Architecture Track Session 2 Designing Enterprise Applications for Microsoft ® Windows ® Server...
-
Upload
kareem-hardyman -
Category
Documents
-
view
218 -
download
0
Transcript of Architecture Track Session 2 Designing Enterprise Applications for Microsoft ® Windows ® Server...
Architecture TrackArchitecture TrackSession 2 Session 2
Designing Enterprise Designing Enterprise Applications for Applications for MicrosoftMicrosoft®® Windows Windows®® Server 2003Server 2003
AudienceAudience
Application architects, developers, and Application architects, developers, and infrastructure professionalsinfrastructure professionals
Responsible for designing, developing, Responsible for designing, developing, and/or managing enterprise systemsand/or managing enterprise systems
Building applications to take advantage of Building applications to take advantage of Windows Server 2003Windows Server 2003
Interested in Microsoft technical position Interested in Microsoft technical position on application architectureon application architecture
Interested in building applications for a Interested in building applications for a service-oriented architecture (SOA)service-oriented architecture (SOA)
Realistic ExpectationsRealistic Expectations
Architecture is a complex domain with Architecture is a complex domain with multiple perspectives and many viewpoints.multiple perspectives and many viewpoints.
This track strives to address a small subset.This track strives to address a small subset.By no means is it comprehensive in its coverage.By no means is it comprehensive in its coverage.
Technical resources are available for many Technical resources are available for many of the areas not covered today.of the areas not covered today.
A detailed white paper accompanies this track.A detailed white paper accompanies this track.
Event DVDEvent DVD
MSDNMSDN®® .NET Architecture Center .NET Architecture Center
Microsoft patterns & practices Web siteMicrosoft patterns & practices Web site
Session ObjectivesSession Objectives
Examine security from the standpoint Examine security from the standpoint of how it impacts the architecture of of how it impacts the architecture of an application.an application.
Review the impact of advanced Review the impact of advanced MicrosoftMicrosoft®® .NET caching capabilities. .NET caching capabilities.
Discuss reliability and scalability.Discuss reliability and scalability.
Review data access methodologies.Review data access methodologies.
Discuss planning for transaction Discuss planning for transaction management.management.
Session AgendaSession Agenda
ServicesServices
SecuritySecurity
State and transaction managementState and transaction management
Availability and scalabilityAvailability and scalability
Building Services:Building Services:Design ConsiderationsDesign Considerations
Partitioning and establishing boundariesPartitioning and establishing boundariesTrust / securityTrust / security
Transactions and stateTransactions and state
Availability and scalabilityAvailability and scalability
Credit authorizationCredit authorizationOrdersOrders
SupplierSupplier
SecuritySecurity
Establishing and enforcing trust boundariesEstablishing and enforcing trust boundaries
Key areasKey areasAuthenticationAuthentication
AuthorizationAuthorization
Secure communicationsSecure communications
SecuritySecurity
Trustworthy designTrustworthy design
AuthenticationAuthenticationCustom or platform?Custom or platform?
