microsoft web services technologies today benjamin mitchell independent consultant microsoft...
Post on 21-Dec-2015
216 views
TRANSCRIPT
Microsoft Web Services Microsoft Web Services Technologies TodayTechnologies TodayMicrosoft Web Services Microsoft Web Services Technologies TodayTechnologies Today
Benjamin MitchellBenjamin MitchellIndependent ConsultantIndependent ConsultantMicrosoft Regional Director/MVPMicrosoft Regional Director/[email protected]@benjaminm.nethttp://benjaminm.nethttp://benjaminm.net
OverviewOverview
Sending interoperable messages with Sending interoperable messages with ASP.NET Web ServicesASP.NET Web Services
General Issues Around ServicesGeneral Issues Around Services
Understanding advanced WS-* Understanding advanced WS-* protocolsprotocols
Supporting advanced WS-* protocols Supporting advanced WS-* protocols with the Web Services Enhancementswith the Web Services Enhancements
Managing Business Processes with Managing Business Processes with BizTalk 2004BizTalk 2004
Sending interoperable Sending interoperable messages messages with ASP.NET Web Serviceswith ASP.NET Web Services
Sending interoperable Sending interoperable messages messages with ASP.NET Web Serviceswith ASP.NET Web Services
ASMX MessagingASMX Messaging
Easiest way to send messages Easiest way to send messages via SOAPvia SOAP
Create an *.asmx fileCreate an *.asmx file
Write a classWrite a class
Decorate methods with Decorate methods with [WebMethod][WebMethod]
OneWay or RequestResponseOneWay or RequestResponse
Secret Look at the FutureSecret Look at the Future
[WebMethod(IsInteroperableFastSca[WebMethod(IsInteroperableFastScalableAndReliable=true)]lableAndReliable=true)]
public bool DoSomething()public bool DoSomething()
{{……
}}
ASMX 2.0 ImprovementsASMX 2.0 Improvements
InteroperabilityInteroperabilityWS-I Base Profile 1.1 ConformanceWS-I Base Profile 1.1 Conformance
SOAP 1.2 supportSOAP 1.2 support
ExtensibilityExtensibilityCustom serialization and streamingCustom serialization and streamingCustom proxy code generationCustom proxy code generation
ASMX 2.0 ImprovementsASMX 2.0 Improvements
Client Programming ModelClient Programming ModelEasy to use async programming modelEasy to use async programming modelEasy databindingEasy databindingType sharing across Web servicesType sharing across Web services
PerformancePerformanceLowered startup latencyLowered startup latencyLowered bandwidth utilization through Lowered bandwidth utilization through compressioncompression
Hosting in any AppDomain with Hosting in any AppDomain with HttpListener on top of HTTP.SYSHttpListener on top of HTTP.SYS
Other
Excel
WS
E
Win2K
PolitikenPortal
Typical Success Story: Danske Typical Success Story: Danske BankBank
Danske Bank Web Danske Bank Web ServicesServices
Stock quotesStock quotes Bond quotesBond quotes Currency tradingCurrency trading
InstitutionalPartners
Web Service
Politiken Readers
ERP
Mainframe
XML
Cache
15min RefreshRouting Based on User
Real Time
Problems with ASMXProblems with ASMX
Simple programming model is not Simple programming model is not explicit about boundariesexplicit about boundaries
Can be too RPC likeCan be too RPC like
Limited to HTTPLimited to HTTP
Difficult extension mechanismDifficult extension mechanism
Does not support the more advanced Does not support the more advanced WS-* specificationsWS-* specifications
General Issues Around General Issues Around ServicesServicesGeneral Issues Around General Issues Around ServicesServices
Message Design: Contract Message Design: Contract FirstFirst
Schema FirstSchema First[right on the wire][right on the wire]
Code FirstCode First[easy to program][easy to program]
Does Schema lead to better Does Schema lead to better versioning?versioning?<schema targetNamespace="http://people" xmlns="..."> <element name="person"> <complexType>
<sequence> <element name="name" type="string"/> <any processContents="lax" minOccurs="0"
maxOccurs="unbounded" /></sequence><anyAttribute processContents="lax"/><attribute name="version" type="string"
use="required"/> </complexType> </element></schema>
Is Base Profile Conformance Is Base Profile Conformance Enough?Enough?
