|
>
 Wednesday, April 20, 2005
 |
|
 |
|
|
|
|
|
Yesterday I whipped over to Arizona to deliver an INETA (www.ineta.org) presentation for the Arizona .NET User Group run by Scott Cates (who I didn't realize, even thought we have met several times, is the owner of www.kbalerts.com!). My fellow RD Michael J. Palermo dropped in as well, you know, the one that wrote the hilarious Valentine's Day blog:
I was shocked to arrive and find that people (like Scott) are still somehow finding my 1996 glam shot photo, the one with all the big hair, and posting it in places (like their user group site) that I'm not aware of. THis is crazy, when will that photo go away! It only demonstrates that I still had 80's hair in the 90's...how embarrassing!!! Ok, well it's not that big of a deal...but I always laugh when I see that thing...what people must be thinking!
On to more serious matters, the PDF for my presentation, and my reference materials for the group after my talk. Here are the links you are looking for.
My PDF with slides for this event: wsesecurity_arizonaineta.zip (162.16 KB)
My resource site for WSE materials is here: http://www.dotnetdashboard.net/resources/wse.aspx. You'll find links to my WSE article for CoDe Magazine and the latest code sample link which demonstrates everything I did in the talk last night and more.
WSE 2.0 is now on SP3, so you'll want to download that: http://www.microsoft.com/downloads/details.aspx?FamilyId=1BA1F631-C3E7-420A-BC1E-EF18BAB66122&displaylang=en. Not all of my code samples are yet up to date with SP3, but the larger sample for my article is up to SP2 right now, stay tuned for changes on this site as I post more samples. Easier to go forward than go back to all my past work :)
For my interop demonstration, see www.interopwarriors.com.
For information about IDesign go to: www.idesign.net. You'll be able to find a list of all my articles on the site, plus IDesign utility downloads (not specifically for WSE, but lots of other interesting things).
I had a great time, thanks for having me present! You're fantastic hosts and a great, interactive crowd.
|
|
|
 |
|
 |
Saturday, March 26, 2005
|
|
|
|
|
|
|
|
|
In this talk I discussed architectural approaches to address incremental steps to scaling .NET applications.
Here are my references for this talk, thanks for coming out:
- HTTP Handler references:
- Here’s my scalability page that takes you to my MSDN article discussed in the session, and other resources on scalability:
- I also wrote some articles for The Server Side.NET regarding distributing components and security. Find those and more security resources here:
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
In the short hour we had together on this subject, we looked at many features of Windows and Web localization for .NET 2.0. Big topic, so you’ll want references and code samples to ponder on, and I have collected my globalization resources here:
http://www.dotnetdashboard.net/sessions/globalization.aspx
Code samples I showed in the session are related directly to samples for my articles, but keep an eye on this reference page for updates coming for Beta 2! Also, the articles will help to review things in depth that we had limited time to touch on.
Oh, and stay tuned for more samples in May/June, when I’ll be writing some new articles based on the .NET 2.0 code base. Any requests on solutions you’d like to see added to the resource page? Email me!
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
I delivered not one, but two talks on this subject at the conference in Orlando…the first a fundamentals session, followed by a more advanced session that ended with ClickOnce. I have written some tutorials and articles on the subject that can be found here:
http://www.dotnetdashboard.net/sessions/versiondeploy.aspx
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
In this tutorial I reviewed the issues we revisit with our return to building Windows client (thick client, smart client) applications, including design, deployment and versioning, automatic updates, and ultimately we discussed what ClickOnce brings to the table.