AuthorizationAuthorizationCommon infrastructure and managementCommon infrastructure and managementOperations couplingOperations coupling
Secure communicationSecure communicationIntra-applicationIntra-applicationInter-serviceInter-service
AuditingAuditingPreserving identityPreserving identity
Profile managementProfile managementFederation, scalabilityFederation, scalability
Kerberos
Kerberos
CertificatesSSLWS-Security
PresentationPresentation
BusinessBusiness
DataData
Pro
file
Pro
file
ma
na
ge
me
nt
ma
na
ge
me
nt
Au
ditin
gA
ud
iting
Se
cu
re
Se
cu
re
co
mm
un
ica
tion
co
mm
un
ica
tion
Au
the
ntic
atio
nA
uth
en
tica
tion
Au
tho
rizatio
nA
uth
oriza
tion
Secu
rityS
ecurity
Op
era
tion
O
pe
ratio
n
ma
na
ge
me
nt
ma
na
ge
me
nt
Co
mm
un
ica
tion
Co
mm
un
ica
tion
AD
AD
Other
Designing for SecurityDesigning for Security
UI componentsUI components
UI process componentsUI process components
Data access componentsData access components
Business workflows
Business components
UsersUsers
Business entities
Service agentsService agents
Service interfacesService interfaces
Data Data sourcessources
ServicesServices
Trust boundaries enforced by
authentication
Using caller impersonation or service accounts at boundaries for
outgoing calls
Trust boundaries enforced by
authentication
Secure communication between services and
within application
Authorizing actions at the
right granularity
SecuritySecurityAuthenticationAuthentication
Where will authentication occur?Where will authentication occur?Microsoft Internet Information Server (IIS) Microsoft Internet Information Server (IIS) for intranet applicationsfor intranet applications
Forms-based authentication within Forms-based authentication within MicrosoftMicrosoft®® ASP.NET ASP.NET
MicrosoftMicrosoft®® .NET Passport .NET Passport authenticationauthentication
ASP.NET
IIS
Forms Forms authenticationauthentication
Anonymous Anonymous authenticationauthentication
MicrosoftMicrosoft®® SQL Server SQL Server™™
authenticationauthentication
SecuritySecurityAuthorizationAuthorization
Role-based ASP.NETRole-based ASP.NETCompatible with both forms and Compatible with both forms and .NET Passport.NET Passport
Generic and Windows objects availableGeneric and Windows objects available
Customizable with IPrincipal and IIdentityCustomizable with IPrincipal and IIdentity
ASP.NET
IIS
File authorization File authorization URL URL
authorization .NET authorization .NET roles roles
(authorization)(authorization)
NTFS NTFS permissions permissions
(authorization)(authorization)
User-defined role User-defined role (authorization)(authorization)
SecuritySecurityDatabase AuthorizationDatabase Authorization
Role-based ASP.NETRole-based ASP.NETSQL Server user-defined database rolesSQL Server user-defined database roles
SQL Server application rolesSQL Server application roles
Role 1Role 1
Role 2Role 2
Web or Application ServerWeb or Application Server Database ServerDatabase Server
Trusted Identity 1Trusted Identity 1
Trusted Identity 2Trusted Identity 2
Identity 1 has read permissions Identity 1 has read permissions Identity 2 has read / write Identity 2 has read / write permissionspermissions
Role MappingRole Mapping
Trust BoundaryTrust Boundary
A A B B C C D D EE
SecuritySecurityTwo-tier ScenarioTwo-tier Scenario
SSL used for secure WANSSL used for secure WAN
Firewall + IPSec used for LANFirewall + IPSec used for LAN
ASP.NET
IIS
Forms Forms authenticationauthentication
Anonymous Anonymous authenticationauthentication
SQL Server SQL Server authenticationauthentication
File authorization File authorization URL URL
authorization .NET authorization .NET roles roles
(authorization)(authorization)
NTFS NTFS permissions permissions
(authorization)(authorization)
User-defined role User-defined role (authorization)(authorization)
SSL SSL (privacy / integrity) (privacy / integrity)
IPSec IPSec (privacy / integrity) (privacy / integrity)
ASP.NET ASP.NET (process identity)(process identity)
SecuritySecurityInternet Security SolutionsInternet Security Solutions
Baseline Internet ArchitectureBaseline Internet Architecture.NET forms-based authentication.NET forms-based authentication
IPrincipal role-based authorizationIPrincipal role-based authorization
SSL and IPSecSSL and IPSec
Two-tiered model has limited database Two-tiered model has limited database authentication options.authentication options.
SecuritySecurityApplication Server SecurityApplication Server Security
More robust, adaptable, scalableMore robust, adaptable, scalableTiers are loosely coupled via SOAP and Tiers are loosely coupled via SOAP and other Internet protocols.other Internet protocols.