Do we need a Base Profile for Do we need a Base Profile for Schema?Schema?
WSDL 1.1
SOAP 1.1
XSD 1.0
XML 1.0
HTTP(S)
UDDI 2.0
What’s the Profile Recipe: What’s the Profile Recipe: Staple, Redline, GlueStaple, Redline, Glue
““Staple”Staple”Pull relevant specs Pull relevant specs into scopeinto scope
““Redline”Redline”Add constraints on Add constraints on use of those specsuse of those specs
““Glue”Glue”Define missing bits Define missing bits between specsbetween specs
Some will migrate Some will migrate back into specsback into specs
SOAP 1.2WS-
AddressingWS-Metadata Exchange
WSDL 1.1WS-
DiscoveryWS-Eventing
ThisModelMetadataThisDevice
Metadata
ActionFilterConformance
Claim
PolicyAssertionsPolicy
Assertions
Interoperability Interoperability RecommendationsRecommendationsGeneral RecommendationsGeneral Recommendations
Use XSD first to define messagesUse XSD first to define messages
Keep to the 9 primitive types outlined by XSDKeep to the 9 primitive types outlined by XSDxsd:byte, xsd:boolean, xsd:dateTime, xsd:double, xsd:byte, xsd:boolean, xsd:dateTime, xsd:double, xsd:float, xsd:int, xsd:long, xsd:string, xsd:shortxsd:float, xsd:int, xsd:long, xsd:string, xsd:short
Watch those arrays!Watch those arrays!
Watch those NULL values!Watch those NULL values!
Watch those xsd:dateTimes!Watch those xsd:dateTimes!
Are web services fast Are web services fast enough?enough?Are web services fast Are web services fast enough?enough?
Empty Method CallEmpty Method Call
Empty Method (Cross Process)
516 327 326 270 226 224 224 216 195 195 187 187
12778
10318
0
2000
4000
6000
8000
10000
12000
14000E
nte
rprise S
erv
ices
Ente
rprise S
erv
ices (
auth
)
Rem
otin
g T
CP
/Bin
ary
Rem
otin
g H
TT
P/B
inary
Rem
otin
g H
TT
P/S
OA
P
AS
P.N
ET
Web s
erv
ices
AS
P.N
ET
Web s
erv
ices -
Inte
gra
ted
Rem
otin
g H
TT
P/B
inary
(IIS
)
Rem
otin
g H
TT
P/S
OA
P (
IIS
)
AS
P.N
ET
Web s
erv
ices -
Passw
ord
Rem
otin
g H
TT
P/B
inary
(IIS
) In
tegra
ted
Rem
otin
g H
TT
P/S
OA
P (
IIS
) In
tegra
ted
Rem
otin
g H
TT
P/B
inary
(IIS
) P
assw
ord
Rem
otin
g H
TT
P/S
OA
P (
IIS
) P
assw
ord
Ca
lls
Pe
r S
ec
on
d
Larger payload, simple opLarger payload, simple opLoad Product Catalog as Objects
9185
7566
33 30 30 29 29 28 28 25
147 147
0
20
40
60
80
100
120
140
160
Ente
rprise S
erv
ices
Ente
rprise S
erv
ices (
auth
)
AS
P.N
ET
Web s
erv
ices
AS
P.N
ET
Web s
erv
ices -
Passw
ord
Rem
otin
g H
TT
P/B
inary
(IIS
) In
tegra
ted
AS
P.N
ET
Web s
erv
ices -
Inte
gra
ted
Rem
otin
g T
CP
/Bin
ary
Rem
otin
g H
TT
P/B
inary
Rem
otin
g H
TT
P/S
OA
P
Rem
otin
g H
TT
P/S
OA
P (
IIS
)
Rem
otin
g H
TT
P/B
inary
(IIS
)
Rem
otin
g H
TT
P/S
OA
P (
IIS
) P
assw
ord
Rem
otin
g H
TT
P/B
inary
(IIS
) P
assw
ord
Rem
otin
g H
TT
P/S
OA
P (
IIS
) In
tegra
ted
Ca
lls P
er
Se
co
nd
Small payload, busy opSmall payload, busy opStore Purchase Order (as Objects)
6360
5754 54
51 50 50 49 49 49
40
74 74
0
10
20
30
40
50
60
70
80E
nte
rpris
e S
erv
ices (
