windows server 2008 for devsdownload.microsoft.com/documents/uk/msdn/events/mp_win... ·...

for Developers

Martin ParryDeveloper and Platform GroupMicrosoft

martin.parry@microsoft.comhttp://martinparry.com

Agenda

Top 7 Ways To “Light Up” Your Apps on Windows Server 2008

Part 1 emphasis on

IIS7, PowerShell

Part 2 emphasis on

WER, Restart and Recovery APIs, TxF

The Top 7 Ways… Part 1

1. Build More Flexible Web Applications

2. Design Highly-Manageable Applications

3. Develop Federation-Aware Applications

4. Build Connected Systems

5. Build For Scalability

6. Virtualize

7. Develop More Reliable Applications

1. Build More Flexible Web Apps

IIS 7.0 Introduction

Client version shipped with Windows Vista

Limited throughput

Server version will ship with WS2008

Currently available in RC form

More features than client

IIS 6.0 Architecture

IIS 7.0 Architecture

Windows Process Activation Service

Manages configurationWhat used to be the metabase

Responsible for starting worker processes...w3wp.exe

...and routing incoming requests to the appropriate worker process

Also hosts the new listener adapter interfaceYou can build your own listeners for WAS

IIS 6.0 Request Pipeline

IIS 6.0 Request Pipeline

IIS pipeline extensible using ISAPINative code

Can apply to all requests

ASP.NET pipeline extensible using IHttpModuleManaged code

Can only apply to requests routed via ASP.NET

Certain pipeline elements are “always there”IIS authentication

Logging

IIS 7.0 Request Pipeline

IIS 7.0 Request Pipeline

Linear sequence of modules

Any module can be enabled/disabledIncluding “built-in” ones

Modules can be managed or native code

Any type of module applies to any request

IIS7 Modules

IIS 6.0 Configuration

IIS 6.0 (and earlier) use the metabase

Stores all configuration information

Originally in binary form, then in XML

Hard to allow management of separate apps by different groups of people

IIS 7.0 Configuration

machine.config

“root” web.config

web.config

web.config

web.config

applicationHost.config

IIS7 Configuration

Building Native Modules

Export a RegisterModule function from DLL

Define one or more other functions

To process request or response

Inside RegisterModule...

Hook up your other functions(s) at specific points in the pipeline

E.g. Begin, AuthN, AuthZ, ExecuteHandler, End

Building Managed Modules

Implement IHttpModule

Implement Init function

Attach event handlers for specific points in the pipeline

E.g. Begin, AuthN, AuthZ, ExecuteHandler, End

Same as existing ASP.NET HttpModules

IIS7 Managed Module

IIS7 Diagnostics - RSCA

Runtime Status and Control API

Shows currently executing: -

Application Pools

Requests

Exposed via

IIS admin tool

Programmatically via WMI and Managed OM

IIS7 Diagnostics – Failed Requests

IIS7 allows you to log trace information just for requests that fail

For some definition of failure

Buffers all trace output

Only flushes to disk if the request fails

Log output is XML, with a stylesheet

Breaks down processing by module

Includes timing details for each module

IIS7 – Failed Request Tracing

Enable FREB at the Web Site level

Configure FREB rules at the application level

Each rule: -

Specifies the type of web content it applies to

Can specify a specific failure code

Can specify a duration in seconds

Can specify a trace event severity

IIS7 Failed Request Tracing

2. Design Highly-Manageable Apps

Management in Windows Server 2008

MMC v3.0

Managed framework for building snap-ins

Microsoft.ManagementConsole namespace

– Ships with .NET Framework v3.0

Already seen it in use – IIS Admin Console

Windows PowerShell

Windows PowerShell

It’s a command-line interface!ScriptableCommands may be composedNot based on text, based on .NET objectsAvailable for...

Windows XPWindows Server 2003Windows Vista

Ships inside...Windows Server 2008

Windows PowerShell and Scripting

PowerShell and Developers

Developers can create new commands

...and can create PowerShell “drives”

Excellent way to provide admin experience for your applications.

Exchange 2007 and SQL Server 2008, for example

PowerShell Cmdlets and Providers

3. Develop Federation-Aware Apps

Developing Federated Identity Apps

With AD FSActive Directory Federation Services

Why?Enables cross-domain, cross-platform access to your Web applicationsProvides Web SSO experiencePromotes a claims-based programming modelAchieve reach for your application

– Think “outside of the firewall”

`

Internal Client

Resource

Federation Server

Account

Federation Server

Web Server

Active Directory

A. Datum

Account Forest

Trey Research

Resource Forest

B2B Federation Scenario

Federation Trust

https

https

https

Application Authorization Using Claims

ClaimsStatements made by an authority about a userUsed for authorization purposes

Three types of ADFS claimsIdentity

– Email– User Principal Name (UPN)– Common Name

GroupCustom

Identity

UPN:eric@adatum.com

Group

PurchaserAdministratorAdatum

Custom

DisplayName:Eric Parkinson

Position:Purchasing Staff

Coding a Federation-Aware app

System.Web.Security.SingleSignOn

System.Web.Security.SingleSignOn.Authorization

In code: -

SsoId = User.Identity as SingleSignOnIdentity

SsoId.IsAuthenticated – have we a good security token?

SsoId.SecurityPropertyCollection – each item could be...– Group claim, UPN claim, custom claim

Application can get any/all claim details

4. Build Connected Systems

Interopwith otherplatforms

ASMX

Attribute-Based

Programming

Enterprise Services

WS-*ProtocolSupport

WSE

Message-Oriented

Programming

System.Messaging

ExtensibilityLocation transparency

.NET Remoting

Windows Communication Foundation

Sub-queuesPoison Message

Handling

App-Specific

Dead Letter Queues

Transactional

Remote Receive

MSMQ 4.0

Sub-queues

Never created explicitly

Accessed via DIRECT FormatName...

DIRECT=OS:server\private$\myqueue;mysubq

Created at time of first Open

Can receive in the normal fashion

Can only insert with MQMoveMessage

No managed code equivalent

Poison Message Handling

WCF binding configuration...<netMsmqBinding>

<binding name="PoisonBinding" receiveRetryCount="0“maxRetryCycles="1“retryCycleDelay="00:00:05“receiveErrorHandling="Move"></binding>

</netMsmqBinding>

End of Part One

Build More Flexible Web Applications

IIS7

Design Highly-Manageable Applications

Windows PowerShell, MMC3

Develop Federation-Aware Applications

AD FS

Build Connected Systems

WCF, MSMQ 4

MSDN in the UK

Visit http://msdn.co.uk

Newsletter

Events

Screencasts

Blogs

© 2007 Microsoft Ltd. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.

The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market

conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation.

MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.