Presentation is loading. Please wait.

Presentation is loading. Please wait.

Windows Azure AppFabric

Published byRosanna Boyd Modified over 6 years ago

Similar presentations

Presentation on theme: "Windows Azure AppFabric"— Presentation transcript:

1 Windows Azure AppFabric
In this module- What is the AppFabric? The Access Control Service Using the Service Bus Leveraging Distributed Cache

2 This is not the AppFabric you are looking for.
Windows Server AppFabric != Windows Azure Platform AppFabric

3 Motivating Challenges
How do you integrate with components outside your corporate network? How do you expose your software to users outside of your organization? Can they use their existing identities? Social identities? What about smaller, non-enterprise customers? How do you reduce latency and increase performance? <the list goes on…> Access Control Service Bus Caching*

4 Identity in the Cloud is Hard
Outside of identity domains Too many islands of identity Current technology hard or not interoperable Managing 3rd party accounts in your system is risky

5 Three geeks walk into a bar…
Three geeks walk into a bar in California. The bouncer asks for ID. You whip our your drivers license from the state of Ohio. They inspect it, flash a purple light thing at it, verify your age, and let you in. They didn’t force you to register with them to get a bar credential. You would end up with a ton of credentials you were forced to use (like those grocery store customer loyalty cards). The bar trusts the credentials from a trusted provider (and has ways to validate those credentials are valid (the light, and known emebedded security features)).

6 What is Access Control? Used to authenticate and authorize users
Integration Single Sign On and centralized authorization into your web applications Standards-based identity providers Enterprise directories (e.g. Active Directory Federation Server v2.0) Web identities (e.g. Windows Live ID, Google, Yahoo!, and Facebook) V1 available in production; V2 available in AppFabric LABS

7 Access Control Website Sequence
Browser Identity Provider Access Control Application 1. Request Resource 2. Redirect to Identity Provider 4. Authenticate & Issue Token 3. Login 5. Redirect to AC service 7. Validate Token, Run Rules Engine, Issue Token 6. Send Token to ACS 8. Redirect to RP with ACS Token 10. Validate Token 9. Send ACS Token to Relying Party 11. Return resource representation

8 Access Control Features
Integrates with Windows Identity Foundation and tooling Claims-based access control Support for OAuth WRAP, WS-Trust, and WS-Federation protocols Support for the SAML 1.1, SAML 2.0, and Simple Web Token token formats Integrated and customizable Home Realm Discovery OData-based Management Service to ACS configuration

9 OAuth Open, interoperable standard
Microsoft worked with Google and Yahoo! to define Read spec at No XML REST oriented

10 SWT An OAuth service authenticates the user Produces a SWT token
Rides in Authorization header, or query string or body CustomerId%3d31415%26Issuer%3dhttps%253a%252f%252fstringreversalinc.accesscontrol.windows.net%252f%26Audience%3dhttp%253a%252f%252flocalhost%252fprocessstring%26ExpiresOn%3d %26HMACSHA256%3dI5g66yaiECux9IQ8y7Ffm2S1p%252bAXF73HWfzSNPyPLOE%253d

11 Service Bus Provides secure messaging and connectivity across different network topologies Enables hybrid applications that span on-premises and the cloud Enables various communication protocols and patterns for developers to engage in reliable messaging

12 Enabling hybrid applications
Datacenter Partner LOB app Mobile Device LOB web service

13 Enabling hybrid applications
Datacenter Partner ACS LOB app SB Mobile Device LOB web service

14 Enabling hybrid applications
Datacenter Partner ACS LOB app SB Mobile Device LOB web service

15 Enabling hybrid applications
Datacenter Partner ACS LOB app SB Mobile Device LOB web service

16 Enabling hybrid applications
Datacenter Partner ACS LOB app SB Mobile Device LOB web service

17 Relays in the Cloud Service Bus Sender Receiver 2 3 1 4 NLB
sb://stringreversalinc.servicebus.windows.net/processtring Backend Naming Routing Fabric Oneway Rendezvous Ctrl Msg Ctrl Frontend Nodes NLB 2 Ctrl Socket-Socket Forwarder 3 TCP/SSL 818 outbound socket connect outbound socket rendezvous 1 Sender Receiver 4

18 NetTcpRelayBinding / Hybrid
Service Bus sb://stringreversalinc.servicebus.windows.net/processtring Backend Naming Routing Fabric Oneway Rendezvous Ctrl Msg Frontend Nodes relayed connect relayed rendezvous NAT Probing NAT Probing TCP/SSL 818, 819 Ctrl upgrade upgrade Sender Receiver NAT Traversal Connection

19 Have a Service Listen on the SB
Listen on SB address Enable ACS Auth behavior Use a ‘relay’ binding

20 Connect to a Service as a Client
Again, just use a SB address and binding Use a behavior to handle ACS authorization

21 Using the Pub/Sub Model
C:\WAPTK\Demos\ServiceBusPubSubVS2010 demo

22 Service Bus Futures* Management Operations Load Balancing
Manage Connection Points Load Balancing Durable Message Buffers

