WCF is the unified framework for rapidly building secure, reliable, interoperable, service-oriented applications. It’s a set of classes that extends the .NET Framework 2.0 that you can use to take care of the dirty work of building distributed systems. WCF is a part of WinFX, the next-generation programming model for Windows Vista and beyond. Transition : Before we dive into WCF, let’s do a quick demo to see how WCF works in practice.
Speaker Notes Here’s a high-level view of the WCF architecture. At the top is your code, the code you’re developing in Visual Studio or your environment. <click>The WCF service uses an address (like “http://localhost”), a binding that determins how the service communicates, and a contract that specifies what operations the service can carry out. <click>The binding consists of modules that specify how the service communicates, such as <click> which transport the service communicates on, whether http, tcp, etc <click> what encoder the service uses, like a text/XML encoder, a binary encoder, or a custom encoder <click> what kind of security the service requires <click> and any other communication requirements. <click> When a message comes into the service, it is taken off the transport <click> decoded with the proper decoder <click> security is negotiated away <click> and then the message is dispatched to the appropriate part of your code.
Windows Presentation Foundation (WPF) is a productive, unified approach to UI, Media, and Documents that you can use to deliver unmatched user experiences to your customers.
User experience is more than “looks”. User experience represents the overall interaction process of the user with an object. This interaction provides the user with an added value benefit. In this case the benefit that both tools offer is “opening a can”. However it is evident that the can opener will provide the user with a better overall user experience on obtaining the benefit. It is more secure, easier to use and can achieve the benefit faster than the knife. Let’s take this example even further. What is the difference between 2 cars - a 10K car and a 40K BMW? Both take you from point A to point B. There’s a world of difference. For one, the BMW has a much superior user experience (styling, handling, performance, etc.) In addition, notice that a BMW offers its owners an emotional connection, a “pride of ownership.” This gives BMW a unique brand in the eyes of its owners, and to the millions of potential owners who dream of buying this car some day! This shows us that user experience has tremendous business value – ability to differentiate products, create brand awareness, and customer satisfaction.
We say earlier how user experience is so common-place in consumer goods. Yet, when it comes to software, we are happy to live with “good enough” experiences. When was the last time you had a very satisfying experience with your software, where you thought to yourself “I Love my Software.” Is this because user experience in software does NOT matter? Microsoft firmly believes that user experience in software does matter. Even with our own products, such as Windows Vista and Microsoft Office 2007, Microsoft is delivering software with amazing user experience. User Experience (UX) matters because it helps end-users use products in an easy way (easy to use, relevant, secure, etc.). The things that make a software have a good UX is richness, data viz, globalization, accessibility, etc. UX can be easily measured based on success of usage, productivity, retention, comprehension, and so on.
Deliver Innovative User Interfaces Unified approach to UI, media, and documents Vector-based composition engine, hardware acceleration, resolution independent graphics engine Works on Windows Vista, Windows XP and Windows Server 2003 Increase Developer-Designer Productivity; Flexible Application Deployment Visual Studio IDE for developers; Microsoft Expression for designers Declarative programming (XAML) for better designer-developer collaboration Common code base and flexible deployment as stand-alone client or in browser Leverage Existing Code Base and Skill Set Interoperability with Windows Forms, Win32, DirectX, MFC, ActiveX Leverage vested knowledge in .NET Framework, CLR languages, and Visual Studio IDE WPF, a WinFX component, is Microsoft’s strategic presentation technology for Windows smart client user experiences. Use WPF to deliver innovative user interfaces through support for UI, media, document services, hardware acceleration, vector graphics, resolution-independent DPI for different form factors, data visualization, and superior content readability. Increase developer-designer productivity and collaboration through Visual Studio, Microsoft Expression Interactive Designer, and XAML. Write code once, and deploy as stand-alone client or in a browser. Incrementally embrace WPF through interoperability with Win32 and Windows Forms. Leverage vested knowledge in .NET Framework, CLR languages and Visual Studio IDE. Derive business value through new paradigms of user experiences, business intelligence through data visualizations, brand awareness through differentiated customer experiences, and customer loyalty through higher customer satisfaction.
