Your SlideShare is downloading. ×
CTU June 2011 - Windows Azure App Fabric
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Introducing the official SlideShare app

Stunning, full-screen experience for iPhone and Android

Text the download link to your phone

Standard text messaging rates apply

CTU June 2011 - Windows Azure App Fabric

2,008
views

Published on

Published in: Technology

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
2,008
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
23
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • There’s a number of things that I’d like to point out to you before we break into a demo.First, the caching service comes with out-of-the-box ASP.NET providers for both session state and page output caching. This makes it extremely easy to quickly speed up your existing applications by leveraging these providers and updating your web.config files. You can also leverage the local cache, which stores data on the client to speed up access to data retrieved from the Caching service.You can cache any managed object, with no object size limits. Also, when you leverage the local caching option, you won’t pay any serialization costs, as the data will stay on the client. This can make for some extremely fast solutions.You will leverage the exact same APIs you have used with Windows Server AppFabric Caching, which are .NET assemblies. This makes it very easy to get going.The Caching service is secured by the Access Control Service. Through config or at runtime, you simply specific an ACS token that is used for authentication.Finally, as we move towards commercial launch, we’ll add many of the features that make Windows Server AppFabric Caching extremely popular, such as High Availability, which minimizes data loss by persisting the cache, regions for partitioning and co-locating data, the ability to emit notifications to clients when then need to refresh their local cache, and more.
  • Slide ObjectiveExplains the operation of Session state in Windows Azure multi instance rolesSpeaking NotesMust move session state off the Web Role instances In this animationFirst request hits one instanceSubsequent request hits another instanceAt the end of the animation the value of Foo is hard to determine.Is it 1, 2 or null?Will depend on which server the LB routes our request toNotes
  • Transcript