auth
)
Ente
rpris
e S
erv
ices
AS
P.N
ET
Web
serv
ices
AS
P.N
ET
Web
serv
ices
- P
assw
ord
Rem
otin
g T
CP
/Bin
ary
Rem
otin
g H
TT
P/B
inary
Rem
otin
g H
TT
P/S
OA
P
Rem
otin
g H
TT
P/B
inary
(IIS
) In
tegr
ate
d
Rem
otin
g H
TT
P/B
inary
(IIS
)
Rem
otin
g H
TT
P/S
OA
P (
IIS
)
Rem
otin
g H
TT
P/S
OA
P (
IIS
) P
assw
ord
Rem
otin
g H
TT
P/B
inary
(IIS
) P
assw
ord
AS
P.N
ET
Web
serv
ices
- In
tegra
ted
Rem
otin
g H
TT
P/S
OA
P (
IIS
) In
tegr
ate
d
Ca
lls P
er
Se
co
nd
Proving that the protocols Proving that the protocols can work: Web Services can work: Web Services EnhancementsEnhancements
Proving that the protocols Proving that the protocols can work: Web Services can work: Web Services EnhancementsEnhancements
WS-* ArchitectureWS-* Architecture
Assurances
Messaging
SOAP
WS-Security
MTOMWS-Addressing
Metadata
WS-Policy
WSDL
UDDI
WS-MetadataExchange
XML Schema
WS-ReliableMessaging
WS-Coordination
WS-AtomicTransaction
WS-BusinessActivity
WS-Trust
WS-SecureConversation
Profiles andInfrastructureWS-Management WS-Federation
DevicesProfile
Foundation
SOAP / HTTPMIME
XML Infoset
XML 1.0XML
Namespaces
WS-* Specification ProcessWS-* Specification Process
Specification Specification PublishedPublished
Feedback & Interop Workshops Feedback & Interop Workshops Revise / republish specRevise / republish spec
Standards OrgStandards Org ProfilesProfiles
Step 2Broader Participation
Step 1Develop
Process reconciles conflicting goals• Quality of engineering• Time to market• Breadth of industry support
Step 3Standardization
Step 4Profiling
Industry ParticipationIndustry Participation
StatusStatus
Assurances
Messaging
SOAP
WS-Security
MTOMWS-Addressing
Metadata
WS-Policy
WSDL
UDDI
WS-MetadataExchange
XML Schema
WS-ReliableMessaging
WS-Coordination
WS-AtomicTransaction
WS-BusinessActivity
WS-Trust
WS-SecureConversation
Infrastructureand ProfilesWS-ManagementWS-Federation
DevicesProfile
Foundation
SOAP / HTTPMIME
XML Infoset
XML 1.0XML
Namespaces
Step 3-4Step 2Step 1-2
Windows Server 2003
“R2” WaveLonghorn
Wave
VS 2005 + WSE 3.0VS 2005 + WSE 3.0 SOAP 1.1, 1.2 / WSDL 1.1SOAP 1.1, 1.2 / WSDL 1.1 MTOMMTOM WS-Addressing 2004/08 (or WS-Addressing 2004/08 (or
REC)REC) WS-Security 1.0 (U/P, X509, WS-Security 1.0 (U/P, X509,
Kerberos)Kerberos) WS-Secure ConversationWS-Secure Conversation WS-Trust WS-Trust WS-PolicyWS-Policy Limited wire interop with Limited wire interop with
WSE2.0WSE2.0
AD Federation Services in AD Federation Services in R2R2
Cross-organizational Identity Cross-organizational Identity FederationFederation
Web SSOWeb SSO
SQL Server 2005SQL Server 2005 SOAP 1.1, 1.2 / WSDL 1.1SOAP 1.1, 1.2 / WSDL 1.1 WS-Security 1.0WS-Security 1.0
ManagementManagement WS-ManagementWS-Management
Delivering WS-* - MicrosoftDelivering WS-* - Microsoft
VS2003 + Web Services VS2003 + Web Services
Enhancements (WSE) 2.0Enhancements (WSE) 2.0 SOAP 1.1 / WSDL 1.1SOAP 1.1 / WSDL 1.1 WS-Addressing 2004/03WS-Addressing 2004/03 WS-Security 1.0 (U/P, X509, WS-Security 1.0 (U/P, X509,
