Transcript Programming "Indigo" Part 2: Secure, Reliable, Transacted Services

Session Code: WSV 302
Programming "Indigo" Part 2:
Secure, Reliable, Transacted Services
Don Box
Architect
Microsoft Corporation
http://www.gotdotnet.com/team/dbox
1
Presentation
Data
Avalon
UI
Object
Media
Desktop Window Controls Interop
Manager
Engine
Desktop
Services
WinFS
Designer
Services
Personalization and
Profiling Services
Hardware
Rendering
Controls
Membership and
Security Services
Media Services
Base Operating System Services
CLR
Application Deployment
Engine
(Click-Once)
GDI/GDI+ Window
Manager
DDI
Memory
Manager
Audio
Drivers
Power
Manager
Memory Manager
…
DataSet
Data Model
Transport Channels
(IPC, HTTP, TCP…)
SQL XML
Items
Channel
Security
Eventing
Message
Encoder
Routing
Backup /
Restore
Security
Reference
Monitor
Transaction
Coordinator
LPC
Facility
Collaboration
History
System Services
Real-Time
Activities
Transaction
Signaling
Federation
Security
Serialization
Network Services
Lightweight
Transactions
Logging
Service
People and
Groups
Queuing
Communications Manager
(Port)
Providers
Extensions
Hosting Layer
Kernel
Transaction
Manager
Messaging
Services
Policy
Engine
Relationships
Loader
Graphics drivers
Kernel
Document
Channels
(Datagram, Reliable,
Peer, …)
Network Class Library
Code Execution
Storage
Process
Manager
Media
ObjectSpaces
Base Class Libraries
Transactions
Config
Manager
Connectivity
Group
Calendar
FileSystem Services
(MetaDataHandlers..)
DirectX
Graphics
DirectX
Graphics
Mini port
Service
Identity &
Security
System
PNRP
File Replication
Service
Virtual Disk
Service
Universal
Data
Format
TCP
Listener
UDP
Listener
IPC
Listener
Protocols
Filter
Engine
Cache
Manager
FAT 16/32
Demand Activation and Protocol Health
Internet Connection Firewall
Management
Filter
Redirectors Distributed
File System Manager
Transacted
NTFS
Native SIP
WiFi
IO Manager
SCSI/FC
TPC, UDP
IPV4, IPV6
IPSEC
QOS
HTTP
Listener
Kernel Mode
Plug and
Play
Input
Manager
Global
Audio
Engine
InfoAgent
(PreferenceRules..)
Collaboration
Framework
Animation and Media
Capture and
Composition
Processing Sourcing
Software Rendering
and Sinks
People
Synchronization
(WinFS, Win32..)
Page/Site
Composition
Desktop
Composition Engine
XML
Schemas
Services
Adaptive UI
Engine
Application
Services
Presentation
Object Manager
T/SQL
Indigo
ADO.NET
Models
Document
Communication
ASP.NET
Windows
Forms
Device Drivers
802.3
802.11
..
Hardware Abstraction Layer
2
Make the connection
“Indigo” Architecture
Messaging Services
Service Model
Queuing
Instance
Manager
Context
Manager
Service
Methods
Type
Integration
Transacted
Methods
Declarative
Behaviors
Routing
Connector
Channels
(Datagram, Reliable, Peer, …)
Transport Channels
(IPC, HTTP, TCP…)
Policy
Engine
Eventing
Channel
Security
…
Message
Encoder
System Services
Transaction
Communications Manager (Port)
Federation
Hosting Environments
ASP.NET
.container
.exe
NT Service
DllHost
…
3
What Is Indigo?
