Christian Weyer [email protected] thinktecture.
-
Upload
rose-bennett -
Category
Documents
-
view
222 -
download
0
Transcript of Christian Weyer [email protected] thinktecture.
![Page 2: Christian Weyer christian.weyer@thinktecture.com thinktecture.](https://reader038.fdocuments.net/reader038/viewer/2022110400/56649dbe5503460f94ab17c3/html5/thumbnails/2.jpg)
Our Way Through The Sky
Introduction & Motivation for ISBExtending a simple WCF serviceIdentity, Authentication, AuthorizationApplication ScenariosMessaging Options Summary
2
![Page 3: Christian Weyer christian.weyer@thinktecture.com thinktecture.](https://reader038.fdocuments.net/reader038/viewer/2022110400/56649dbe5503460f94ab17c3/html5/thumbnails/3.jpg)
S+S
Service Delivery
SaaS
Service Composition
SOA
Service Experience
Web 2.0
Service ……
Services
Software+
![Page 4: Christian Weyer christian.weyer@thinktecture.com thinktecture.](https://reader038.fdocuments.net/reader038/viewer/2022110400/56649dbe5503460f94ab17c3/html5/thumbnails/4.jpg)
Internet Service Bus – Why Again?
Software+Services seems to me like „SOA done the right way“, franklyIncreasing need to build and enable composite applications in a service-oriented mannerSome solutions look for easy connectivityProvide value add with advanced messaging optionsStrong focus on identity, authentication and authorization required4
![Page 5: Christian Weyer christian.weyer@thinktecture.com thinktecture.](https://reader038.fdocuments.net/reader038/viewer/2022110400/56649dbe5503460f94ab17c3/html5/thumbnails/5.jpg)
Imagine…
5
Bond Price
Form
at A
Form
at B
Ente
rpri
se X
![Page 6: Christian Weyer christian.weyer@thinktecture.com thinktecture.](https://reader038.fdocuments.net/reader038/viewer/2022110400/56649dbe5503460f94ab17c3/html5/thumbnails/6.jpg)
Imagine again…
6
Bond Price Trade
Form
at A
Form
at B
Form
at C
Ente
rpri
se X
![Page 7: Christian Weyer christian.weyer@thinktecture.com thinktecture.](https://reader038.fdocuments.net/reader038/viewer/2022110400/56649dbe5503460f94ab17c3/html5/thumbnails/7.jpg)
Still imagine…
7
Bond Price Trade
Form
at A
Form
at B
Form
at C
Ente
rpri
se X
![Page 8: Christian Weyer christian.weyer@thinktecture.com thinktecture.](https://reader038.fdocuments.net/reader038/viewer/2022110400/56649dbe5503460f94ab17c3/html5/thumbnails/8.jpg)
Enterprise Service Bus Pattern
8
Form
at A
Form
at B
Form
at C
XML XML XML
Enterprise Service Bus
Ente
rpri
se X
Bond Price Trade
![Page 9: Christian Weyer christian.weyer@thinktecture.com thinktecture.](https://reader038.fdocuments.net/reader038/viewer/2022110400/56649dbe5503460f94ab17c3/html5/thumbnails/9.jpg)
And now imagine…
9
Ente
rpri
se X Fo
rmat
A
Form
at B
Form
at C
BOND PRICE TRADE
XML XML XML
Internet Service Bus
Microsoft “Biztalk Services”
![Page 10: Christian Weyer christian.weyer@thinktecture.com thinktecture.](https://reader038.fdocuments.net/reader038/viewer/2022110400/56649dbe5503460f94ab17c3/html5/thumbnails/10.jpg)
Can you still imagine…?
10Application 1 Application 2
Form
at A
Form
at B
XML XML
Internet Service Bus
Microsoft “Biztalk Services”
Bank
A
![Page 11: Christian Weyer christian.weyer@thinktecture.com thinktecture.](https://reader038.fdocuments.net/reader038/viewer/2022110400/56649dbe5503460f94ab17c3/html5/thumbnails/11.jpg)
Bank
A
Finally, imagine…
11Application 1 Application 2
Form
at A
Form
at B
XML XML
Internet Service Bus
Microsoft “Biztalk Services”
Market Data
Publish
SubscribeSubscribe
XML
![Page 12: Christian Weyer christian.weyer@thinktecture.com thinktecture.](https://reader038.fdocuments.net/reader038/viewer/2022110400/56649dbe5503460f94ab17c3/html5/thumbnails/12.jpg)
Bank
A
It looks reasonable, doesn‘t it?