Additional security available: Additional security available: MicrosoftMicrosoft®® Active Directory Active Directory® ® -- based based authentication and roles, and AuthzMan.authentication and roles, and AuthzMan.
Additional scalability via physical tier.Additional scalability via physical tier.
IIS
Security with Application ServerSecurity with Application ServerDeployment with Three TiersDeployment with Three Tiers
ASP.NET
Forms Forms authenticationauthentication
Anonymous Anonymous authenticationauthentication
URL authorization URL authorization (authorization)(authorization)
NTFS NTFS permissions permissions
(authorization)(authorization)
SSL SSL (privacy / (privacy /
integrity)integrity)
IPSec IPSec (privacy / (privacy /
integrity) integrity)
ASP.NET ASP.NET (process (process identity)identity)
IIS ASP.NET
(Web (Web services services fafaççade)ade)
Windows Windows (authentication)(authentication)
Integrated Windows Integrated Windows (authentication) (authentication)
require SSL require SSL (privacy / integrity)(privacy / integrity)
Web serverWeb serverEnterprise
Services server application dllhost.exe
Application serverApplication server
Database Database serverserver
IPSec IPSec (privacy / (privacy /
integrity)integrity)
ES process ES process
identityidentity
User-defined database roles (authentication)
Windows (authentication)
RPC packet RPC packet privacyprivacy
(Authentication)(Authentication)
Summary Recommendations:Summary Recommendations: SecuritySecurity
Make use of the guidance available in Make use of the guidance available in “Building Secure ASP.NET Applications”.“Building Secure ASP.NET Applications”.
Make use of Service Accounts when user Make use of Service Accounts when user identity isn’t needed for database access.identity isn’t needed for database access.
Make use of enhanced security and Active Make use of enhanced security and Active Directory within the business layer.Directory within the business layer.
Use the Authorization Manager for advanced Use the Authorization Manager for advanced authorization features.authorization features.
Best practices available:Best practices available:““Building Secure ASP.NET Applications”Building Secure ASP.NET Applications”
http:// msdn.microsoft.com/library/en-us/dnnetsec/html/secnetlpMSDN.asphttp:// msdn.microsoft.com/library/en-us/dnnetsec/html/secnetlpMSDN.asp
Session AgendaSession Agenda
ServicesServices
SecuritySecurity
State and transaction managementState and transaction management
Availability and scalabilityAvailability and scalability
Challenges in Service-Challenges in Service-Oriented Architecture (SOA)Oriented Architecture (SOA)
Services encapsulate all state management.Services encapsulate all state management.
Talk via messages over unreliable protocols.Talk via messages over unreliable protocols.
Challenges:Challenges:Maintaining conversation stateMaintaining conversation state
Managing transactionsManaging transactions
Managing concurrent access to dataManaging concurrent access to data
Caching of data for performance, scalability, and Caching of data for performance, scalability, and availabilityavailability
UI componentsUI components
UI process componentsUI process components
Data access componentsData access components
Business workflows
Business components
UsersUsers
Business entities
Service agentsService agents
Service interfaces
Data Data SourcesSources
ServicesServices
Co
mm
un
ication
Co
mm
un
ication
Op
eration
al O
peratio
nal
man
agem
ent
man
agem
ent
Sec
urity
Sec
urity
State and TransactionsState and Transactions
Caching for ASP.NET
pages and Web services
Caching across all tiers
Session state
management
Web user state management
State for conversations
between services
Message-based CommunicationsMessage-based Communications
Messages are business documents Messages are business documents exchanged to execute a business exchanged to execute a business process.process.
Services may expect other services to Services may expect other services to remember conversations.remember conversations.
Example: purchase customer IDExample: purchase customer ID
A message-based conversation A message-based conversation requires state to be kept and re-requires state to be kept and re-hydrated as needed for business hydrated as needed for business operations.operations.
Just like a conversation between peopleJust like a conversation between people
Conversation StateConversation State
Isolate conversation state management in Isolate conversation state management in business workflows.business workflows.