Kerberos)Kerberos) WS-Secure Conversation WS-Secure Conversation
2004/042004/04 WS-Trust 2004/04WS-Trust 2004/04 WS-PolicyWS-Policy
IndigoIndigo Wire-level interop with WSE3.0 Wire-level interop with WSE3.0
plusplus MTOMMTOM SAML Token Profile 1.0SAML Token Profile 1.0 Security PolicySecurity Policy WS-Federation Active ClientWS-Federation Active Client Enables easy to build STSEnables easy to build STS WS-RM 2005/02, PolicyWS-RM 2005/02, Policy WS-AT/WS-C 2005/02, PolicyWS-AT/WS-C 2005/02, Policy WS-Policy/PolicyAttachmentWS-Policy/PolicyAttachment WS-MEXWS-MEX
Easy to use Digital IdentityEasy to use Digital Identity
Active Directory: FederationActive Directory: Federation
WSD API: Device ProfileWSD API: Device Profile
WS-P
olicy
Delivering WS-* - Other vendorsDelivering WS-* - Other vendorsMessagin
gWSDL
Security RM, TX
Devices
Mgmt
Metadata
WS-X
Fer /
Enum
Device
s Pro
file
WS-A
ddress
ing
WS-F
edera
tion
WS-
Secure
Conv
WS-S
ecurit
y
WS-T
rust
WS-R
M
WS-A
T
MEX
WS-D
isco
very
WS-M
anag
ement
ReleasedReleased
Under Under DevelopmentDevelopment
Co-Author OnlyCo-Author Only AA
SOAP / W
SDL
MicrosoftMicrosoft
IBMIBM
BEABEA AA
SAPSAP
TibcoTibco AA
Cape ClearCape Clear
SystinetSystinet
Blue TitanBlue Titan
Rogue WaveRogue Wave
IONAIONA
ArjunaArjuna
ChoreologyChoreology
ApacheApache
MicrosoftMicrosoft
IBMIBM
BEABEA AA
SUNSUN
OracleOracle
SAPSAP
TibcoTibco
IONAIONA
VerisignVerisign
RSARSA AA
WebMethodsWebMethods
SystinetSystinet
OblixOblix
ApacheApache
CACA AA AA
HPHP AA
HitachiHitachi AA
NetegrityNetegrity AA AA AA
OpenNetworOpenNetworkk
AA AA AA
Ping IDPing ID AA AA
NokiaNokia
MicrosoftMicrosoft
IBMIBM
BEABEA
SUNSUN
OracleOracle
GoogleGoogle
eBayeBay
SAPSAP
TibcoTibco
IONAIONA
VerisignVerisign
RSARSA
WebMethodWebMethodss
SystinetSystinet
OblixOblix
ArjunaArjuna
ApacheApache
Cape ClearCape Clear
IntelIntel
CanonCanon
MicrosofMicrosoftt
IntelIntel
SunSun
DellDell
AMDAMD AA
CACA AA
SonicSonic AA
SystinetSystinet AA
WEBMWEBM
NetIQNetIQ
MicrosoftMicrosoft
IntelIntel
CanonCanon
BEABEA AA
WebMethodWebMethodss
AA
RicohRicoh
EpsonEpson
HPHP
XeroxXerox
Fuji-XeroxFuji-Xerox
BrotherBrother
SystinetSystinet
LexmarkLexmark AA
MicrosoftMicrosoft
IBMIBM
BEABEA AA
SAPSAP AA
SunSun AA
VerisignVerisign AA
SonicSonic AA
CACA AA
WebMethodWebMethodss
AA
WSE supports emerging WSE supports emerging standardsstandards
Implementation of additional WS-* Implementation of additional WS-* protocolsprotocols
Security, Policy and AddressingSecurity, Policy and Addressing
Support for multiple protocolsSupport for multiple protocols
Improved support for explicit messagingImproved support for explicit messaging
Separate pipeline that can be hooked Separate pipeline that can be hooked into ASP.NET or hosted into ASP.NET or hosted
Ability to create SOAP IntermediariesAbility to create SOAP Intermediaries
User Code
How does WSE work?How does WSE work?
