Presentation is loading. Please wait.

Presentation is loading. Please wait.

Developing Web Services Using ASP.NET and WSE That Interoperate with the Windows Communications Foundation ("Indigo") Mark Fussell COM432 Lead Program.

Published byMariah Henry Modified over 9 years ago

Similar presentations

Presentation on theme: "Developing Web Services Using ASP.NET and WSE That Interoperate with the Windows Communications Foundation ("Indigo") Mark Fussell COM432 Lead Program."— Presentation transcript:

1 Developing Web Services Using ASP.NET and WSE That Interoperate with the Windows Communications Foundation ("Indigo") Mark Fussell COM432 Lead Program Manager Microsoft Corporation

2 2 Agenda Interoperability between.NET Web services Build an ASP.NET Web service that is Basic Profile 1.1 (BP) Compliant Secure an ASP.NET Web service with WSE 3.0 using message security Build WCF clients that interoperate with ASP.NET and WSE Web services using standard and custom bindings

3 3.NET Web Services ASP.NET Web services implementation in the.NET Framework Supports WS-I Basic Profile (BP) 1.1 for simple services with metadata support Doesn’t implement WS-* specifications WSE is an add-on to the.NET Framework Implements several WS-* specs Adds message security to ASP.NET Web services and supports the Basic Security Profile (BSP) 1.0 WSE 3.0 to be released in Q4 2005 Windows Communication Foundation (WCF) is the next-generation implementation of Web services Provides a unified programming model for WS-* protocols, messaging, queuing, transactions, etc.

4 4 Web Services Architecture ASP.NET Web Services Foundation Applications & Application Infrastructure Transports Connected Applications Management Business Process … Security Messaging XML Metadata HTTPTCPCustom … ReliabilityTransactions

5 5.NET Framework v2.0 Web Services WS-I Basic Profile Conformance WebServiceBinding attribute [WebServiceBinding(ConformsTo=WsiProfiles.BasicProfile1_1, EmitConformanceClaims=true)] [WebService(Namespace="Microsoft.PDC.WebServices")] public class BPConformance_asmx {[WebMethod] public string HelloWorldBP() public string HelloWorldBP() { string message = "'Hello World' from a Basic Profile compliant (BP-compliant) Web Service."; compliant (BP-compliant) Web Service."; return message; }}

6 6 ASP.NET Web services and Basic Profile (BP) Conformance

7 7 ASP.NET Web Services to WCF Interoperability Guidance Embrace Basic Profile (BP) conformance.NET 2.0 is BP conformant by default Use SOAP 1.1 KISS - Keep Interoperable Schemas Simple Avoid rpc/encoded as not BP compliant SOAP Extensions - harder to migrate

8 8 Web Services Architecture Web Services Enhancements (WSE) 2.0 and 3.0 Foundation Applications & Application Infrastructure Transports Connected Applications Management Business Process … SecurityReliabilityTransactions Messaging XML Metadata HTTPTCPCustom …

9 9 WSE 3.0 Turnkey Security Scenarios Based on industry best practices UsernameOverCertificateAnonymousOverCertificateUsernameOverTransport Kerberos (Windows) MutualCertificate and CertificateMutualAuthenticationProfile

10 10 Example Turnkey Security Scenario Username Credentials with Server Certificate for Protection Application Server Internet Intranet Authenticate username/ Password Confidential, signed request using a client key protected with the server certificate Confidential, signed response using the supplied client key Username/Password for Authentication

11 11 Securing a Web service using WSE 3.0 Security Policy

12 12 WSE 3.0: The Road to WCF Wire level interoperable with WCF Support for interoperable security scenarios WSE turnkey policy security assertions are aligned with WCF security binding WSE 3.0 runs side-by- side with WCF side with WCF Migration and interoperability guidance will be guidance will be provided from WSE 3.0 provided from WSE 3.0 to WCF to WCF

