.NET Framework 3.0 - Enterprise

Agenda

• WCF Overview• WCF Solutions• WF Overview• WF Solutions• Card Spaces• Bringit it all together: Dinner Now

Scenario

WCF Overview

For pieces of software to communicate …

Yesterday:

Many confusing and complicated options

Remoting COMD/COM

COM+MSMQWSE

ASMX

Now:

One simple choice that is always the best option

Windows Communication Foundation

How Does it work?

Data

Channel LayerProtocols, Encoders & Transports

Messages

MetadataService ModelAddress, Binding, Contract & Behaviors

How do I use it?[ServiceContract]public interface IMyInterface{ [OperationContract] MyOutputType MyMethod(MyInputType myData);}

<service name=“MyService”> <endpoint address=“MyAddress” binding=“netTcpBinding” contract=“IMyInterface” /><service/>

[ServiceBehavior(InstanceContextMode=Single]public class MyService: IMyInterface{ public MyOutputType MyMethod(MyInputType myData) { //my code … }}

Service Contract Definition

Contract Implementation(Service Type)

Endpoint Configuration

How Do I Deploy it?Two options:

Web Host within IIS

• For HTTP services on XP SP2 & WS2K3• For any service on Vista & Windows Server “Longhorn” • Proven reliability, scalability and security• Requires a .svc file to identify the Service Type

Self-Host within any .NET process

• Available for any service• Console apps, windowed apps, .NET NT Services …

Addresses<services> <service <host> <baseAddresses> <add baseAddress="http://localhost:8000/MyBaseAddress"/> </baseAddresses> </host> name=“MyService”> <endpoint address=“MyEndpointAddress” binding=“wsHttpBinding” bindingConfiguration=“MyReliableBinding” contract=“IMyInterface” /> <service/></services>

Binding SchemeBasicHttpBinding, WSHttpBinding

http://...

NetTcpBinding net.tcp://…NetMsmqBinding net.msmq://…NetNamedPipesBinding net.pipe://…

Binding<endpoint name=“MyService” address=“MyAddress” binding=“netTcpBinding” contract=“IMyInterface” />

Binding PurposeBasicHttpBinding Basic Profile 1.1 interop & integration

w/ASMXWsHttpBinding Basis for WS-* interop

Supports WS-Security, WS-RM, WS-TxNetTcpBinding .NET .NET across a network

Secure, reliable, duplexedNetNamedPipesBinding

.NET .NET across processesSecure, reliable, duplexed

NetMSMQBinding .NET .NET via MSMQNetPeerTcpBinding .NET Peer Peer

Contract[ServiceContract]public interface IMyInterface{ [OperationContract] MyOutputType MyMethod(MyInputType myData);}

• Serialization is done by DataContractSerializer by default• Handles “built-in” .NET types automatically• User-defined types require Data Contracts:

• Can opt for the older, slower XmlSerializer:

[DataContract]public class MyDataContract{ [DataMember]

public string MyField; }

[ServiceContract][XmlSerializerFormat]public interface IMyInterface

Integration

Client Service Integration StrategyASMX WCF WCF ASMXRemoting

WCF

WCF Remoting

WSE 2 WCFWCF WSE 2WCF WSE 3

WSE 3 WCF

WCF COM+ Use COMSVCConfig.exe to wrap COM+ app w/WCF endpoint

COM WCF Service Monikers

Configure WCF components to use BasicHttpBinding

Upgrade Remoting & WSE 2 components to WCF

For HTTP, use properly configured WSHttpBinding

For TCP, custom TCP transport sample on NETFX 3.com

WCF Solutions

WF Overview

Windows Workflow Foundation is the programming model, engine and tools for quickly building workflow

enabled applications on Windows.

Single workflow technology for WindowsAvailable to all customers of WindowsAvailable for use across a broad range of scenarios

Redefining workflowExtensible framework & API to build workflow centric productsOne technology for human and system workflow

Take workflow mainstreamBring declarative workflow to any .NET developerFundamental part of the Office 2007Strong workflow partner & solution ecosystem

What is WFA set of activities that coordinate

peopleand / or software...

EscalateToManagerExample activities…. CheckInventory

Like a flowchart….

…organized into some form of workflow.

Or a state diagram…. or based on rules.

Concepts and componentsKey Concepts

Host Process

WindowsWorkflow Foundation

Runtime Engine

A Workflow

An Activity

Runtime Services

Base Activity Library

Custom Activity Library

Visual Designer

Visual Designer: Graphical and code-based construction

Workflows are a set of Activities

Workflows run within a Host Process: any application or serverDevelopers can build their own Custom Activity Libraries

ComponentsBase Activity Library: Out-of-box activities and base for custom activitiesRuntime Engine: Workflow execution and state managementRuntime Services: Hosting flexibility and communication

What are activities

An activity is a step in a workflowHas properties and events that are programmable within your workflow codeHas methods (e.g. Execute) that are only invoked by the workflow runtime

Think of Forms & ControlsActivity == ControlsWorkflows == Forms

Activities fall under two broad categoriesBasic – steps that “do work”Composite – manage a set of child activities

Extensibility

OOB activities,workflow types,base typesGeneral-purposeActivity libraries define workflow constructs

Create/Extend/Compose activitiesApp-specificbuilding blocksFirst-class citizens

Base ActivityLibrary

Custom ActivityLibraries

Author new activity

Out-of-Box Activities

Extend activity

Compose activities

Vertical-specificactivities & workflowsBest-practice IP &Knowledge

Domain-SpecificWorkflow Packages

Compliance

RosettaNet

CRM

IT Mgmt

Identity Crisis• The Internet is dangerous!

– Identity theft, spoofing, phishing, phraud– Username + password is weak and overwhelmed

• Enterprises are in identity silo hell

www.antiphishing.org

22% Cut back25% Stopped

Goals

• Safe and secure Internet for all– Safely, reliably identify

sites to users…– …and users to sites

• Connected Systems– Internal and external

Passport?

• Identity provider for MSN– 300M+ users, > 1 billion logons/day

• Identity provider for the Internet– Failure

• Why?

Digital Identity

• Subject• Claims• Security Token

Abstracting Identity

• Identity: set of claims in a security token

• Roles:– Subject – Identity Provider– Relying Party

• Protocol:1. User is asked for identity2. User chooses an identity

provider3. Identity provider gives user a

security token4. User passes the token to the

requestor

Protocol Drill Down

Identity Provider(IP)

Relying Party(RP)

ClientClient wants to access a resource

RP provides identity requirements

1

2

User

3 Which IPs can satisfy requirements?

User selects an IP4

5Request security token

6

Return security token based on RP’s requirements

7 User approves release of token

8 Token released to RP

WS-Trust, WS-Trust, WS-MetadataExchangeWS-MetadataExchange

WS-* Metasystem Architecture

KerberosKerberos SAMLSAML CustomCustomX.509X.509

SubjectSubject

RelyingParty

IdentityProvider

RelyingParty

IdentityProvider

Security Token Service WS-SecurityPolicy

Security Token Service

WS-SecurityPolicy

Identity Selector

Windows Cardspaces

• Easily and safely manage your digital identities• Authenticate with websites and web services

Safer

Built on WS-* Web Service Protocols

No usernames and passwordsConsistent login and registration

Avoid phishesMulti-factor authentication

Easier