SoapContext
Tra
ce
Secu
rity
Refe
rral
Policy
Custo
m
Security Token
Manager
Custom Filters
Secure CommunicationSecure CommunicationProtocol-level securityProtocol-level security
Encrypts the entire messageEncrypts the entire message
Sender must trust all intermediariesSender must trust all intermediaries
Restricts protocols that can be usedRestricts protocols that can be used
SSL SecuritySSL Security SSL SecuritySSL Security
Secure CommunicationSecure CommunicationMessage-level securityMessage-level security
End to end message security independent of End to end message security independent of transporttransport
Supports multiple protocols and multiple Supports multiple protocols and multiple encryption technologiesencryption technologies
Encrypt only parts of the messageEncrypt only parts of the message
Sender need only trust endpointSender need only trust endpoint
WSE SecurityWSE Security
Secure the message rather than the Secure the message rather than the wirewire
Secure various parts of the messageSecure various parts of the message
Mechanism for carrying security tokensMechanism for carrying security tokensIndependent kind of security tokenIndependent kind of security token
Support for Kerberos, X509 Certificate and Support for Kerberos, X509 Certificate and Username/Password Username/Password
Future support for SAML and other identity Future support for SAML and other identity tokenstokens
WSE Policy Driven WSE Policy Driven ArchitectureArchitecture
Beyond WSDL, what else is needed to Beyond WSDL, what else is needed to describe a Web service?describe a Web service?
These other attributes of a service These other attributes of a service can be described with WS-Policycan be described with WS-Policy
XML-based languageXML-based language
Complex: <Or>, <ExactlyOne>, etc…Complex: <Or>, <ExactlyOne>, etc…
WSE provides a Policy Framework WSE provides a Policy Framework with send-side and receive-side policy with send-side and receive-side policy supportsupport
WSE MessagingWSE Messaging
Support for one-way messaging or Support for one-way messaging or client/server modelclient/server model
Full support over dispatch and handling Full support over dispatch and handling of the messagesof the messages
Low-level queue for receiver processing.Low-level queue for receiver processing.
WSE 2.0 MessagingWSE 2.0 Messaging
WSE 2.0 includes a SOAP-based WSE 2.0 includes a SOAP-based messaging APImessaging APITransport independenceTransport independence
Intra-AppDomainIntra-AppDomainFor testingFor testing
Raw TCPRaw TCPHTTPHTTP
Host IndependenceHost IndependenceWindows applicationWindows applicationASP.NETASP.NETWindows ServiceWindows Service
WSE 3.0 Feature HighlightsWSE 3.0 Feature Highlights.NET Framework Integration.NET Framework Integration
Extend ASMX programming model on all transportsExtend ASMX programming model on all transports64 bit support64 bit supportVisual Studio 2005 IDE integrationVisual Studio 2005 IDE integrationPerformance ImprovementsPerformance Improvements
Interoperability and Conformance Interoperability and Conformance Policy assertions for standard security scenarios Policy assertions for standard security scenarios Wire level interoperability with Indigo and 3Wire level interoperability with Indigo and 3rdrd party party stacksstacksMTOM – Message Transmission Optimization MTOM – Message Transmission Optimization Mechanism Mechanism WS-* updatesWS-* updatesSOAP 1.2SOAP 1.2
ToolsToolsSecurity settings tool for standard security Security settings tool for standard security scenariosscenariosConfiguration file migration from WSE 2.0 to WSE Configuration file migration from WSE 2.0 to WSE 3.03.0
WS-Security: Interop with WS-Security: Interop with Released ProductsReleased Products
WSE2.0 SP2 Client/Server Scenario
WebSphere 6.0
Weblogic 8.1.4 Systinet
Sun JWSDP 1.4
Client UsernameToken Green Green Green Green
Service UsernameToken Green(1) Green(1) Green(1) Green(1)
Client X509 Sign Green(2) Green Green Green
Service X509 Sign Green(2) Green Green Green
Client X509 Sign-Encrypt Red(3) Green Green Green
Service X509 Sign-Encrypt Red(3) Yellow(4) Green Green
(1)(1) Requires a configuration change at WSE serviceRequires a configuration change at WSE service
(2)(2) Requires a configuration change at WebSphere service or clientRequires a configuration change at WebSphere service or client
(3)(3) WebSphere 6.0 followed OASIS Oct X509 token profile errata for the value WebSphere 6.0 followed OASIS Oct X509 token profile errata for the value of wsse:KeyIdentifier\@ValueType, which differs from OASIS standard.of wsse:KeyIdentifier\@ValueType, which differs from OASIS standard.