… “ Who are you?” It’s an easy question to ask, but a hard one to answer, and I answer in a manner that’s appropriate to the context in which I am being asked. If I am asked who I am by someone I’ve never met before, I might only offer my name. If I am asked by someone at a conference, I might also offer my employer’s name and my role within that company. If I am asked who I am by a bank clerk when I open a new bank account, I might have to provide several pieces of identtiy information including proof that I have successfully identified myself to several other organizations (e.g. providing my drivers licence, passport, utility bill, mortgage papers, etc). I have several “identities” each representing a set of claims that identify me to different levels of accuracy, and each are applicable in a finite number of scenarios. But why is the question of identity now so very important? [Click]
The main reason that identity is now such a hot topic is based upon the fact that there is more opportunity to connect. High bandwidth communications via the Internet are now almost ubiquitous and span a broad range of scenarios Within organizations Between organizations At home (DSL/Cable/…) And elsewhere (GPRS/…) This has resulted in a rapid increase in the adoption of products and services available via the internet, and many of these services require some form of user authentication
So, what’s the solution? Imagine if we could replace usernames and passwords with cryptographically strong tokens containing identity claims corroborated by a trusted third party This is what InfoCard and the Identity Metasystem gives us! &quot;InfoCard&quot; is the codename for a new feature of Windows Provides a rich, consistent experience to help users better manage and control their identities Identities are represented as “Cards” For the user: Simple to use - no more pesky username/password combinations to remember! Consistent UX - works the same, wherever you go Safe, highly secure environment shields your identity from attack For the RP: Reduced fraud Reduce overheads & improve bottom line Richer relationship with customers that you now KNOW Simplify identity management infrastructure Simple to adopt For the IP: Opens up a lot of business opportunities Reduced fraud Enable richer services for customers 11/25/09
Cards contain no actual identity data – only metadata: A list of the claims that a card represents Where to go in order to obtain the claims A signature identifying the card The actual data behind a card is dynamically obtained from the IP: From a local store for “self-issued cards” From the Identity Provider’s Secure Token Service (STS) for “managed cards”
Background and Scenario Information “ InfoCard” is the codename for a new technology in WinFX that simplifies and improves the safety of accessing Web sites. It helps Web sites defend against the most common forms of identity theft such as phishing, by replacing user names and passwords with cryptographically strong tokens and WS-* Web services. InfoCard is built into Windows Vista and will also be available on Windows XP and Windows Server 2003. In this diagram, we see how a customer uses an employer-provided InfoCard to login to a Web site. <Click> The user navigates their browser to the Website and clicks on the Website’s login button. This causes the Website to respond with an HTML OBJECT tag that instructs the user’s machine to invoke the InfoCard UI. The user decides to use an InfoCard provided by their employer (like an electronic employee ID card) to login to the Web site. They click a representation of the card in the InfoCard UI. Because InfoCard doesn’t actually store any card information on the user’s machine (to help protect the safety of the information), it needs to retrieve the card information from the employer. All of the communication between the user’s machine and the employer is done using WS-* Web services. <Click> How InfoCard uses WS-* Web Services Protocols First, InfoCard sends a WS-MetadataExchange request to the employer. This preliminary call is used to determine the requirements of the employer’s Web service that will return the InfoCard information. The employer then responds with all the information required to call the Web service. This includes requirements for the message format (schema – provided by XSD), Web service signature (WSDL), protocol (using WS-Policy), and security (using WS-SecurityPolicy). <Click> Once InfoCard knows the requirements of the employer’s Web service, it submits a request for a security token containing the InfoCard information. It uses WS-Trust and WS-Security to secure the message. The employer processes the message and responds with the encrypted security token. Now that InfoCard has the encrypted security token containing InfoCard information from the employer, it simply submits it to the Web site, which processes the token and logs the user in. Summary InfoCard has the potential to eliminate the need for usernames and passwords which are susceptible to phishing. Most importantly, InfoCard is based entirely on WS-* Web services protocols. This means, that in this scenario, even if the employer is running on Linux and the Website is running on PHP, InfoCard can still be used to perform the secure login.
What We Hear From You “ What API should I use?” “ How do I build service-oriented systems?” “ How can I send messages securely & reliably?” “ How do I develop interoperable applications?”