Not in business database or service interfaceNot in business database or service interface
MicrosoftMicrosoft®® BizTalk BizTalk®® Server schedules Server schedules
Keep business components stateless.Keep business components stateless.Finer business activitiesFiner business activities
Assume messages can be lost or can Assume messages can be lost or can arrive twice.arrive twice.
Unless you have a transactional S & F protocolUnless you have a transactional S & F protocol
SOAP in MSMQ 3.0 over HTTPSOAP in MSMQ 3.0 over HTTP
WS-Reliability long-term visionWS-Reliability long-term vision
Transaction ManagementTransaction ManagementServices are boundary around state.Services are boundary around state.Services interoperate through business transactions.Services interoperate through business transactions.Business transaction <> commit/rollback Business transaction <> commit/rollback
Not ACID!Not ACID!
Business transactions are better suited for message-Business transactions are better suited for message-based systems.based systems.
Cancel orderCancel order
Order confirmedOrder confirmed
Order cancelled—cancellation fee Order cancelled—cancellation fee
Cancel delivery Cancel delivery (“Compensation” messages and business logic)(“Compensation” messages and business logic)
CommittedCommittedRollbackRollback
ACID transaction boundaryACID transaction boundary
Business conversation boundaryBusiness conversation boundary
Transaction ModelTransaction ModelBusiness workflows Business workflows implement business implement business processes.processes.
Finer-grained business Finer-grained business components initiate components initiate and manage atomic and manage atomic transactions.transactions.
Transactional resource Transactional resource managers participate managers participate in atomic transactions.in atomic transactions.
Atomic transactionAtomic transaction
You should assume You should assume other services are not other services are not part of ACID transaction part of ACID transaction (unless using MSMQ).(unless using MSMQ).
Rollbacks handled with Rollbacks handled with compensations.compensations.
WorkflowWorkflow Biz compBiz comp DAL DAL
Service agent Service agent
DTCDTC
Transaction ManagementTransaction ManagementUsing ACID TransactionsUsing ACID Transactions
Only use a transaction when needed.Only use a transaction when needed.Not every update requires the cost of a Not every update requires the cost of a transaction.transaction.
Reads for user interfaces don’t need Reads for user interfaces don’t need transactions.transactions.
Data exchange outside of transaction Data exchange outside of transaction boundary is disconnected and potentially boundary is disconnected and potentially stale.stale.
Need to consider the type of concurrency.Need to consider the type of concurrency.Optimistic—disconnected environmentOptimistic—disconnected environment
Pessimistic—connected environmentPessimistic—connected environment
Atomic Transaction ManagementAtomic Transaction ManagementSelecting the Atomic Transaction ModelSelecting the Atomic Transaction Model
Need Need transaction?transaction?
Operating Operating with multiplewith multiple
resource managers?resource managers?
Using stored Using stored procedures?procedures?
Need two Need two stage commit?stage commit?
Use ADO.NET Use ADO.NET transactionstransactions
Push transaction Push transaction to the databaseto the database
Use Enterprise Use Enterprise ServicesServices
Do not implementDo not implementtransactionstransactions
NoNoYesYes
YesYes
YesYes
YesYes
NoNo
NoNo
NoNo
Optimistic LockingOptimistic LockingDealing with Disconnected Concurrent Data AccessDealing with Disconnected Concurrent Data Access
Consistency vs. concurrency vs. scalabilityConsistency vs. concurrency vs. scalability
Efficient for disconnected environmentsEfficient for disconnected environments
Assume data is potentially staleAssume data is potentially staleTime (time-out or time stamps)Time (time-out or time stamps)
Comparing the data or certain partsComparing the data or certain partsExample: submitting an order with old catalog pricesExample: submitting an order with old catalog prices
Need to resolve conflictsNeed to resolve conflictsComparing which fields changedComparing which fields changed
Automatic or manualAutomatic or manualExample: updating customer recordsExample: updating customer records
Summary Recommendations:Summary Recommendations: Transaction ManagementTransaction Management
Guidance on transactions availableGuidance on transactions available““How to Code ADO.NET Manual How to Code ADO.NET Manual Transactions” in the .NET Data Access Transactions” in the .NET Data Access Architecture GuideArchitecture Guide
““Designing Data Tier Components and Designing Data Tier Components and Passing Data Through Tiers”Passing Data Through Tiers”
http://msdn.microsoft.com/practices/http://msdn.microsoft.com/practices/
CachingCachingRoles of Caches in Service-Oriented Roles of Caches in Service-Oriented ArchitecturesArchitectures
Why cache?Why cache?Performance? Scalability? Availability?Performance? Scalability? Availability?