My gui samples were mostly ad-hoc, but I'll be posting more resources on this subject for you soon, for 2.0. In the meantime, the versioning, deployment and security aspects I discussed can be found here, including a full tutorial of the process:
http://www.dotnetdashboard.net/session/versiondeploy.aspx
|
|
|
|
|
|
|
Monday, March 21, 2005
|
|
|
|
|
|
|
|
|
Yet another review of WS-Security, where we dug into the meat of the issues, including key management issues and the benefits of WS-Trust, WS-SecureConversation, and SAML. I did demonstrate some .NET samples in this talk, and you can find code for this on this WSE resource page: http://www.dotnetdashboard.net/resources/wse.aspx
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
In this session I walked through some live demos using .NET 2.0 and ClickOnce, to demonstrate how the smart client story is evolving to solve deployment, versioning, automatic updates, offline/online connectivity, and more. Here are some more resources on the subject:
http://www.softinsight.com/bnoyes/
that's my colleague Brian Noyes blog, he writes pleny on ClickOnce, has many reference to other articles he's written on the subject, and is my own personal ClickOnce hero
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnreal/html/realworld11022004.asp
a fellow Regional Director, Mauro Sant'Anna, writes fantastic article on ClickOnce, also a must read
And, in addition, resources for .NET 1.1 versioning, deployment, update and security issues at this blog entry:
http://www.dasblonde.net/PermaLink.aspx?guid=544e8515-afa0-46d3-8586-8512e686a911
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
This is just a note to thank everyone for attending our interoperability presentation at SD West. Presenters included Michele Leroux Bustamante, Chris Haddad, Anant Kadiyala and Malek Kemmou. We started out by hooking our laptops together on a router/hub and creating a simple HelloWorld round-robin between .NET, WebSphere and WebLogic. The purpose of this to introduce newcomers to Web services, client proxies and the tooling around it. Next we focused on DIME/SwA and demonstrated .NET to Axis interop using DIME. Finally we presented on WS-Security interoperability discussing Axis test results from past events, and demonstrating .NET with WSE 2.0 and BEA WebLogic Workshop 8.1.
Our BEA security tests are posted already to the InteropWarriors site here: http://www.interopwarriors.com/PermaLink.aspx?guid=8b01c523-59d6-47be-9843-139f710c5a84
We're also pulling together some spreadsheets with test results for WS-Security across platforms. Stay tuned!
|
|
|
|
|
|
|
Sunday, March 20, 2005
|
|
|
|
|
|
|
|
|
Christian Gross and I had such a good time with our discussions related to this session, that we are preparing some other blogs to share with you some of our discussions both during and after the tutorial. In the meantime, here are links to the standards we covered, for your reference.
NOTE: This list is just a reference to the standards we actually discussed, in addition to a few other related standards…but there are actually many more standards that we aren’t listing here!!!
|
|
|
|
|
|
|
Wednesday, February 23, 2005
|
|
|
|
|
|
|
|
|
I recently received a question from a J2EE developer, who wanted to know how to get started with a multi-tiered architecture for .NET Web services.
The question:
I have some experience with J2EE and know that one good design is to create a multi-tier architecture. That is to say create control servers that will request processing from business tire (using some rpc) then forward the result to the display JSPs. I have never used .NET and need to build a web services application using this framework. My question is: what is the .NET alternative for that design? and where can I get the right information and documentation??
My answer:
.NET Web services are hosted within the ASP.NET runtime environment. They are exposed through .asmx endpoints which have what is known as a code-behind file that has a WebService-derived class linked to it. This class is essentially “the service”, and its methods (those marked with [WebMethod] attribute) are exposed as part of the automatically generated WSDL contract.
As a side note, typical of most platforms today, developers are building classes and methods to generate WSDL, however the better approach would be to create the WDSL contract first, and map that to business objects that handle processing. It requires discipline to follow this approach today.
The code that is encapsulated by the WebService object should never contain business logic, rather defer to other .NET assemblies that can be invoked in-process or out-of-process to perform the work required to execute the requested service method, and return a response (if not a one way method). That usually means that some form of façade layer is required to pull any business logic from the service class, and choreograph invocations to reusable business logic components (see Figure 1)
If you design your business logic in terms of logical, distributable services, then you should end up with a coupling of isolated sets of functionality that comprise an entry point assembly, one or more additional supporting assemblies, and some form of output or data store. For example, in Figure 1, you see that the application server tier has three entry point services: Service A, B and C. Imagine that Service C is a logging service that simply logs the Web service request “happened”; Service B is a service that handles the actual request processing, gathering data from the database, possibly committing some business information to the database; and Service A is a set of messaging and file IO services that handle generating some document output, like a PDF or email generated from the Web service request. Each of these business services can be isolated and distributed to whatever tiers you may desire, or be hosted entirely on the Web server tier, depending on your scalability requirements.
So, to your question, how do you distribute components and invoke them across tiers? Assuming your system is designed for reuse and distribution in this way, you can choose from Enterprise Services, Remoting or Web Services (these are the typical three choices).
- Enterprise Services is the best approach if you want to migrate to future technologies like Indigo, since the programming model will follow this route. That means registering Service A assembly (for example) as a serviced component with COM+, which implies it will be invoked over DCOM with binary serialization messaging format. The beauty of this is that you can leverage COM+ to handle object pooling, encryption, authorization services, runtime identity services and distributed transactions. A recommended resource for this is Juval Lowy’s book, COM and .NET Component Services.
