.NET Framework Enterprise

Agenda WCF Overview WCF Solutions WF Overview WF Solutions Card Spaces Bringit it all together: Dinner Now Scenario

WCF Overview For pieces of software to communicate … Yesterday: Many confusing and complicated options RemotingCOMD/COMCOM+MSMQWSEASMX Now: One simple choice that is always the best option Windows Communication Foundation

How Does it work? Data Channel Layer Protocols, Encoders & Transports Messages Metadata Service Model Address, Binding, Contract & Behaviors

How do I use it? [ServiceContract] public interface IMyInterface { [OperationContract] MyOutputType MyMethod(MyInputType myData); } <service name=“MyService”> <endpoint address=“MyAddress” binding=“netTcpBinding” contract=“IMyInterface” /> [ServiceBehavior(InstanceContextMode=Single] public class MyService: IMyInterface { public MyOutputType MyMethod(MyInputType myData) { //my code … } Service Contract Definition Contract Implementation (Service Type) Endpoint Configuration

How Do I Deploy it? Two options: Web Host within IIS For HTTP services on XP SP2 & WS2K3 For any service on Vista & Windows Server “Longhorn” Proven reliability, scalability and security Requires a.svc file to identify the Service Type Self-Host within any.NET process Available for any service Console apps, windowed apps,.NET NT Services …

Addresses <service name=“MyService”> <endpoint address=“MyEndpointAddress” binding=“wsHttpBinding” bindingConfiguration=“MyReliableBinding” contract=“IMyInterface” /> BindingScheme BasicHttpBinding, WSHttpBindinghttp://... NetTcpBindingnet.tcp://… NetMsmqBindingnet.msmq://… NetNamedPipesBindingnet.pipe://…

Binding <endpoint name=“MyService” address=“MyAddress” binding=“netTcpBinding” contract=“IMyInterface” /> BindingPurpose BasicHttpBindingBasic Profile 1.1 interop & integration w/ASMX WsHttpBindingBasis for WS-* interop Supports WS-Security, WS-RM, WS-Tx NetTcpBinding.NET .NET across a network Secure, reliable, duplexed NetNamedPipesBinding.NET .NET across processes Secure, reliable, duplexed NetMSMQBinding.NET .NET via MSMQ NetPeerTcpBinding.NET Peer  Peer

Contract [ServiceContract] public interface IMyInterface { [OperationContract] MyOutputType MyMethod(MyInputType myData); } Serialization is done by DataContractSerializer by default Handles “built-in”.NET types automatically User-defined types require Data Contracts: Can opt for the older, slower XmlSerializer: [DataContract] public class MyDataContract {[DataMember] public string MyField; } [ServiceContract] [XmlSerializerFormat] public interface IMyInterface

Integration ClientServiceIntegration Strategy ASMXWCF ASMX RemotingWCF Remoting WSE 2WCF WSE 2 WCFWSE 3 WCF COM+Use COMSVCConfig.exe to wrap COM+ app w/WCF endpoint COMWCFService Monikers Configure WCF components to use BasicHttpBinding Upgrade Remoting & WSE 2 components to WCF For HTTP, use properly configured WSHttpBinding For TCP, custom TCP transport sample on NETFX 3.com

WCF Solutions

WF Overview Windows Workflow Foundation is the programming model, engine and tools for quickly building workflow enabled applications on Windows. Single workflow technology for Windows Available to all customers of Windows Available for use across a broad range of scenarios Redefining workflow Extensible framework & API to build workflow centric products One technology for human and system workflow Take workflow mainstream Bring declarative workflow to any.NET developer Fundamental part of the Office 2007 Strong workflow partner & solution ecosystem

What is WF A set of activities that coordinate people and / or software... EscalateToManager Example activities…. CheckInventory Like a flowchart…. …organized into some form of workflow. Or a state diagram….or based on rules.

Concepts and components Key Concepts Host Process Windows Workflow Foundation Runtime Engine A Workflow An Activity Runtime Services Base Activity Library Custom Activity Library Visual Designer Visual Designer: Graphical and code-based construction Workflows are a set of Activities Workflows run within a Host Process: any application or server Developers can build their own Custom Activity Libraries Components Base Activity Library: Out-of-box activities and base for custom activities Runtime Engine: Workflow execution and state management Runtime Services: Hosting flexibility and communication

What are activities An activity is a step in a workflow Has properties and events that are programmable within your workflow code Has methods (e.g. Execute) that are only invoked by the workflow runtime Think of Forms & Controls Activity == Controls Workflows == Forms Activities fall under two broad categories Basic – steps that “do work” Composite – manage a set of child activities

Extensibility OOB activities, workflow types, base types General-purpose Activity libraries define workflow constructs Create/Extend/ Compose activities App-specific building blocks First-class citizens Base Activity Library Custom Activity Libraries Author new activity Out-of-Box Activities Extend activity Compose activities Vertical-specific activities & workflows Best-practice IP & Knowledge Domain-Specific Workflow Packages Compliance RosettaNet CRM IT Mgmt

Identity Crisis The Internet is dangerous! –Identity theft, spoofing, phishing, phraud –Username + password is weak and overwhelmed Enterprises are in identity silo hell 22% Cut back 25% Stopped

Goals Safe and secure Internet for all –Safely, reliably identify sites to users… –…and users to sites Connected Systems –Internal and external

Passport? Identity provider for MSN –300M+ users, > 1 billion logons/day Identity provider for the Internet –Failure Why?

Digital Identity Subject Claims Security Token

Abstracting Identity Identity: set of claims in a security token Roles: –Subject –Identity Provider –Relying Party Protocol: 1.User is asked for identity 2.User chooses an identity provider 3.Identity provider gives user a security token 4.User passes the token to the requestor

Protocol Drill Down Identity Provider (IP) Relying Party (RP) Client Client wants to access a resource RP provides identity requirements 1 2 User 3 Which IPs can satisfy requirements? User selects an IP 4 5 Request security token 6 Return security token based on RP’s requirements 7 User approves release of token 8 Token released to RP

WS-Trust, WS-MetadataExchange WS-* Metasystem ArchitectureKerberosSAMLCustom X.509Subject Relying Party Identity Provider Relying Party Identity Provider Security Token Service WS-SecurityPolicy Security Token Service WS-SecurityPolicy Identity Selector

Windows Cardspaces Easily and safely manage your digital identities Authenticate with websites and web services Safer Built on WS-* Web Service Protocols No usernames and passwords Consistent login and registration Avoid phishes Multi-factor authentication Easier