Leveraging the azure cloud for your mobile apps


Published on

Slides used at the Cloud & Mobile event hosted at Info Support Thursday 11 October 2012

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Leveraging the azure cloud for your mobile apps

  1. 1. Leveraging the Azure cloud for Dennis Marcel Vroegop de Vries Regional Directoryour mobile apps DotNed @dvroegop @marcelv #ISMOB
  2. 2. Thank you! Workshop Mobile Development - Introduction
  3. 3. context Mobile Case Cloud
  4. 4. Context
  5. 5. Trend 1: Mobile
  6. 6. Market research # of mobile devices sold now exceeds # of PC’s!Source:http://www.businessinsider.com/
  7. 7. Market research In a few years the number of mobile devices will dwarf the number of PC’sSource:http://www.businessinsider.com/
  8. 8. Application types
  9. 9. Application typesNative look & feel -- -- ++Camera Access -- +- ++GPS ++ ++ ++Secure service communication JSON/REST JSON/REST JSON/SOAPAccess to calendar -- -- ++Twitter integration +- +- +Distribution ++ AppStore presence AppStore presence
  10. 10. All apps have one thing in common They need data! Where do you get it from and where do you store it? – From the device and only on the device? • Perhaps 1% of the cases – 99% of the apps build need some way to connect to backend services
  11. 11. This imposes an important question Where does your data live How can I connect to the data – In your corporate network? – Using corporate identity? – Using a VPN? Almost all classic solutions to today’s business apps don’t apply to mobile – I connect from anywhere
  12. 12. How do you cope with success? So you create an app to draw a doodle and let other guess what it is, big deal right? – Where do you store the drawing – Where do you manage sessions – Where do you keep user scores – …. So you need a backend with services
  13. 13. But how many users will you have? Mom and Dad for sure, perhaps your brother, sister and their friends, nothing to get excited about – So where would you host your services? – Some old Linux server in your basement? What if I prepare for success – Need to buy a server farm, big upfront expenses
  14. 14. Now imagine success 9 Years it took for AOL to hit 1 million users 9 Months it took for Facebook to reach 1 million users 9 Days it took for Draw Something to reach 1 million users – 37 million Total downloads of the app – 3 billion Total drawings users have created since the game was released seven weeks ago – 2,000 Drawings created every second
  15. 15. How the cloud creates a levelplaying field
  16. 16. Typical Scenario
  17. 17. Cloud implications on architectureCloud introduces a new phenomenon– Pay as you go cost modelThis can have major implications on your architecture– Which cloud specific features do I useHard questions– Pay based on I/O or Compute cycles • How many I/O’s to storage of my service? • Algorithms can make a difference!– How much data am I going to store • Price differences based on storage models
  18. 18. Windows Azure as your backend Very easy to leverage the pay as you go model Leverage all the knowledge you already have – Building web application – Build Soap Services – Building Rest Services Just publish to azure and you are done
  19. 19. Azure programming model Important is that we can scale out our application – A.k.a. stateless services Azure load balances virtual machines for you – Nodes are not sticky!
  20. 20. Data communication with mobile Be aware that your data transfer can incur costs for the device owner – Metered networks Be aware of latency – Good for 1 call get much data – Bad for do many small calls with little data
  21. 21. What protocol to use?• SOAP – Most convenient in terms of programming and productivity – Proxy generation based on wsdl – Simple an familiar model• JSON – Better in terms of bandwidth usage – Harder in terms of productivity • Need to hand code the proxy• OData – Bandwidth wise almost similar to SOAP, since it uses Atom XML as carrier – Same productivity issues as JSON – Better for the universal client like Excel, not mobile
  22. 22. Your RAD services options today ASP.NET Web API – XML/JSON/OData/… WCF Data Services – JSON/OData WCF RIA Services – JSON/OData/SOAP All share a common programming model, just different origin All part of .NET FW and there to stay