- There are a few reasons why Enterprise Services may not be an option for you. One reason could be that restrictions were placed on the system deployment that precludes enabling COM+ services and MSMQ. This is usually an issue on inexpensive host domains (your $10/month service provider dilemma) or because the company imposes these restrictions (sometimes for no reason, sometimes for good reason). Remoting is an option for these cases, because it is a completely hand-rolled solution for invoking objects across process boundaries. Of course, this means rolling your own authentication, encryption, runtime identity impersonation, object pooling. No built-in support for distributed transactions will be provided here. A recommended resource for Remoting is Ingo Rammer’s book, Advanced .NET Remoting.
- Lastly, you can slap a Web service in front of the business services shown on the application tier. Note, I call them business “services” because they are services in their own right, a la “service-oriented” system design. Each major function within the system should be designed in a service-oriented way so that distribution of the components of that business service can be accomplished transparent to how the entire system cohesively functions. In addition, those services could be reused by other “systems”.
So, the entry point to a business service can be through the remote invocation techniques described in 1 & 2, or through Web services if the business service either a) already exposed Web services due to its reuse outside of the firewall, or b) if the input to the service should be XML, and you want to reduce parsing overhead between the outer Web service and the business service. Behind the firewall, binary serialization over a speedy TCP/UDP protocol layer will perform better than XML over HTTP. The options for serialization and protocol selection will be seamless in future releases of the .NET framework (Indigo) however today it is a design decision that requires considering the deployment and invocation model during the design phase of the system.
Figure 1
|
|
|
|
|
|
|
Monday, February 14, 2005
Wednesday, February 09, 2005
|
|
|
|
|
|
|
|
|
It is official. Scott Hanselman knows everything there is to know about everything. After my laptop failed to boot last night, I spent 3 hours researching, trying to create a bootable CD that can install the mass storage USB device driver I needed to do a more recent back up of my system to my fantabulous Seagate 250GB drive. My most recent backup was 1 week ago, not good enough!
So, then I see Scott online, and wouldn't you know his “handle” says “If it's been written, I've installed it (at least once)”...so I took the bait and sure enough he had great advice.
”Winternals,” he said, “that's what I would do.”
So this great little utility provides you with a bootable CD that launches their own custom OS layer, providing access to the harddrive, network, external devices (USB/Firewire) and some utilities for recovering the underlying OS. Personally, I didn't give a crap about recovering the OS at this point, it has been 6 months, time for a clean slate (usually triggered by some inconvenient event such as this)...but I wanted my data, that is for sure. It is amazing how much work you can get done on the road in 1 week's time, I had plenty to recover, never mind email.
So, I purchased this for $149, downloaded and pressed a CD, and in less than one hour I was able to see the c: and d: folders of my unlucky machine...what a sight! I had that thing backing up to my Seagate before you could say “make me a ham sandwich“ and today I'm ready to wipe the machine.
http://www.winternals.com/products/repairandrecovery/erdcommander2002.asp?pid=erd
My only comments:
a) if the file explorer encounters an error copying a file from one directory, it moves to the next directory, but skips the remaining files/subfolders in the directory where it encountered the problem. You will KNOW that there is an error, because a dialog will block until you acknowledge the error, so be sure and return to that subfolder to recopy, and check directory size to be sure you got it all.
NOTE: I keep ALL of my files in a single folder “\All My Crap“ so that ultimately I have a single directory that I can move, or back up, at any given time. Forget about \Documents and Settings\ etc...
b) if you want to recopy files to the backup drive, you have to wipe clean existing directories and start fresh, unless you want to sit there and approve “overwrite” for every directory...lame
Still, I'm up and running and happier than I was 12 hours ago. This tool was well worth the $149 bucks ($250 for server systems).
Thanks Scott, you rock!
In my travels, I also encountered this link:
http://www.winsupersite.com/showcase/windowsxp_sp2_slipstream.asp
It talks about slipstreaming XP SP2 onto the same CD when you install XP2...and if you build machines as often as I do, that can be a real time saver, not to mention you don't need to connect to the network to get that security service pack on there. I'm going to give this a shot as well.
Next action item, get that Seagate configured to do the “click once” backup of my entire machine...so I can more easily back up every night on the road, and at home. I'm sure I should have done this ages ago, but alas there is only so much time in the day to be an admin...
|
|
|
|
|
|
|
|