Windows Communication Foundation The Unified Programming Model For Rapidly Building Service-Oriented Applications
Windows Communication Foundation INTEROPERABILITY PRODUCTIVITY SERVICE-ORIENTED DEVELOPMENT <ul><li>Broad Support for WS-* specifications </li></ul><ul><li>Compatible with existing MS distributed application technologies </li></ul><ul><li>Unifies today’s distributed technologies </li></ul><ul><li>Attribute-based development </li></ul><ul><li>Visual Studio 2005 integration </li></ul><ul><li>Enables development of loosely-coupled services </li></ul><ul><li>Config-based communication </li></ul>
Windows Workflow Foundation The Programming Model, Engine And Tools For Building Workflow Enabled Applications On The Windows Platform.
Workflow Software Challenges “ Orders are confirmed in 48 hours and shipped within 30 days” “ Most suppliers confirm our orders but some forget and we need to follow up” “ What is the status of this order and what is the next step?” Long Running & Stateful Require Flexible Control Flow Must Provide Transparency Workflows run for up to 30 days and must maintain state throughout Flexibility for people to override or skip steps in the workflow Rendering runtime state within a visualization of the workflow control flow
What Is A Workflow? A Set Of Activities That Coordinates People And Software... Like a flowchart…. Or a state diagram…. EX: Check Inventory EX: Escalate To Manager
Activity Basics <ul><li>Activities are the building blocks of workflows </li></ul>The unit of execution, re-use and composition Basic activities are steps within a workflow Composite activities contains other activities Base Activity Library provides out-of-the-box activity set Partners and customers author custom activities
Flexible Control Flow Rules + data state drive processing order Rules-driven Activities <ul><li>Data-driven </li></ul><ul><li>Simple Conditions, complex Policies </li></ul><ul><li>Constrained Activity Group </li></ul>State Machine Workflow External events drive processing order <ul><li>Reactive, event-driven </li></ul><ul><li>Skip/re-work, exception handling </li></ul><ul><li>Graph metaphor </li></ul>Sequential Workflow Sequential structure Prescribes processing order <ul><li>Prescriptive, formal </li></ul><ul><li>Automation scenarios </li></ul><ul><li>Flowchart metaphor </li></ul>Step1 Step2 State2 State1 Event Event Rule1 Rule2 Data Step2 Step1
User Experience in Software? Ease of Use Learn ability Performance Reliability Security Optimized form factors Legibility / Readability Relevance / Contextualization Richness Graphics & Media Data Visualization Higher Fidelity Information Globalization Accessibility Hardware & Printing Integration Windows Vista Office 2007 Measuring UX ROI (end user behaviors / benefits) Success Productivity Retention Comprehension Conversion Satisfaction Excitement Repeat Use
Windows Presentation Foundation <ul><li>Deliver Innovative User Interfaces </li></ul><ul><li>Increase Developer-Designer Productivity </li></ul><ul><li>Achieve Flexible Application Deployment </li></ul><ul><li>Leverage Existing Code Base and Skills Set </li></ul>Superior UX with UI, Media & Documents A productive, unified approach to UI, media and documents to deliver unmatched UX
The Internet Identity Crisis <ul><li>Lack of Identity Online </li></ul><ul><li>Phishing & Phraud </li></ul><ul><li>Password fatigue </li></ul><ul><li>Inconsistent, proprietary identification mechanisms </li></ul>
"InfoCard" <ul><li>Consistent user experience </li></ul><ul><li>Helps eliminate usernames and passwords </li></ul><ul><li>Helps protect users from many forms of phishing & phraud attack </li></ul><ul><li>Support for two-factor authentication </li></ul>Easier Safer Built on WS-* Web Services Protocols
"InfoCard" Cards <ul><li>Contains claims about my identity that I assert </li></ul><ul><li>Not corroborated </li></ul><ul><li>Stored locally </li></ul><ul><li>Signed and encrypted to prevent replay attacks </li></ul><ul><li>Provided by banks, stores, government, clubs, etc </li></ul><ul><li>Cards contain metadata only! </li></ul><ul><li>Data stored by Identity Provider and obtained only when card submitted </li></ul>SELF - ISSUED MANAGED
Microsoft InfoCard & WS-* Click “Login” Return <OBJECT> tag Request Metadata (WS-MetadataExchange) Return Metadata (XSD, WSDL, WS-Policy, WS-SecurityPolicy) Request Security Token (WS-Trust, WS-Security) Return Security Token Submit Security Token & Login To Web Site Select InfoCard
WinFX Resources <ul><li>WinFX Community Site http://www.winfx.com </li></ul>