Where to cache?Where to cache?ASP.NET cache—page and fragmentASP.NET cache—page and fragmentSQL Server—persistent cachesSQL Server—persistent cachesMMF—sharing across processes in memory MMF—sharing across processes in memory Memory-static hash tables—within an application Memory-static hash tables—within an application domaindomain
What to cache? What to cache? Non-transactional, reference dataNon-transactional, reference dataInfrequently changing dataInfrequently changing dataApplicable to as many users as possibleApplicable to as many users as possible
CachingCachingPresentation Tier and Service InterfacesPresentation Tier and Service Interfaces
ASP.NETASP.NETOutput page cachingOutput page caching
Very fast, but no user customization.Very fast, but no user customization.
Think of as formatted business data. Think of as formatted business data.
Page fragment cachingPage fragment cachingAllows overall customization of page.Allows overall customization of page.
Not as fast, but excellent for heavilyNot as fast, but excellent for heavilyformatted data.formatted data.
Windows FormsWindows FormsReduce round trips to Web servicesReduce round trips to Web services
CachingCachingData Access ComponentsData Access Components
Three main scenariosThree main scenarios
Application domain-wide cacheApplication domain-wide cacheCache in static variables Cache in static variables (such as ASP.NET)(such as ASP.NET)
Machine-wide cacheMachine-wide cacheCache in memory-mapped filesCache in memory-mapped files
Interop issuesInterop issues
Data center-wide cacheData center-wide cacheSQL ServerSQL Server
Session State ManagementSession State Management
Facility to handle transient state Facility to handle transient state between Web request on the serverbetween Web request on the server
ASP.NET Allows three locationsASP.NET Allows three locationsIn-memory: single boxIn-memory: single box
Session service: in-memory for Web farmSession service: in-memory for Web farm
SQL Server: persistent for Web farmSQL Server: persistent for Web farm
Session AgendaSession Agenda
ServicesServices
SecuritySecurity
State and transaction managementState and transaction management
Availability and scalabilityAvailability and scalability
High AvailabilityHigh Availability The Problem DomainThe Problem Domain
Design ConsiderationsDesign ConsiderationsNo single point of failureNo single point of failure Load balancing Load balancing
ClusteringClustering
Service-oriented architecture Service-oriented architecture and message-based and message-based communicationscommunications
Isolate failuresIsolate failures
Time to recoverTime to recover System that recovers System that recovers automatically may appear to automatically may appear to have greater availabilityhave greater availability
Queuing and cachingQueuing and caching Improves availabilityImproves availability
Improves perceived performanceImproves perceived performance
Improves perceived availabilityImproves perceived availability
Data partitioningData partitioning Required to resolve database Required to resolve database scalingscaling
High AvailabilityHigh Availability
Principle: plan for failuresPrinciple: plan for failuresApplicationApplication
State managementState managementResiliency—fast recoveryResiliency—fast recovery
InfrastructureInfrastructureNo single point of failureNo single point of failure
Both servers and network elementsBoth servers and network elements
Microsoft Systems ArchitectureMicrosoft Systems Architecture
DataDataReplication, log shipping, partitioningReplication, log shipping, partitioning
High AvailabilityHigh AvailabilityNetwork Load BalancingNetwork Load Balancing
For cloned, “stateless” servicesFor cloned, “stateless” servicessuch as ASP.NET, Enterprise Services (COM+)such as ASP.NET, Enterprise Services (COM+)
Scale out the application server farmScale out the application server farm
Built-in support for NLB in .NET ServerBuilt-in support for NLB in .NET ServerManages sharing the load.Manages sharing the load.
