Web Services Enhancements for Microsoft .NET (WSE)

1
Web Services Enhancements for Microsoft .NET (WSE)
Forum .NET ? October 4th, 2006
2
Agenda

• Introduction
• WSE 3.0 overview
• WCF in a nutshell
• Questions

3
Introduction

• Web service definition
• A software system designed to support
  interoperable machine-to-machine interaction over
  a network. It has an interface described in a
  machine-processable format. - W3C
• Simple Object Access Protocol (SOAP).
• SoapExtension.

4
Introduction (cont.)

• SOA Service Oriented Architecture.
• An application architecture within which all
  functions are defined as independent services
  with well-defined invocable interfaces which can
  be called in defined sequences to form scientific
  processes.
• Principles
• Service reusability
• Service contract
• Service loose coupling
• Service abstraction

5
Introduction (cont.)

• Soap Message
• definition XML structure which holds a
  mandatory parent envelope, optional first child
  header and mandatory next child body.
• An envelope to encapsulate data which defines
  formatting conventions for describing the message
  contents and routing directions header and body.
  

6
Introduction (cont.)

• WS- Specifications
• As the Web services market rapidly expanded, the
  need for advanced standards governing Web
  services security, reliability, and transactions
  arose. Microsoft and other vendors across the
  industry responded to this need by authoring a
  set of specifications referred to collectively as
  the WS- architecture. The goal of these
  specifications is to provide a blueprint for
  advanced functionality while retaining the
  simplicity of basic Web services.

7
Introduction (cont.)

• WS- Specifications cont.
• Means of standardizing various pieces of web
  services.
• WSE 3.0 supports the following WS-
  specifications.
• XML, SOAP, WSDL
• WS-Security
• WS-Trust
• WS-SecureConversation
• WS-Addressing
• MTOM

8
Introduction (cont.)

• Security Basics Problems and Solutions
• Authentication Who sent this message?
• Credentials, Login/Password, Digital Certificate
• Authorization What can this person do?
• Use Roles to define privileges
• Confidentiality Who can read this message?
• Encryption
• Integrity Did anyone tamper with this message?
• Digital Signature used to compare sent received
  message

9
WSE 3.0 Overview

• WSE Architecture
• Policy Files
• MTOM
• Securing Applications That Use Web Services
• Resources

10
WSE Architecture (1)

• Engine for applying advanced Web service
  protocols to SOAP messages

11
WSE Architecture (2)

• Message level security
• End-to-end message security independent of
  transport
• Supports multiple protocols and multiple
  encryption technologies
• Can encrypt parts of the message
• Sender need only trust ultimate receiver
• The signature is stored with the data
• Direct vs. Brokered authentication.
• Sending and receiving SOAP Messages using TCP
• Secure conversation - SCT

12
Policy files (1)

• Describes requirements for incoming and outgoing
  messages as policy assertions
• Groups of rules applied to messages
• Define rules applied to outgoing messages
• Define demands for incoming messages
• Defined in code or in configuration
• Custom Policies - inherit from the Policy class
• Policy files are simplified
• Simplifies security through the turnkey security
  assertions

13
Policy files (2)

TurnkeyAssertion Authentication Security
UsernameoverCertificate User login/password Servers X509 Certificate
UsernameOverTransport User login/password SSL
AnonymousOverCertificate Any user with servers public key Servers X509 Certificate
MutualCertificate Clients X509 Certificate Servers X509 Certificate
Kerberos (Windows) Windows login/password Windows Domain
14
MTOM

• Send and receive large amounts of data.
• Improved Performance
• Secured messaging.

15
Securing Applications That Use Web Services

• Security credentials
• Encryption
• Digital signing
• Use policy for setting security requirements
• Demo

16
WCF (1)

• Windows Communication Foundation -
• WCF is Microsoft's unified programming model and
  runtime for building Web services applications
  with managed code. It extends the .NET Framework
  with functionality to build secure, reliable, and
  transacted Web services that interoperate across
  platforms.
• WSE 3.0 The Road to Indigo

17
WCF (2)
18
WCF (3)
19
WCF (4)
20
WCF (5)
21
WCF (6)
22
WCF (7)
23
WCF (8)
24
WCF (9)
25
WCF (10)
ServiceContract public interface IMath
OperationContract int Add(int x, int
y) //the service class implements the
interface public class MathService IMath
public int Add(int x, int y) return x y

26
WCF (11)
public class WCFServiceApp public void
DefineEndpointImperatively()
//create a service host for MathService
ServiceHost sh new ServiceHost(typeof(MathServic
e)) //use the AddEndpoint helper method
to //create the ServiceEndpoint and add
it //to the ServiceDescription
sh.AddServiceEndpoint( typeof(IMath),
//contract type new WSHttpBinding(),
//one of the built-in bindings
"http//localhost/MathService/Ep1") //the
endpoint's address //create and open the
service runtime sh.Open()
public void DefineEndpointInConfig()
//create a service host for MathService
ServiceHost sh new ServiceHost
(typeof(MathService)) //create and open
the service runtime sh.Open()
27
WCF (12)
using System.ServiceModel //this contract is
generated by svcutil.exe //from the service's
metadata public interface IMath
OperationContract public int Add(int x, int
y) return x y //this class is
generated by svcutil.exe //from the service's
metadata //generated config is not shown
here public class MathProxy IMath ...
28
WCF (13)
public class WCFClientApp public void
SendMessageToEndpoint() //this uses
a proxy class that was //created by
svcutil.exe from the service's metadata
MathProxy proxy new MathProxy() int
result proxy.Add(35, 7) public void
SendMessageToEndpointUsingChannel()
//this uses ChannelFactory to create the channel
//you must specify the address, the
binding and //the contract type (IMath)
ChannelFactoryltIMathgt factorynew
ChannelFactoryltIMathgt( new
WSHttpBinding(), new
EndpointAddress("http//localhost/MathService/Ep1"
)) IMath channelfactory.CreateChannel()
int resultchannel.Add(35,7)
factory.Close()
29
Resources

• WSE home page
• Dasblonde
• what's new
• web services

30
Questions?

• Thanks!