23 What is the Caching service?
A distributed, in-memory cache for applications running in Windows Azure Simple administration; end-user doesn’t bother with configuration, deployment, or management Provides a scalable solution with low latency and high throughput Based on Windows Server AppFabric Caching Currently available in AppFabric LABS Portal as a CTP

24 Latency Pyramid Memory Network Disk
Windows Azure AppFabric Caching (local cache) Lowest latency Network Windows Azure AppFabric Caching (distributed cache) Lower latency Disk Highest latency Storage

25 Caching Features ASP.NET providers for session state and page output caching Cache any managed object No object size limits No serialization costs for local caching Easily integrates into existing applications Secured by Access Control

26 Roadmap 9/16 PDC10 H1 2011 CTP Access Control enhancements
General Availability Access Control CTP Caching General Availability Caching CTP Service Bus enhancements Release Service Bus enhancements CTP Composite App

27 Q & A ponderances?

Download ppt "Windows Azure AppFabric"

Similar presentations

Securing, Connecting, and Scaling in Windows Azure Name Title Microsoft Corporation.

Securing, Connecting, and Scaling in Windows Azure Name Title Microsoft Corporation.
Connecting Windows Azure to Your Enterprise Network & Applications

Connecting Windows Azure to Your Enterprise Network & Applications
Agenda AD to Windows Azure AD Sync Options Federation Architecture

Agenda AD to Windows Azure AD Sync Options Federation Architecture
steve plank “planky” microsoft Lest we forget windows azure appfab

steve plank “planky” microsoft Lest we forget windows azure appfab
Windows Azure AppFabric Caching Service Bus Access Control Integration Composite App (WF, WCF)

Windows Azure AppFabric Caching Service Bus Access Control Integration Composite App (WF, WCF)
Implementing and Administering AD FS

Implementing and Administering AD FS
Don’t Let Anybody Slip into Your Network! Using the Login People Multi-Factor Authentication Server Means No Tokens, No OTP, No SMS, No Certificates MICROSOFT.

Don’t Let Anybody Slip into Your Network! Using the Login People Multi-Factor Authentication Server Means No Tokens, No OTP, No SMS, No Certificates MICROSOFT.
PHP on Windows Improvements in PHP-Microsoft Interoperability PHP World Kongress Munich, Germany November 9, 2010.

PHP on Windows Improvements in PHP-Microsoft Interoperability PHP World Kongress Munich, Germany November 9, 2010.
Wade Wegner Windows Azure Technical Evangelist Microsoft Corporation Windows Azure AppFabric Caching.

Wade Wegner Windows Azure Technical Evangelist Microsoft Corporation Windows Azure AppFabric Caching.
 Clemens Vasters Service Bus Technical Lead Microsoft Corporation BB38.

 Clemens Vasters Service Bus Technical Lead Microsoft Corporation BB38.
Cloud app Cloud app Cloud app Separate username/password sign-in Manual or semi-automated provisioning Active Directory App Separate username/password.

Cloud app Cloud app Cloud app Separate username/password sign-in Manual or semi-automated provisioning Active Directory App Separate username/password.
Active Directory Integration with Microsoft Office 365 Ross Adams & Jono Luk Program Managers Microsoft Corporation OSP321.

Active Directory Integration with Microsoft Office 365 Ross Adams & Jono Luk Program Managers Microsoft Corporation OSP321.
SIM205. (On-Premises) Storage Servers Networking O/S Middleware Virtualization Data Applications Runtime You manage Infrastructure (as a Service)

SIM205. (On-Premises) Storage Servers Networking O/S Middleware Virtualization Data Applications Runtime You manage Infrastructure (as a Service)
MID201 Web Server Database Web Server Web Server Auction Web App Auction Service Items and Bids Items and Bids Cache Session State Checkout Service.

MID201 Web Server Database Web Server Web Server Auction Web App Auction Service Items and Bids Items and Bids Cache Session State Checkout Service.
Matt Steele Senior Program Manager Microsoft Corporation SESSION CODE: SIA326.

Matt Steele Senior Program Manager Microsoft Corporation SESSION CODE: SIA326.
Scenario covered in this presentation Separate credential from on- premises credential Authentication occurs via cloud directory service Does not.

Scenario covered in this presentation Separate credential from on- premises credential Authentication occurs via cloud directory service Does not.
OAuth-as-a-service using ASP.NET Web API and Windows Azure Access Control Maarten

OAuth-as-a-service using ASP.NET Web API and Windows Azure Access Control Maarten
Datacenter LOB web service LOB app Partner Mobile Device.

Datacenter LOB web service LOB app Partner Mobile Device.
First Look Clinic: What’s New for IT Professionals in Microsoft® SharePoint® Server 2013 Sayed Ali (MCTS, MCITP, MCT, MCSA, MCSE )

First Look Clinic: What’s New for IT Professionals in Microsoft® SharePoint® Server 2013 Sayed Ali (MCTS, MCITP, MCT, MCSA, MCSE )
OUC204. Recently Announced… Identity Integration Options 2 3 Identity Management Overview 1.

OUC204. Recently Announced… Identity Integration Options 2 3 Identity Management Overview 1.

Similar presentations

Ads by Google