  24. 24. Securing your services Securing your services
  25. 25. Securing your service using ACS All services technology can leverage security from ASP.NET But do we want to maintain yet another membership database with user information? – Another user name and password to maintain for the end user – So 2005  Can’t we outsource identity management?
  26. 26. Introducing Azure ACS• Let’s use the same identity most users already have – Live ID, Google ID, Facebook, Yahoo, etc.• Don’t want to write integration with each one of these services yourselves• Azure Access Control Service (ACS) does this for you – You integrate with ACS and ACS will handle integration with other parties – Can add any WS-Federation compliant STS like a corporate ADFS
  27. 27. ACS terminology• STS – Security Token Provider – Any party that can issue an authentication token• Identity provider – Party that maintains the user identity, this is Windows Live, Google, Yahoo, Etc.• Relying Party – This is the party relying on another identity provider to hand over a set of claims about who that identity is • Windows live -> Unique id • Google -> Email Address • …• In our case we use ACS as our identity provider, who will delegate that to another IP – So IP token we get is always coming from ACS and we don’t need to worry about all other parties
  28. 28. Authentication experience Identity Providers Configured in ACS
  29. 29. Overview authentication steps Identity Realm Your Phone App ACS Provider page Service GetIdentityProviders() Request to login page Login Depending on ACS config for SWT or IDP Token SAML you get a header or a cookie Map claims ACS Token Cookie (containing ACS token) Request (with cookie)
  30. 30. Intercepting the cookie from login Used the Azure phone toolkit, to use the standard login control Extend it to work with cookies – Add a default.aspx page to your site that can return the cookie as text – Catch that from the page by enabling the web browser control to accept JavaScript notify calls – In default.aspx page, you add script notify call to hand over the cookie data All subsequent SOAP calls use the cookie
  31. 31. Intercepting the cookie Get IDP’s ACS JSON set of IDP’s Browse to IDP IDP (e.g. windows Live) Redirect to ACS + token Redirect to ACS + token ACS Redirect to return URL Return cookie + SAML token cookie using script invoke Go to login page My Site
  32. 32. Changing the client to use SWT When using rest, you can add a custom header to your request string headerValue = string.Format("WRAP access_token="{0}"", token); client.Headers.Add("Authorization", headerValue); When using WCF & SOAP, you need to add a custom header to the request using (var ctx = new OperationContextScope(proxy.InnerChannel)) { HttpRequestMessageProperty httpRequestProperty = new HttpRequestMessageProperty(); httpRequestProperty.Headers[HttpRequestHeader.Authorization] = String.Format("WRAP access_token="{0}"", token); OperationContext.Current.OutgoingMessageProperties[HttpRequestMessageProperty.Name] = httpRequestProperty; }
  33. 33. Changing the client to use SAML You need to add a cookie to each service request, for JSON: CookieCollection coll = App.AuthenticationCookieContainer; WebClient webrequest = new WebClient(); String cookiestring ="" ; foreach (Cookie cookie in coll){ if (count++ > 0){cookiestring += "; ";} cookiestring += cookie.Name + "=" + cookie.Value; } webrequest.Headers[HttpRequestHeader.Cookie] = cookiestring; For SOAP using WCF stack EventsServices.EventsDomainServicesoapClient proxy = new EventsServices.EventsDomainServicesoapClient(); proxy.CookieContainer = App.AuthenticationCookieContainer;
  35. 35. Announcing….. http://www.meetup.com/Dutch-Mobile-NET- Developers-Group
  36. 36. SummaryMobile trend is just taking offMobile is nowhere without servicesDeliver services at the scale of success with the cloudNew user interface concepts will influence the way webuild appsEach form factor requires unique interfaceCloud is there to support our massive computing demandPay as you go model – Game changer for new business models!Cloud services can ease your development headache
  37. 37. Thank you! Dennis Marcel Vroegop de Vries DotNed Regional Director @dvroegop @marcelv Next session: 20:30Lenni Occasionally Connected Systems with Windows AzureLobel and Windows PhoneSleek Technologies@lennilobel