12Application 1 Application 2
Form
at A
Form
at B
XML XML
Internet Service Bus
Microsoft “Biztalk Services”
Market Data
Publish
SubscribeSubscribe
XML
Subscribe
Publish
![Page 13: Christian Weyer christian.weyer@thinktecture.com thinktecture.](https://reader038.fdocuments.net/reader038/viewer/2022110400/56649dbe5503460f94ab17c3/html5/thumbnails/13.jpg)
Possible ISB Usage Scenarios
Syndication
Peer-To-Peer
Callbacks, Notifications
Multicasting, Pub/Sub
Remote Control
Prototyping, Testing
13
C I
AC
on
fidenti
alit
y, In
tegri
ty, A
uth
en
tici
ty
![Page 14: Christian Weyer christian.weyer@thinktecture.com thinktecture.](https://reader038.fdocuments.net/reader038/viewer/2022110400/56649dbe5503460f94ab17c3/html5/thumbnails/14.jpg)
„Biztalk Services“ Demystified
Codename „Biztalk Services“ is the current incarnation of the ISBProvides several services in the cloud, currently
Identity Management, STSConnectivity, RelayingWorkflow (just not yet)
Enter the ISB at http://labs.biztalk.net/Developers (and architects) can grab an SDK
WCF-based, leveraging standardsCustom bindings and behaviors
14
![Page 15: Christian Weyer christian.weyer@thinktecture.com thinktecture.](https://reader038.fdocuments.net/reader038/viewer/2022110400/56649dbe5503460f94ab17c3/html5/thumbnails/15.jpg)
ServiceClient
RelayedConnection
Connect Open
Authenticate
Authenticate
1
3
24
Identity Service
Connectivity Service
Trust
“Biztalk Services”
Relay Binding
15
DirectConnection(optional)
5
6
![Page 16: Christian Weyer christian.weyer@thinktecture.com thinktecture.](https://reader038.fdocuments.net/reader038/viewer/2022110400/56649dbe5503460f94ab17c3/html5/thumbnails/16.jpg)
RelayBinding In Code
ITokenProvider tokenProvider = new CardSpaceTokenProvider();
ServiceEndpoint ehep = echoHost.AddServiceEndpoint( typeof(IEcho), new RelayBinding( RelayConnectionMode.RelayedDuplex), "sb://connect.biztalk.net/ services/thinktecture/Echo");
ehep.Behaviors.Add(tokenProvider);
![Page 17: Christian Weyer christian.weyer@thinktecture.com thinktecture.](https://reader038.fdocuments.net/reader038/viewer/2022110400/56649dbe5503460f94ab17c3/html5/thumbnails/17.jpg)
RelayBinding In Config
<endpoint address="sb://connect.biztalk.net/ services/thinktecture/Echo" contract="IEcho" binding="relayBinding" bindingConfiguration="myRelay" />…<bindings> <relayBinding> <binding name="myRelay" connectionMode="RelayedDuplex" /> </relayBinding></bindings>
![Page 18: Christian Weyer christian.weyer@thinktecture.com thinktecture.](https://reader038.fdocuments.net/reader038/viewer/2022110400/56649dbe5503460f94ab17c3/html5/thumbnails/18.jpg)
Security Risk Model
Frankly, in some big shops the relay binding is to date a reason to get fired
There is a reason for the DMZ
You expose your very own machine to the outsideCustomers need to be aware of this different security risk model
Integrate risk model into analysis phase
IMO, we will need guidance and tools to properly set up and configure networks for working with the relay
Maybe also leverage different technologies, like Teredo or UPnP
18
![Page 19: Christian Weyer christian.weyer@thinktecture.com thinktecture.](https://reader038.fdocuments.net/reader038/viewer/2022110400/56649dbe5503460f94ab17c3/html5/thumbnails/19.jpg)
Identity & Claims-Based Acess Rules
Authentication through username/password or information card„Biztalk Services“ implements a Secure Token Service (STS) based on WS-Trust specification
Feel the future of ADAuthorization based on powerful & flexible claims-based model
Configure through web frontendConfigure through API in SDK
19
![Page 20: Christian Weyer christian.weyer@thinktecture.com thinktecture.](https://reader038.fdocuments.net/reader038/viewer/2022110400/56649dbe5503460f94ab17c3/html5/thumbnails/20.jpg)
Relay & Identity Message Interaction
20
Identity
Relay
