Download presentation
Presentation is loading. Please wait.
1
Microsoft Web Services Technologies Today Benjamin Mitchell Independent Consultant Microsoft Regional Director/MVP benjaminm@benjaminm.net http://benjaminm.net
2
Overview Sending interoperable messages with ASP.NET Web Services General Issues Around Services Understanding advanced WS-* protocols Supporting advanced WS-* protocols with the Web Services Enhancements Managing Business Processes with BizTalk 2004
3
Sending interoperable messages with ASP.NET Web Services
4
ASMX Messaging Easiest way to send messages via SOAP Create an *.asmx file Write a class Decorate methods with [WebMethod] OneWay or RequestResponse
5
Secret Look at the Future [WebMethod(IsInteroperableFastSca lableAndReliable=true)] public bool DoSomething() {…}
6
ASMX 2.0 Improvements Interoperability WS-I Base Profile 1.1 Conformance SOAP 1.2 support Extensibility Custom serialization and streaming Custom proxy code generation
7
ASMX 2.0 Improvements Client Programming Model Easy to use async programming model Easy databinding Type sharing across Web services Performance Lowered startup latency Lowered bandwidth utilization through compression Hosting in any AppDomain with HttpListener on top of HTTP.SYS
8
Other Excel WSE Win2K Politiken Portal Typical Success Story: Danske Bank Danske Bank Web Services Stock quotes Bond quotes Currency trading Institutional Partners Web Service Politiken Readers ERP Mainframe XML Cache 15min Refresh Routing Based on User Real Time
9
Problems with ASMX Simple programming model is not explicit about boundaries Can be too RPC like Limited to HTTP Difficult extension mechanism Does not support the more advanced WS-* specifications
10
General Issues Around Services
11
Message Design: Contract First Schema First [right on the wire] Code First [easy to program]
12
Does Schema lead to better versioning? <any processContents="lax" minOccurs="0" maxOccurs="unbounded" />
13
Is Base Profile Conformance Enough? Do we need a Base Profile for Schema? WSDL 1.1 SOAP 1.1 XSD 1.0 XML 1.0 HTTP(S) UDDI 2.0
14
What’s the Profile Recipe: Staple, Redline, Glue “Staple” Pull relevant specs into scope “Redline” Add constraints on use of those specs “Glue” Define missing bits between specs Some will migrate back into specs SOAP 1.2WS- Addressing WS- Metadata Exchange WSDL 1.1WS- Discovery WS- Eventing ThisModel Metadata ThisDevice Metadata Action Filter Conformance Claim Policy Assertions Policy Assertions
15
Interoperability Recommendations General Recommendations Use XSD first to define messages Keep to the 9 primitive types outlined by XSD xsd:byte, xsd:boolean, xsd:dateTime, xsd:double, xsd:float, xsd:int, xsd:long, xsd:string, xsd:short Watch those arrays! Watch those NULL values! Watch those xsd:dateTimes!
16
Are web services fast enough?
