1 / 28

In the Cloud Connect Your Services with the Internet Service Bus

Christian Weyer christian.weyer @thinktecture.com thinktecture. In the Cloud Connect Your Services with the Internet Service Bus. Our Way Through The Sky. Introduction & Motivation for ISB Extending a simple WCF service Identity, Authentication, Authorization Application Scenarios

shelley
Télécharger la présentation

In the Cloud Connect Your Services with the Internet Service Bus

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Christian Weyer christian.weyer@thinktecture.com thinktecture In the CloudConnect Your Services with the Internet Service Bus

  2. Our Way Through The Sky • Introduction & Motivation for ISB • Extending a simple WCF service • Identity, Authentication, Authorization • ApplicationScenarios • MessagingOptions • Summary

  3. S+S Service Experience Web 2.0 Service Delivery SaaS Service Composition SOA Service … … Software + Services

  4. Internet Service Bus – Why Again? • Software+Services seems to me like „SOA done the right way“, frankly • Increasing need to build and enable composite applications in a service-oriented manner • Some solutions look for easy connectivity • Provide value add with advanced messaging options • Strong focus on identity, authentication and authorization required

  5. Imagine… Bond Price Format A Format B Enterprise X

  6. Imagine again… Bond Price Trade Format A Format B Format C Enterprise X

  7. Still imagine… Bond Price Trade Format A Format B Format C Enterprise X

  8. Enterprise Service Bus Pattern Bond Price Trade Format A Format B Format C Enterprise X XML XML XML Enterprise Service Bus

  9. And now imagine… Microsoft “Biztalk Services” BOND PRICE TRADE Internet Service Bus XML XML XML Format A Format B Format C Enterprise X

  10. Can you still imagine…? Microsoft “Biztalk Services” Internet Service Bus XML XML Bank A Format A Format B Application 1 Application 2

  11. Finally, imagine… Microsoft “Biztalk Services” Internet Service Bus XML XML XML Subscribe Subscribe Publish Bank A Format A Format B Application 1 Application 2 Market Data

  12. It looks reasonable, doesn‘t it? Microsoft “Biztalk Services” Internet Service Bus XML XML XML Subscribe Subscribe Subscribe Publish Publish Bank A Format A Format B Application 1 Application 2 Market Data

  13. Possible ISB Usage Scenarios • Syndication • Peer-To-Peer • Callbacks, Notifications • Multicasting, Pub/Sub • Remote Control • Prototyping, Testing C I A Confidentiality, Integrity, Authenticity

  14. „Biztalk Services“ Demystified • Codename „Biztalk Services“ is the currentincarnation of the ISB • Providesseveralservices in the cloud, currently • Identity Management, STS • Connectivity, Relaying • Workflow (just not yet) • Enter the ISB at http://labs.biztalk.net/ • Developers (and architects) can grab an SDK • WCF-based, leveragingstandards • Custombindings and behaviors

  15. Relay Binding “BiztalkServices” Identity Service Trust Connectivity Service 3 Authenticate Connect Open 2 1 4 5 Authenticate Relayed Connection Client Service 6 Direct Connection (optional)

  16. ITokenProvidertokenProvider = new CardSpaceTokenProvider(); ServiceEndpointehep = echoHost.AddServiceEndpoint( typeof(IEcho), new RelayBinding( RelayConnectionMode.RelayedDuplex), "sb://connect.biztalk.net/ services/thinktecture/Echo"); ehep.Behaviors.Add(tokenProvider); RelayBinding In Code

  17. <endpoint address="sb://connect.biztalk.net/ services/thinktecture/Echo" contract="IEcho" binding="relayBinding" bindingConfiguration="myRelay" /> … <bindings> <relayBinding> <bindingname="myRelay" connectionMode="RelayedDuplex" /> </relayBinding> </bindings> RelayBinding In Config

  18. Security Risk Model • Frankly, insome big shops the relaybindingis to date a reason to getfired • Thereis a reason for the DMZ • Youexposeyourveryownmachine to the outside • Customersneed to be aware of this different securityrisk model • Integraterisk model intoanalysisphase • IMO, we will needguidance and tools to properlyset up and configurenetworks for workingwith the relay • Maybe also leverage different technologies, likeTeredoorUPnP

  19. Identity & Claims-Based Acess Rules • Authentication through username/password or information card • „Biztalk Services“ implements a Secure Token Service (STS) based on WS-Trust specification • Feel the future of AD • Authorization based on powerful & flexible claims-based model • Configure through web frontend • Configure through API in SDK

  20. Relay & Identity Message Interaction Identity Relay cert registered w/STS GetToken() GetToken() Relay Connect http://relay.biztalk.net/services/tt/ Open http://relay.biztalk.net/services/tt/ Client Service

  21. Scenario IDuplex Communication & Notifications • Problem • Consumerswant to be notified of new data • No polling, butratherproactive push messagingdesired • NATs and firewalls in the way (by design ) • Solution • Expose duplexcontract through relaybinding • Service can publish new data through the ISB‘saddress • ISB securelydispatchesmessagesappropriately to the callbackendpoints

  22. Scenario IIMulticasting • Problem • Multiple (n) receivers want to receive messages • Sender(s) does not want to send n messages and maintain list of receivers • NATs and firewalls in the way (by design) • Solution • Let the ISB do the maintenance of receivers • Sender send one message to the ISB – the ISB send n messages to n receivers

  23. Multicasting Listen: sb://.../traffic Biztalk Services (Cloud) Send: sb://.../traffic Listen: sb://.../traffic … … …

  24. Scenario IIIMulticast Publish & Subscribe • Problem • Wehave m publishers and n subscribers • Need for infrastructure to handle thesemessageexchanges • Similar to pure multicastingscenario • NATs and firewalls in the way (by design) • Solution • m publishers send to multicastaddress at ISB • n subscribers listen to mulitcastaddress at ISB • ISB does the hardwork of correlation and dispatching

  25. Where Are We? Where Is The ISB? • „Biztalk Services“ is an incubation project • There will be a V1 of the ISB… • Of course, there are still missing parts today, e.g.: • Store and forward • Broader platforms support • Really federated identity • I am sure we will see improved feature support in upcoming releases • Keep track and watch http://labs.biztalk.net/

  26. Summary • Leveraging the cloud for composite applicationscan be a winner • Powerfulmessagingoptions • Enablingotherwise-hard-to-realizescenarios • Internet Service Bus can handle connectivity, authentication, authorization, messaging and otherconnectedsystemsaspects • Thinkaboutsecurityrisk model • „Biztalk Services“ incubation project shows the path to a real ISB – with a real name

  27. Resources • Email Christian Weyer • christian.weyer@thinktecture.com • Weblog Christian Weyer • http://blogs.thinktecture.com/cweyer • thinktecture • http://www.thinktecture.com

  28. © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

More Related