ServiceClien
t
GetToken()GetToken()
Connecthttp://relay.biztalk.net/services/tt/
Relay cert registered w/STS
Openhttp://relay.biztalk.net/services/tt/
![Page 21: Christian Weyer christian.weyer@thinktecture.com thinktecture.](https://reader038.fdocuments.net/reader038/viewer/2022110400/56649dbe5503460f94ab17c3/html5/thumbnails/21.jpg)
Scenario I
Duplex Communication & Notifications
ProblemConsumers want to be notified of new dataNo polling, but rather proactive push messaging desiredNATs and firewalls in the way (by design )
SolutionExpose duplex contract through relay bindingService can publish new data through the ISB‘s addressISB securely dispatches messages appropriately to the callback endpoints
21
![Page 22: Christian Weyer christian.weyer@thinktecture.com thinktecture.](https://reader038.fdocuments.net/reader038/viewer/2022110400/56649dbe5503460f94ab17c3/html5/thumbnails/22.jpg)
Scenario II
Multicasting
ProblemMultiple (n) receivers want to receive messagesSender(s) does not want to send n messages and maintain list of receiversNATs and firewalls in the way (by design)
SolutionLet the ISB do the maintenance of receivers Sender send one message to the ISB – the ISB send n messages to n receivers
22
![Page 23: Christian Weyer christian.weyer@thinktecture.com thinktecture.](https://reader038.fdocuments.net/reader038/viewer/2022110400/56649dbe5503460f94ab17c3/html5/thumbnails/23.jpg)
Biztalk Services
(Cloud)
………
Send:sb://.../traffic
Listen:sb://.../traffic
Listen:sb://.../traffic
Multicasting
23
![Page 24: Christian Weyer christian.weyer@thinktecture.com thinktecture.](https://reader038.fdocuments.net/reader038/viewer/2022110400/56649dbe5503460f94ab17c3/html5/thumbnails/24.jpg)
Scenario III
Multicast Publish & Subscribe
ProblemWe have m publishers and n subscribersNeed for infrastructure to handle these message exchangesSimilar to pure multicasting scenarioNATs and firewalls in the way (by design)
Solutionm publishers send to multicast address at ISBn subscribers listen to mulitcast address at ISBISB does the hard work of correlation and dispatching
24
![Page 25: Christian Weyer christian.weyer@thinktecture.com thinktecture.](https://reader038.fdocuments.net/reader038/viewer/2022110400/56649dbe5503460f94ab17c3/html5/thumbnails/25.jpg)
Where Are We? Where Is The ISB?
„Biztalk Services“ is an incubation project
There will be a V1 of the ISB…Of course, there are still missing parts today, e.g.:
Store and forwardBroader platforms supportReally federated identity
I am sure we will see improved feature support in upcoming releases
Keep track and watch http://labs.biztalk.net/25
![Page 26: Christian Weyer christian.weyer@thinktecture.com thinktecture.](https://reader038.fdocuments.net/reader038/viewer/2022110400/56649dbe5503460f94ab17c3/html5/thumbnails/26.jpg)
Summary
Leveraging the cloud for composite applications can be a winner
Powerful messaging optionsEnabling otherwise-hard-to-realize scenarios
Internet Service Bus can handle connectivity, authentication, authorization, messaging and other connected systems aspectsThink about security risk model„Biztalk Services“ incubation project shows the path to a real ISB – with a real name 26
![Page 27: Christian Weyer christian.weyer@thinktecture.com thinktecture.](https://reader038.fdocuments.net/reader038/viewer/2022110400/56649dbe5503460f94ab17c3/html5/thumbnails/27.jpg)
Resources
Email Christian [email protected]
Weblog Christian Weyerhttp://blogs.thinktecture.com/cweyer
thinktecturehttp://www.thinktecture.com
27
![Page 28: Christian Weyer christian.weyer@thinktecture.com thinktecture.](https://reader038.fdocuments.net/reader038/viewer/2022110400/56649dbe5503460f94ab17c3/html5/thumbnails/28.jpg)
© 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after
the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.