“Indigo” is a set of .NET technologies for
building and managing
service-oriented systems
“Indigo” is scale-invariant
“Indigo” is broadly interoperable
“Indigo” provides a unified programming
model and runtime
4
The Role Of Transactions
Intra-service correctness
Availability versus latency
Compensation and trust
Declarative and ubiquitous
5
System.Transactions
Declarative Transactions (Indigo)
([Transaction])
Implicit Transactions
Resource Manager Utilities
(Transaction.Current, TransactionScope)
(Log, Isolation)
Manual Transactions
(ITransaction, ITransactionManager, IEnlistment)
6
System.Transactions
7
“Indigo” And Transactions
Transacted Methods
Transaction scopes can be automated
through attribute
Tx.Current established by Service Model
Outcome determined based on
normal/abnormal termination
Origin of transaction orthogonal to scope
8
“Indigo” And Transactions
Transacted I/O
“Indigo” channels can support transaction
protection on message delivery
Transacted send defers transmission until
successful TX outcome
Transacted receive returns message to
queue upon failed TX
Established during channel creation
Per-method attribute sets defaults
9
“Indigo” And Transactions
Transacted Services
Common logging facility makes
compensation efficient and tractable
Unified log between TM, RM, and application
Based on ARIES log protocol
Isolation support via service-specific
optimistic concurrency or via
TX-aware locks
10
“Indigo” And Transactions
Transaction Propagation
“Indigo” supports propagation of arbitrary
execution context
DCOM causality
.NET Remoting LCID
ILogicalThreadAffinitive
Transactions are but another piece of
context that can flow
Propagation is opt-in for services, opt-out
for objects
11
“Indigo” And
Transactions
12
The Role Of Reliable
Messaging
The impact of intermediaries
The impact on contracts
Immediate versus deferred
message transfer
13
Reliable Messaging In Indigo
“Indigo” provides reliable message
sequences
Uni- or bi-directional
Sender/receiver lifetimes may overlap or
not
Message store is configurable
Volatile versus durable
Transacted resource manager
Parameterized delivery assurances
14
Reliable Messaging In Indigo
RM characteristics specified as channel
capabilities/requirements
Services specify characteristics via per
class/interface attribute
Contract carries essential details
Characteristics of proxy subject to contract
+ imperative calls
15
Reliable Messaging
16
The Role Of Security
Services have a variety of security needs
Messages need to be protected or both
integrity and confidentiality
Services and clients need authentication
Services often wish to grant authorization
selectively based on client credentials
All of this needs to work across
organization and platform boundaries
17
“Turn-Key” “Indigo” Security
Development (code attributes)
Annotate services with code attributes
Define authentication, confidentiality, integrity,
and access control requirements
Deployment (configuration)
Define and select security profile settings
Administration (security data)
Specify authorization mappings (user to role)
Specify username-password credentials
Specify presentation credentials
18
Turn-Key Development
Declarative Attributes
Annotate Service classes and methods
Security Requirement Attributes
Integrity
Confidentiality
ClientAuthentication
AccessControl
Security Settings Profile
Each requirement is scoped to the messages
corresponding to the annotated class or method
19
Turn-Key Deployment
Configuration and Profiles
Define security profiles which indicate how
security requirements are to
be satisfied
Developer or deployer may define their
own security profiles
Common security profiles are predefined in
machine.config
A scope of messages are bound to a
security profile
20
Turn-Key Deployment
Configuration and Profiles
A security profile is composed of the
following security settings
Authentication mechanism
Intranet (Windows Kerberos)
Internet (Username-password)
B2B (X.509)
Federated (XrML or SAML)
Replay Detection mechanism
Encryption mechanism
Authorization provider
21
Turn-Key Administration
Security Administration Data
Security Administration Data includes three
kinds of information
Presentation Credentials – for presenting to
other services
Trust Credentials – for authorizing trusted
users, partners, or issuers
Authorization Data – for mapping input claims
to authorization data
(e.g., user to role)
22
“Indigo” Security
23
Where Are We?
“Indigo” uses transactions to increase the
reliability and correctness of services
“Indigo” provides reliable and durable
message transmission between services
“Indigo” supports a broad range of security
protocols using a simple declarative
programming model
24
For More Information
Come see us
Immediately after this session
Web/Services Lounge: 309 Foyer
MSDN “Longhorn” DevCenter
http://msdn.microsoft.com/longhorn
Newsgroup
microsoft.public.windows.developer.winfx.indigo
At PDC
Hands on labs: On-site or download from CommNet
Ask The Experts: Tuesday 7 P.M. – 9 P.M. Hall G, H
PDC Weblogs: http://pdcbloggers.net
25
© 2003-2004 Microsoft Corporation. All rights reserved.
This presentation is for informational purposes only. Microsoft makes no warranties, express or implied, in this summary.
26