Upload
michael-collier
View
2.966
Download
5
Tags:
Embed Size (px)
DESCRIPTION
Learn about the next generation building block services available in Windows Azure that help to create connected, secure, and reliable services.With services such as Caching, Service Bus (relay, queues, and topics), and Access Control Services (ACS) developers can focus more on building great solutions and less on plumbing services necessary to do so. In this webcast, we will take a look at many of the additional services offered as part of Windows Azure. We'll see just how easy it can be to add scalable caching with Windows Azure Caching, create robust connected solutions with the Service Bus, and secure applications with ACS.
Citation preview
Windows Azure for Developers
Building Block Services
Wednesday, March 7th 2012
About Me
Michael S. Collier
National Architect,
Windows Azure
@MichaelCollier
www.MichaelSCollier.com
Today’s Agenda
• Windows Azure Overview• Building Block Services
– Access Control Services– Caching– Service Bus
• Q & A
Windows Azure Core Components
WORKERROLE
WEBROLE
VM
VMROLE
QUEUESERVICE
BLOBSERVICE
TABLESERVICE
DATABASESERVICE
DATA SYNCSERVICE
IMPORT EXPORTSERVICE
REPORTINGSERVICE
Compute
Storage Database
DataMarket Service
Windows Azure Connect
Service Bus
Access Control Service
Cache Service
Windows Azure Traffic ManagerWindows Azure graphics courtesy of David Pallmann (http://davidpallmann.blogspot.com/)
Building Block Services
• Additional platform services for advanced functionality• Use with “core” services or own their own• Enhance developer productivity• Consume cloud services – initial move to the cloud• Services
– Access Control Services – federated identity management service
– Caching – distributed caching service– Service Bus – messaging and routing service
Access Control Services
• No need to build your own identity management – Another component to maintain– Likely not a distinguishable part of your application– Deal with user management
• User support• Password management (including resets)
Federated Identity Management
• Authenticate– Windows Identity Foundation (WIF)– OAuth and WS-Federation
• Authorize– Claims-based
• Identity Providers– Corporate via Active Directory (ADFSv2)– Social
• Windows Live, Yahoo!, Google, Facebook
– Build your own using membership (identityserver.codeplex.com)
• Write to ACS and let Microsoft worry about the rest
ACS – How Does It Work?
BrowserIdentity Provider
Access Control
Application
6. Login
8. Redirect to AC service
12. Validate Token
1. Request Resource
2. Redirect to ACS
7. Authenticate & Issue Token
9. Send Token to ACS10. Validate Token, Run Rules Engine, Issue Token
11. Redirect to RP with ACS Token
13. Send ACS Token to Relying Party
14. Return resource representation
3. Auth/N
5. Redirect to IdP
4. Home-realmDiscovery
Dia
gram
cou
rtes
y of
Win
dow
s Az
ure
Boot
Cam
p
DEMOWindows Azure Access Control Service
ACS – Final Tips
• Update session cooking handling– WIF uses Data Protection API (DPAPI) by default.– DPAPI not support in Windows Azure.– Encrypt cookies with RSA using a certificate (SSL or self-signed (dev))– Windows Azure Training Kit has full example– http://
davidpallmann.blogspot.com/2011/12/mobile-global-with-html5-mvc-windows_27.html
• Put WIF configuration params in ServiceConfiguration– WIF uses web.config– Read in params from ServiceConfiguration.cscfg on role start and
rewrite web.config– http://
blogs.msdn.com/b/vbertocci/archive/2011/05/31/edit-and-apply-new-wif-s-config-settings-in-your-windows-azure-webrole-without-redeploying.aspx
Caching
• Distributed, in-memory caching for Windows Azure apps• Scalable, low latency, and high throughput• Very similar to Windows Server AppFabric Caching• Ability to enable a local cache• Limits
– 8MB per object– No serialization for local caching
• Security via ACS
Caching
• Easy to plug in as provider for ASP.NET session state and page output
• Sample client configuration XML provided in portal
Caching
• Add the following assemblies– Microsoft.ApplicationServer.Caching.Client.dll– Microsoft.ApplicationServer.Caching.Core.dll– Microsoft.WindowsFabric.Common.dll– Microsoft.WindowsFabric.Data.Common.dll– Microsoft.Web.DistributedCache.dll (for ASP.NET web projects)
• Write the code
Service Bus
• Robust messaging and routing services• Ability to connect services across networks
– Defeats NATs and firewalls– Great for hybrid application scenarios!
• Uses ACS for security
Message Relay
Sender Receiver
Service Bus
sb://namespace.servicebus.windows.net/service
Upgrade connection – NAT traversal connection
Message Relay
• Use SB addressing and bindings• Simply use new ‘relay’ bindings• Behavior for ACS authorization
• Not new . . . Been in Service Bus for a while!
Service Bus Message Queues
• Reliable and durable – backed by SQL Azure• Store up to 1GB per queue• No TTL – unlike Windows Azure queues• 256KB maximum message size• Messaging API, WCF, and REST interfaces
Publisher ReceiverQueue
Service Bus Topics (pub/sub)
• Takes SB Queues to the next level• 2,000 subscriptions on a single Topic• Subscription is a virtual queue – gets a copy of each message• Filters
– Use SQL92 syntax to configure Subscription to receive only messages with matching properties
• Actions– Modify message properties as they’re selected
Publisher
Subscription
Topic
Receiver
Receiver
ReceiverSubscription
SHOW ME THE CODE!Windows Azure Service Bus Queues & Topics
Summary
• Compute roles, storage, and SQL Azure get a lot of attention.
• Don’t forget about the building block services
Service Bus
Access Control Service
Cache Service
Robust service relay and messaging
Easy to configure Cache-as-a-Service
Federated identity management (authentication and authorization)
Resources
• How To Guides for .NET– http://www.windowsazure.com/en-us/develop/net/
• Managing Caches in Windows Azure– http://msdn.microsoft.com/en-us/library/windowsazure/gg618005.aspx
• Windows Azure Service Bus Best Practices– http
://windowsazurecat.com/2011/09/best-practices-leveraging-windows-azure-service-bus-brokered-messaging-api/
• Service Bus Explorer– http://code.msdn.microsoft.com/windowsazure/Service-Bus-Explorer-f2abca5a
• Rick Garibay – “Azure AppFabric Service Bus Brokered Messaging GA & Rude CTP Diffs”– http://
www.rickgaribay.net/archive/2011/09/14/azure-appfabric-service-bus-brokered-messaging-ga-amp-rude-ctp.aspx
• Vitorrio Bertocci’s Blog– http://blogs.msdn.com/b/vbertocci /
Q &
A
Ask your questions