13 13 WSE to WCF Interoperability Guidance Embrace The ASMX guidance Use WSE 3.0 for wire level interoperability with WCF HTTP transport Turnkey Security Scenarios and policy (WSE 3.0) MTOM (WSE 3.0) Avoid TCP transport for interoperability Custom transports DIME (WSE 2.0)

14 14 Web Services Architecture WCF Web Services Foundation Applications & Application Infrastructure Transports Connected Applications … SecurityReliabilityTransactions Messaging XML Metadata HTTPTCP Custom … Management Business Process

15 15 AddressBindingContract Address, Binding, & Contract ServiceClient Endpoint Endpoint Endpoint Endpoint Message Where?How?What? ABCABCABCABC

16 16 WCF Security Model Capabilities Secure Transfer of Messages ConfidentialityIntegrityAuthentication Access Control for resources Authorization Audit Security Events Programming levels Simple turnkey model Advanced custom model WSE 3.0

17 17 WCF Interoperable Standard Bindings WCFBindings Specifications.NET Web service Implementation basicHttpBinding SOAP 1.1 Basic Profile 1.1 WS-Security 1.0 Basic Security Profile 1.0 MTOM ASP.NET 1.1 ASP.NET 2.0 WSE 2.0 WSE 3.0 wsHttpBinding SOAP 1.2 WS-Security 1.1 (CR) MTOM WSE 3.0

18 18 WSE to WCF Security Mapping WSE 3.0 Turnkey Policy Security Assertions WCF basicHttpBinding Security Configuration UsernameOverTransport </security> CertificateMutualAuthenticationProfile<CertificateMutualAuthentication ProfileSecurity /> </security> WCF standard bindings mapped to WSE policy security assertions

19 19 WSE 3.0 Turnkey Policy Security Assertions WCF wsHttpBinding Security Configuration AnnonymousOverCertificate </security> UsernameOverCertificate </security> Kerberos (Windows) </security> MutualCertificate </security> WSE to WCF Security Mapping

20 20 Building WCF Clients for ASP.NET and WSE 3.0 Web services

21 21 Turnkey Security Scenario Mapping WSE 3.0 turnkey policy security assertions map to WCF custom security bindings <customBinding> <security authenticationMode=“UsernameForCertificate" <security authenticationMode=“UsernameForCertificate"MessageProtectionOrder="SignBeforeEncrypt“requireDerivedKeys="true”/> </customBinding> <policies> </policies>

22 22 WCF Custom Security Binding and Custom WSE Binding

23 23 Summary Write connected applications today and achieve interoperability for a lifetime Download the WSE 3.0 Beta from MSDN http://msdn.microsoft.com/webservices/building/wse/ Install WinFx and Windows Vista Enjoy WSE 3.0 and WCF Hands on Labs

24 24 Resources mailto: mfussell@microsoft.com blog: http://blogs.msdn.com/mfussell Web services forum: http://forums.microsoft.com/msdn/ WS-Security roadmap http://msdn.microsoft.com/webservices/understa nding/gxa/default.aspx?pull=/library/en- us/dnwssecur/html/securitywhitepaper.asp

25 25 Your Feedback is Important! Please Fill Out a Survey

26 © 2005 Microsoft Corporation. All rights reserved. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.

Download ppt "Developing Web Services Using ASP.NET and WSE That Interoperate with the Windows Communications Foundation ("Indigo") Mark Fussell COM432 Lead Program."

Similar presentations

Indigo Jonathan Turnbull Nick Cartwright Ivan Konontsev Chris Bright.

Indigo Jonathan Turnbull Nick Cartwright Ivan Konontsev Chris Bright.
Matthew Kubicina CIS 764 Kansas State University.

Matthew Kubicina CIS 764 Kansas State University.
.NET Framework V3.0 Mike Taulty Developer & Platform Group Microsoft Ltd

.NET Framework V3.0 Mike Taulty Developer & Platform Group Microsoft Ltd
XML Web Services in Visual Studio ®.NET NameTitleCompany.