17
Empty Method Call
18
Larger payload, simple op
19
Small payload, busy op
20
Proving that the protocols can work: Web Services Enhancements
21
WS-* Architecture Assurances Messaging SOAP WS-Security MTOMWS-Addressing Metadata WS-Policy WSDL UDDI WS-Metadata Exchange XML Schema WS-Reliable Messaging WS-Coordination WS-Atomic Transaction WS-Business Activity WS-Trust WS-Secure Conversation Profiles and Infrastructure WS-ManagementWS-Federation Devices Profile Foundation SOAP / HTTPMIME XML Infoset XML 1.0 XML Namespaces
22
WS-* Specification Process Specification Published Feedback & Interop Workshops Revise / republish spec Standards Org Profiles Step 2 Broader Participation Step 1 Develop Process reconciles conflicting goals Quality of engineering Time to market Breadth of industry support Step 3 Standardization Step 4 Profiling Industry Participation
23
Status Assurances Messaging SOAP WS-Security MTOMWS-Addressing Metadata WS-Policy WSDL UDDI WS-Metadata Exchange XML Schema WS-Reliable Messaging WS-Coordination WS-Atomic Transaction WS-Business Activity WS-Trust WS-Secure Conversation Infrastructure and Profiles WS-ManagementWS-Federation Devices Profile Foundation SOAP / HTTPMIME XML Infoset XML 1.0 XML Namespaces Step 3-4Step 2Step 1-2
24
Windows Server 2003 “R2” Wave Longhorn Wave VS 2005 + WSE 3.0 SOAP 1.1, 1.2 / WSDL 1.1 MTOM WS-Addressing 2004/08 (or REC) WS-Security 1.0 (U/P, X509, Kerberos) WS-Secure Conversation WS-Trust WS-Policy Limited wire interop with WSE2.0 AD Federation Services in R2 Cross-organizational Identity Federation Web SSO SQL Server 2005 SOAP 1.1, 1.2 / WSDL 1.1 WS-Security 1.0 Management WS-Management Delivering WS-* - Microsoft VS2003 + Web Services Enhancements (WSE) 2.0 Enhancements (WSE) 2.0 SOAP 1.1 / WSDL 1.1 WS-Addressing 2004/03 WS-Security 1.0 (U/P, X509, Kerberos) WS-Secure Conversation 2004/04 WS-Trust 2004/04 WS-Policy Indigo Wire-level interop with WSE3.0 plus MTOM SAML Token Profile 1.0 Security Policy WS-Federation Active Client Enables easy to build STS WS-RM 2005/02, Policy WS-AT/WS-C 2005/02, Policy WS-Policy/PolicyAttachment WS-MEX Easy to use Digital Identity Active Directory: Federation WSD API: Device Profile
25
WS-Policy Delivering WS-* - Other vendors Messaging WSDL Security RM, TX Devices Mgmt Metadata WS-XFer / Enum Devices Profile WS-Addressing WS-Federation WS-SecureConv WS-Security WS-Trust WS-RM WS-AT MEX WS-Discovery WS-ManagementReleased Under Development Co-Author Only A SOAP / WSDLMicrosoftIBM BEAA SAP TibcoA Cape Clear Systinet Blue Titan Rogue Wave IONA Arjuna Choreology Apache MicrosoftIBM BEAA SUN Oracle SAP Tibco IONA Verisign RSAA WebMethods Systinet Oblix Apache CAAA HPA HitachiA NetegrityAAA OpenNetworkAAA Ping ID AA Nokia MicrosoftIBM BEA SUN Oracle Google eBay SAP Tibco IONA Verisign RSA WebMethods Systinet Oblix Arjuna Apache Cape Clear Intel Canon MicrosoftIntel Sun Dell AMDA CAA SonicA SystinetA WEBM NetIQ MicrosoftIntel Canon BEAA WebMethodsA Ricoh Epson HP Xerox Fuji-Xerox Brother Systinet LexmarkA MicrosoftIBM BEAA SAPA SunA VerisignA SonicA CAA WebMethodsA
26
WSE supports emerging standards Implementation of additional WS-* protocols Security, Policy and Addressing Support for multiple protocols Improved support for explicit messaging Separate pipeline that can be hooked into ASP.NET or hosted Ability to create SOAP Intermediaries
27
User Code How does WSE work? SoapContext TraceSecurity Referral Policy Custom Security Token Manager Custom Filters
28
Secure Communication Protocol-level security Encrypts the entire message Sender must trust all intermediaries Restricts protocols that can be used SSL Security
29
Secure Communication Message-level security End to end message security independent of transport Supports multiple protocols and multiple encryption technologies Encrypt only parts of the message Sender need only trust endpoint
30
WSE Security Secure the message rather than the wire Secure various parts of the message Mechanism for carrying security tokens Independent kind of security token Support for Kerberos, X509 Certificate and Username/Password Future support for SAML and other identity tokens
31
WSE Policy Driven Architecture Beyond WSDL, what else is needed to describe a Web service? These other attributes of a service can be described with WS-Policy XML-based language Complex:,, etc… WSE provides a Policy Framework with send-side and receive-side policy support
32
WSE Messaging Support for one-way messaging or client/server model Full support over dispatch and handling of the messages Low-level queue for receiver processing.