Supports cluster, node, and port management.Supports cluster, node, and port management.
May be layered with presentation and business May be layered with presentation and business services balanced separately.services balanced separately.
Management simplified with Management simplified with Application CenterApplication Center
High AvailabilityHigh AvailabilityClusteringClustering
For services that require storageFor services that require storage
Automatic failover managementAutomatic failover managementProvides for resilience and reliabilityProvides for resilience and reliability
Scalability: up and partitioningScalability: up and partitioning
Not just for database serversNot just for database serversAnything that maintains persistent stateAnything that maintains persistent state
Exchange serversExchange servers
BizTalk serversBizTalk servers
MSMQMSMQ
High AvailabilityHigh AvailabilitySoftware SolutionsSoftware Solutions
Availability and scalability are achieved by Availability and scalability are achieved by composing infrastructure and application.composing infrastructure and application.
Message Queuing and Message Queuing and asynchronous operationsasynchronous operations
Move bulk of work away from client.Move bulk of work away from client.
Back-end elements may be offline without Back-end elements may be offline without impacting client’s view of application.impacting client’s view of application.
Data partitioningData partitioningNot recommended, but available when a Not recommended, but available when a database needs greater scalability.database needs greater scalability.
Summary Recommendations: Summary Recommendations: High AvailabilityHigh Availability
Load balancing and clustering both impact Load balancing and clustering both impact reliability and availability.reliability and availability.
Increase scalability by designing software Increase scalability by designing software that optimizes resource use.that optimizes resource use.
Highly available systems are the result of People – Highly available systems are the result of People – Process – Technology.Process – Technology.
The people who build an application, the The people who build an application, the technology used to implement it, and the process technology used to implement it, and the process of creating a highly available system.of creating a highly available system.
Microsoft Systems ArchitectureMicrosoft Systems Architecture
Session SummarySession Summary
Microsoft Windows Server 2003 + Microsoft Microsoft Windows Server 2003 + Microsoft VisualVisual®® Studio Studio®® .NET 2003 + practices = a .NET 2003 + practices = a complete application platformcomplete application platform
Security, management, and communicationsSecurity, management, and communications
Performance, availability, and scalabilityPerformance, availability, and scalability
Robust development platform for many app Robust development platform for many app scenariosscenarios
Resources for architects:Resources for architects: http://http://msdn.microsoft.com/architecture/msdn.microsoft.com/architecture/
Guidance and best practices:Guidance and best practices: http://http://msdn.microsoft.com/practices/msdn.microsoft.com/practices/
Important Web ResourcesImportant Web Resources
Microsoft patterns & practicesMicrosoft patterns & practiceshttp://http://msdn.microsoft.commsdn.microsoft.com/practices//practices/
MSDN .NET Architecture CenterMSDN .NET Architecture Centerhttp://http://msdn.microsoft.commsdn.microsoft.com/architecture/architecture//
Microsoft Visual Studio .NET 2003Microsoft Visual Studio .NET 2003http://http://msdn.microsoft.com/vstudiomsdn.microsoft.com/vstudio//
Microsoft Windows Server 2003Microsoft Windows Server 2003http://www.microsoft.com/windowshttp://www.microsoft.com/windows//
© 2003 Microsoft Corporation. All rights reserved.© 2003 Microsoft Corporation. All rights reserved.
Microsoft, Visual Studio, the Visual Studio logo, Windows, the Windows logo, BizTalk, Active Directory, SQL Server, and MSDN are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners. This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.