XML Web Services in Visual Studio ®.NET NameTitleCompany.
dev311 matt winkler – technical evangelist wf

dev311 matt winkler – technical evangelist wf
© 2007 Charteris plc20 June 2015 1 1 Extending Web Service Security with WS-* Presented by Chris Seary MVP Charteris plc, 39-40 Bartholomew Close, London.

© 2007 Charteris plc20 June Extending Web Service Security with WS-* Presented by Chris Seary MVP Charteris plc, Bartholomew Close, London.
Extending Web Applications with Web Services Mike Taulty Developer & Platform Group Microsoft Ltd

Extending Web Applications with Web Services Mike Taulty Developer & Platform Group Microsoft Ltd
X.509 support in WCF Exploring support for X.509 Certificates in Microsoft’s Windows Communication Foundation Paul Cormier UCCS CS591 Fall 2009.

X.509 support in WCF Exploring support for X.509 Certificates in Microsoft’s Windows Communication Foundation Paul Cormier UCCS CS591 Fall 2009.
Adam Dille CS526 – Spring 2010.  Advances in Microsoft’s service offerings  ASMX vs. WCF  Latest WCF Improvements (.NET 4.0)  No in-depth study of.

Adam Dille CS526 – Spring  Advances in Microsoft’s service offerings  ASMX vs. WCF  Latest WCF Improvements (.NET 4.0)  No in-depth study of.
The Microsoft Technical Roadshow 2006 Windows Communication Foundation Mike Taulty Developer & Platform Group Microsoft Ltd

The Microsoft Technical Roadshow 2006 Windows Communication Foundation Mike Taulty Developer & Platform Group Microsoft Ltd
Web Services (ASMX 2.0 and WSE 3.0) Mike Taulty Developer & Platform Group Microsoft Ltd

Web Services (ASMX 2.0 and WSE 3.0) Mike Taulty Developer & Platform Group Microsoft Ltd
Web Service Security CSCI5931 Web Security Instructor: Dr. T. Andrew Yang Student: Jue Wang.

Web Service Security CSCI5931 Web Security Instructor: Dr. T. Andrew Yang Student: Jue Wang.
Prashanth Kumar Muthoju

Prashanth Kumar Muthoju
Module 13: WCF Receive Adapters. Overview Lesson 1: Introduction to WCF Receive Adapters Lesson 2: Configuring a WCF Receive Adapter Lesson 3: Using the.

Module 13: WCF Receive Adapters. Overview Lesson 1: Introduction to WCF Receive Adapters Lesson 2: Configuring a WCF Receive Adapter Lesson 3: Using the.
Getting Started with Windows Communication Foundation 4.5 Ed Jones, MCT, MCPD, MCTS Consultant RBA Inc.

Getting Started with Windows Communication Foundation 4.5 Ed Jones, MCT, MCPD, MCTS Consultant RBA Inc.
Rob Williams Program Manager Microsoft Corporation.

Rob Williams Program Manager Microsoft Corporation.
Getting Started with WCF Windows Communication Foundation 4.0 Development Chapter 1.

Getting Started with WCF Windows Communication Foundation 4.0 Development Chapter 1.
Nikola Dudar Program Manager Microsoft Corporation Session Code: DTL 311.

Nikola Dudar Program Manager Microsoft Corporation Session Code: DTL 311.
Bruno Terkaly | Technical Evangelist Bret Stateham | Technical Evangelist.

Bruno Terkaly | Technical Evangelist Bret Stateham | Technical Evangelist.
Copyright ©2004 Virtusa Corporation | CONFIDENTIAL Introduction to Windows Communication Foundation Ruwan Wijesinghe.

Copyright ©2004 Virtusa Corporation | CONFIDENTIAL Introduction to Windows Communication Foundation Ruwan Wijesinghe.

Similar presentations

Ads by Google