services
 Development
                   Config-based communication
  ASMX & WSE                           .NET Remoting


      Interop                           Extensibility
    with other                            Location
Platforms & WS-*                       transparency


       Attribute-                   Message-
        Based                        Oriented
     Programming    REST / HTTP    Programming
                    Programming
       Enterprise                 System.Messaging
        Services
                       HTTP
                      Services
Client                      Service

                        Endpoint

   Endpoint   Message   Endpoint
Client                                             Service
                                         A     B   C

         C   B    A        Message       A     B   C




             Address       Binding   Contract
                 (Where)    (How)     (What)
Using Visual Studio .NET 2003


 class HelloService {

     [WebMethod]                                                   20,379 lines
     public String Hello(String Greeting) {                           security
         X509CertificateCollection collection = new
         X509CertificateCollection();
         IntPtr blob = Marshal.AllocHGlobal(Marshal.SizeOf(         5,988 lines
            typeof(CRYPTOAPI_BLOB)));                            reliable messaging
         IntPtr data = (IntPtr)((int)blob +
           Marshal.SizeOf(typeof(CRYPTOAPI_BLOB)));
         …
                                                                   25,507 lines
         SeqAckRange range = new SeqAcknRange(id, low, high );      transactions
         SeqAckRange[] ranges = { range };
         ReliableQueue.ProcessAcks( ranges );
         …
                                                                    4,442 lines
         BeginTransaction (NULL,                                    infrastructure
           ISOLATIONLEVEL_SERIALIZABLE, 0, pITxOptions,
           &pITransaction);
         …

         return Greeting;                                        Total lines 56,296
     }
 }
Using Visual Studio .NET 2003 and WSE


   class HelloService {

       [WebMethod]
       public String Hello(String Greeting) {
                                                                     10 lines
           foreach ( SecurityToken tok in
             requestContext.Security.Tokens                           security
           {
             X509SecurityToken token = tok as X509SecToken
           }                                                        1,804 lines
                                                                 reliable messaging
           …
           SeqAckRange range = new SeqAcknRange(id,low,high );
           SeqAckRange[] ranges = { range };
           ReliableQueue.ProcessAcks( ranges );
                                                                   25,507 lines
           …                                                        transactions
           BeginTransaction (NULL,
             ISOLATIONLEVEL_SERIALIZABLE, 0, pITxOptions,
             &pITransaction);                                    Total lines 27,321
           …

           return Greeting;
       }
   }
          Using Visual Studio 2005 and WCF

[ServiceContract]
class HelloService
{
  [OperationContract]
  [PrincipalPermission(SecurityAction.Demand,             1 code + 2 config (elem.)
    Role = “Adminstrators")]                                       security
  [TransactionFlow(TransactionFlowOption.Mandatory)]
  [OperationBehavior(TransactionScopeRequired = true,
    TransactionAutoComplete = true)]                       0 code + 1 config (elem.)
  String Hello(String Greeting) {return Greeting;}             reliable messaging
}

<bindings>                                                 2 code + 1 config (attr.)
  <wsHttpBinding>
    <binding name="Binding1“ transactionFlow="true">
                                                                 transactions
      <security mode="Message">
        <message clientCredentialType="Windows“/>
      </security>
                                                                 Total lines:
      <reliableSession enabled="true" />                3 code (what) + 4 config (how)
    </binding>
  </wsHttpBinding>
</bindings>
Name
Title
Group
Modeling processes via WF
Exposing and consuming services via WCF
A new identity via CardSpace
The Internet is dangerous!
   Identity theft, spoofing, phishing, phraud
   Username + password is weak and
   overwhelmed
Enterprises are in identity silo hell

                          25% Stopped
                          22% Cut back
   www.antiphishing.org
Identity provider for MSN
   300M+ users, > 1 billion logons/day
Identity provider for the Internet
   Failure
Why?
Subject
Claims
Security Token
              User          7       User approves release of token



                                4 User selects an IP            Client
                                                                                      1   Client wants to access a resource




Request security token 5                               3   Which IPs can satisfy requirements?


                                                                                      2   RP provides identity requirements


                                6
                           Return security token based
                           on RP’s requirements
                                                                                   8 Token released to RP




Identity Provider
       (IP)                                                                                             Relying Party
                                                                                                            (RP)
Identity       Relying                Identity       Relying
Provider        Party                 Provider        Party


Kerberos        SAML                   X.509         Custom




Security                              Security
 Token     WS-SecurityPolicy           Token     WS-SecurityPolicy
Service                               Service



               WS-Trust, WS-MetadataExchange


                           Identity
                           Selector



                           Subject
 Easily and safely manage your digital
 identities
 Authenticate with websites and web
 services
    Easier                                                 Safer
No usernames                                             Avoid phishes
and passwords                                            Multi-factor
Consistent login                                         authentication
and registration



                   Built on WS-* Web Service Protocols
Name
Title
Group
© 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market
     conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation.
                                 MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.