33
WSE 2.0 Messaging WSE 2.0 includes a SOAP-based messaging API Transport independence Intra-AppDomain For testing Raw TCP HTTP Host Independence Windows application ASP.NET Windows Service
34
WSE 3.0 Feature Highlights.NET Framework Integration Extend ASMX programming model on all transports 64 bit support Visual Studio 2005 IDE integration Performance Improvements Interoperability and Conformance Policy assertions for standard security scenarios Wire level interoperability with Indigo and 3 rd party stacks MTOM – Message Transmission Optimization Mechanism WS-* updates SOAP 1.2 Tools Security settings tool for standard security scenarios Configuration file migration from WSE 2.0 to WSE 3.0
35
WS-Security: Interop with Released Products WSE2.0 SP2 Client/ServerScenario WebSphere 6.0 Weblogic 8.1.4Systinet Sun JWSDP 1.4 ClientUsernameTokenGreen ServiceUsernameTokenGreen(1) ClientX509 SignGreen(2)Green ServiceX509 SignGreen(2)Green ClientX509 Sign-EncryptRed(3)Green ServiceX509 Sign-EncryptRed(3)Yellow(4)Green (1)Requires a configuration change at WSE service (2)Requires a configuration change at WebSphere service or client (3)WebSphere 6.0 followed OASIS Oct X509 token profile errata for the value of wsse:KeyIdentifier\@ValueType, which differs from OASIS standard. (4)WebLogic 8.1.4 uses wrong encryption type on the Body element. Fix is available from BEA support services.
36
Can I use WSE today? Support policy is the same as.NET 1.1 New versions likely to break previous Side-by-side support so far
37
Issues with WSE Complex to setup and use Requires developers to muck with the plumbing Small but breaking changes even with point releases HTTP is still the only protocol for interoperability Unsupported demos over TCP with Apache Axis
38
WSE 3.0 - The Road to Indigo WSE supports service orientated Architectures Explicit boundaries Autonomy Define contracts with schema Describe requirements with policy WSE 3.0 is the road to Indigo Support for standard interoperable security scenarios Wire level interoperable with Indigo Beta 1 WSE 3.0 runs side-by-side with Indigo Upgrade guidance will be provided from WSE 3.0 to Indigo
39
Business Service Business Service Process Logic Application A Business Service Business Service Application B Business Service Business Service Application C Exploiting SOA: Composite Applications Composite applications can be created using process logic to invoke business services Composite Application
40
Implementing Process Logic: Orchestrations The most commonly used term for process logic today is orchestration Orchestrations can benefit from a platform expressly designed to support them An application server isn’t enough The goal: Business Process Management (BPM) Supported by a BPM server
41
Orchestration Runtime Services Supporting Orchestrations: BPM Servers Operating System Communication Services Business Rules Services Workflow Services Other Services Process Monitoring Services Application Server Orchestrations Development Tools Management Tools
42
Microsoft’s BPM Server: BizTalk Server 2004 Windows Business Rules Engine Human Workflow Services More Business Activity Monitoring (BAM) Orchestrations.NET Framework BizTalk Server 2004 Engine Visual Studio.NET Orchestration Designer Health and Activity Tracking (HAT)
43
.NET Web Services Platforms ASMX is the current Web service platform Supports basic profile for simple services Doesn’t implement WS-* specifications WSE is a platform extension Can be used to extend ASMX behavior Can be used standalone without ASMX Provides support for several WS-* specs Indigo is the next-generation Web service platform Provide a unified programming model along with comprehensive support for WS-* specs BizTalk is a Business Processes Management server
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.