    • 1. A Lap AroundWindows Azure AppFabric
      Wely Lau
      Microsoft MVP, Windows Azure
      “Cloud” Architect, NCS
      Email : wely@ncs.com.sg
      Blog: http://wely-lau.net/
    • 2. Agenda
      Windows Azure Platform In One Slide
      What is Windows Azure AppFabric?
      Identity and Access Control
      Service Bus
      Caching
    • 3. “Windows Azure Platform” In One Slide
      Compute
      Storage
      Virtual Network
      • Connect
      • 8. Traffic Manager
      Reporting
      Database
      Data Sync
      Access Control
      Service Bus
      Caching
    • 9. Agenda
      Windows Azure Platform In One Slide
      What is Windows Azure AppFabric?
      Identity and Access Control
      Service Bus
      Caching
    • 10. Motivating Challenges
      How do you expose your software to users outside of your organization?
      Can they use their existing identities? Social identities?
      How do you integrate with components outside your corporate network?
      What about smaller, non-enterprise customers?
      How do you reduce latency and increase performance?
      Access Control
      Service Bus
      Caching
    • 11. What is Windows Azure AppFabric?
      Comprehensive building block services / middleware for developing, deploying, and managing app
      Goals
      Extend .NET technologies to the cloud
      Increase developer productivity
      Bridge existing applications to the cloud
      Open and accessible service API
      REST, SOAP, RSS, AtomPub, …
      Class libraries for .NET, Java, PHP, Ruby,
    • 12. Agenda
      Windows Azure Platform In One Slide
      What is Windows Azure AppFabric?
      Identity and Access Control
      Service Bus
      Caching
    • 13. Identity – Stuff to think about
      Login / Federated Login
      Authentication
      Authorization
      Username & Password
      Membership Database
      Identity Providers
      Single Sign On
      Tokens & Its Format
      Security & Certificate
      And the list goes on…
    • 14. Single Identity Approach
      The site is the Identity Provider
      I have 100s of these identities
      “island of identity”
      It’s annoying
    • 15. Using a 3rd party
      Pick a 3rd party, rely on it
      Somewhat limiting, but a step in the right direction
      Typically “claim-based”
    • 16. Claim-based Identity Term Definitions
      Relying Party
      Your application that rely on IdP for authentication and authorization
      Identity Provider (IdP)
      Third party service that will authenticate your users
      Ex: GoogleID, WindowsLiveID, Yahoo!, or even your app
      Claims
      A statement that one subject makes about itself or another subject.
      E.g. : name, email, groups, privilege, etc…
      Security Token
      A piece of token representation of claims that is cryptographically signed by the issuer
      Security Token Service (STS)
      A service that issues claims and packages them in encrypted security tokens
    • 17. Typical Claims-based App Sequence
      Browser
      Identity Provider / STS
      Application (Relying Party)
      1. Request Resource
      2. Redirect to Identity Provider
      4. Authenticate &
      Issue Token
      3. Login
      5. Redirect to Relying Party
      7. Validate
      Token
      6. Send Token to Relying Party
      8. Return resource representation
    • 18. But… I want more IdP…
      I want my user, can log-in with
      Challenges:
      Deal directly with different IdP
      Deal directly with different Security Token Format?
      Deal directly with different Protocol
      Deal directly with different …
      Enterprise
      Active Directory
    • 19. Access Control Service
      Integration SSO and centralized auth into your web
      Hides one layer of abstraction
      Just to deal with ACS, not with many IdP
      Access Control Service
      Your App
      ….
      ADFS 2.0
    • 20. Access Control Website Sequence
      Browser
      Identity Provider / STS
      Access Control
      Application (Relying Party)
      1. Request Resource
      2. Redirect to Identity Provider
      4. Authenticate &
      Issue Token
      3. Login
      5. Redirect to AC service
      7. Validate Token, Run Rules Engine,
      Issue Token
      6. Send Token to ACS
      8. Redirect to RP with ACS Token
      10. Validate
      Token
      9. Send ACS Token to Relying Party
      11. Return resource representation
    • 21. Access Control Features
      Integrates with Windows Identity Foundation and tooling
      Claims-based access control
      Support for OAuth WRAP, WS-Trust, and WS-Federation protocols
      Support for the SAML 1.1, SAML 2.0, and Simple Web Token token formats
      Integrated and customizable Home Realm Discovery
      OData-based Management Service to ACS configuration
    • 22. demo
      Access Control Service- Preparing simple app- Setting up ACS account- Add STS Ref- Security Token Visualizer- Simple Authorization
    • 23. Agenda
      Windows Azure Platform In One Slide
      What is Windows Azure AppFabric?
      Identity and Access Control
      Service Bus
      Caching
    • 24. Service Bus
      Provides secure messaging and connectivity across different network topologies
      Enables hybrid applications that span on-premises and the cloud
      Enables various communication protocols and patterns for developers to engage in reliable messaging
    • 25. … and here’s why this is interesting …
      Existing code, not designed for the cloud
      Things you can’t run in the cloud
      Things you might not want to run in the cloud
    • 26. Enabling hybrid applications
      Datacenter
      Partner
      LOB app
      Mobile Device
      LOB web service
    • 27. Enabling hybrid applications
      Partner
      Datacenter
      ACS
      LOB app
      SB
      Mobile Device
      LOB web service
    • 28. Enabling hybrid applications
      Datacenter
      Partner
      ACS
      LOB app
      SB
      Mobile Device
      LOB web service
    • 29. Enabling hybrid applications
      Datacenter
      Partner
      ACS
      LOB app
      SB
      Mobile Device
      LOB web service
    • 30. Relay
      Relay Connections
      http://{account}.servicebus.windows.net/a/b
      Outbound SSL TCP connection to relay rendezvous endpoint
      Receiver can also listen over
      HTTP to overcome port restrictionson the receiving side (“Web sockets”)
      One-Way Messagesthrough TCP Tunnel
      Sender
      Receiver
    • 31. Relay
      Direct Connections
      http://{account}.servicebus.windows.net/a/b
      - Outbound SSL TCP connection to relay - Out-of-band protocol to negotiate Direct Connection
      Sender
      Receiver
      Upgrade to direct connection when possible
    • 32. Relay
      Eventing: Publish/Subscribe
      http://{account}.servicebus.windows.net/a/b
      Outbound SSL TCPconnection to relay rendezvous endpoint
      One-way messagesthrough TCP Tunnel
      Sender
      Receiver
      Receiver
      Receiver
      Receiver
    • 33. Have a Service Listen on the SB
      Listen on SB address
      Enable ACS Auth behavior
      Use a ‘relay’ binding
    • 34. Connect to a Service as a Client
      Again, just use a SB address and binding
      Use a behavior to handle ACS authorization
    • 35. demo
      Service Bus- Local Svc Hosted on IIS- Exposing WCF to Service Bus- Establishing Direct Connection- Eventing
    • 36. Agenda
      Windows Azure Platform In One Slide
      What is Windows Azure AppFabric?
      Identity and Access Control
      Service Bus
      Caching
    • 37. Latency Pyramid
      Memory
      Windows Azure AppFabric Caching (local cache)
      Lowest latency
      Network
      Windows Azure AppFabric Caching (distributed cache)
      Lower latency
      Disk
      Highest latency
      Storage
    • 38. What is the Caching service?
      A distributed, in-memory cache for applications running in Windows Azure:
      In-memory cache located near your Windows Azure applications
      Simple administration
      Based on Windows Server AppFabricCaching
      Benefits:
      Highly scalable 64-bit caching solution with low latency and high throughput
      Can dynamically increase and decrease as needed, without redeploying or modifying your application
      Doesn’t have to bother with configuration, deployment, or management of their cache infrastructure
    • 39. Windows Azure AppFabric Caching
      Differentiators
      Built-in ASP.NET providers for session state & page output
      Extreme low latency with the local cache
      Caches any managed object
      (CLR objects, rows, XML, Binary Data…)
      Only requirement is that the object should be serializable
      Easily integrates into existing applications
      Secured by the Access Control Service
    • 40. Anatomy of A Distributed Cache
      Cache footprint or bandwidth requirement may grow beyond a single VM
      Distributed caches scale out
      Multiple role instances may be cache clients
      Clients access the cache as if it was a single large namespace
      Unified Cache View
      Cache layer distributes data across the various cache instances
    • 41. Caching Features
      ASP.NET providers for session state and page output caching
      Cache any managed object
      No object size limits
      No serialization costs for local caching
      Easily integrates into existing applications
      Secured by Access Control
    • 42. Windows Azure Session State
      Windows Azure Load Balancer uses round-robin allocation. Session state must persist to client or storage on every request
      session[“foo”] = 1;
      session[“foo”] = 2;
      LB
      What is the value of session[“foo”]?
    • 43. AppFabric Caching Session State
      Session state stored using Windows Azure AppFabric Caching and an out-of-the-box session state provider
      session[“foo”] = 1;
      session[“foo”] = 2;
      LB
      What is the value of session[“foo”]?
      AppFabric Caching
    • 44. demo
      Caching- Standard data cache API- Measuring data throughput- “built-in” Session Cache Provider