(4)(4) WebLogic 8.1.4 uses wrong encryption type on the Body element. Fix is WebLogic 8.1.4 uses wrong encryption type on the Body element. Fix is available from BEA support services.available from BEA support services.
Can I use WSE today?Can I use WSE today?
Support policy is the same as .NET Support policy is the same as .NET 1.11.1
New versions likely to break previous New versions likely to break previous Side-by-side support so farSide-by-side support so far
Issues with WSEIssues with WSE
Complex to setup and useComplex to setup and use
Requires developers to muck with the Requires developers to muck with the plumbingplumbing
Small but breaking changes even with point Small but breaking changes even with point releasesreleases
HTTP is still the only protocol for HTTP is still the only protocol for interoperabilityinteroperability
Unsupported demos over TCP with Apache Unsupported demos over TCP with Apache AxisAxis
WSE 3.0 - The Road to WSE 3.0 - The Road to IndigoIndigoWSE supports service orientated WSE supports service orientated
ArchitecturesArchitecturesExplicit boundariesExplicit boundariesAutonomyAutonomyDefine contracts with schemaDefine contracts with schemaDescribe requirements with policyDescribe requirements with policy
WSE 3.0 is the road to IndigoWSE 3.0 is the road to IndigoSupport for standard interoperable security Support for standard interoperable security scenariosscenariosWire level interoperable with Indigo Beta 1Wire level interoperable with Indigo Beta 1WSE 3.0 runs side-by-side with IndigoWSE 3.0 runs side-by-side with IndigoUpgrade guidance will be provided from WSE 3.0 Upgrade guidance will be provided from WSE 3.0 to Indigoto Indigo
Business Service
Business Service
Process Logic
Application A
Business Service
Business Service
Application B
Business Service
Business Service
Application C
Exploiting SOA: Composite Exploiting SOA: Composite ApplicationsApplications
Composite applications can be created using Composite applications can be created using process logic to invoke business servicesprocess logic to invoke business services
Composite Application
Implementing Process Logic: Implementing Process Logic: OrchestrationsOrchestrations
The most commonly used term for The most commonly used term for process logic today is process logic today is orchestrationorchestration
Orchestrations can benefit from a Orchestrations can benefit from a platform expressly designed to platform expressly designed to support themsupport them
An application server isn’t enoughAn application server isn’t enough
The goal: Business Process The goal: Business Process Management (BPM)Management (BPM)
Supported by a Supported by a BPM serverBPM server
Orchestration Runtime Services
Supporting Orchestrations: BPM ServersSupporting Orchestrations: BPM Servers
Operating System
Communication Services
Business Rules Services
WorkflowServices
Other Services
Process Monitoring Services
Application Server
Orchestrations
Development Tools
Management Tools
Microsoft’s BPM Server: BizTalk Server Microsoft’s BPM Server: BizTalk Server 20042004
Windows
Business Rules Engine
Human Workflow Services
More
Business Activity Monitoring (BAM)
Orchestrations
.NET Framework
BizTalk Server 2004 Engine
Visual Studio .NET
Orchestration DesignerHealth and Activity
Tracking (HAT)
.NET Web Services Platforms.NET Web Services Platforms
ASMX is the current Web service ASMX is the current Web service platformplatform
Supports basic profile for simple servicesSupports basic profile for simple servicesDoesn’t implement WS-* specificationsDoesn’t implement WS-* specifications
WSE is a platform extensionWSE is a platform extensionCan be used to extend ASMX behaviorCan be used to extend ASMX behaviorCan be used standalone without ASMXCan be used standalone without ASMXProvides support for several WS-* specsProvides support for several WS-* specs
Indigo is the next-generation Web Indigo is the next-generation Web service platformservice platform
Provide a unified programming model Provide a unified programming model along with comprehensive support for along with comprehensive support for WS-* specsWS-* specs
BizTalk is a Business Processes BizTalk is a Business Processes Management serverManagement server