interaction & transactional services interaction & transactional services silverlight client...
Post on 22-Dec-2015
224 Views
Preview:
TRANSCRIPT
Silverlight, RIA & Interop
Un peu d'architecture
Stève SfartzArchitecte Microsoft France
http://blog.sfartz.comhttp://blogs.msdn.com/ssfartz http://blogs.msdn.com/cloud_computing http://blogs.msdn.com/silverlight_plus_java
In a few words…
SilverLight runs on the client tier Local Browser Application Packaged as a XAP
Mix of Presentation (XAML), Code (JavaScript, .Net or Dynamic) and Resources (Images…)
SilverLight interactions HTTP stack
HTTP GET, POST / REST STYLE WebClient, HttpWebRequest
SOAP over HTTP WCF client
TCP/IP Socket Duplex channel communication in SL2
A bit of vocabulary
SOO Site Of Origin This is the Web Site from which the XAP is
downloaded Ie, your HTTP Web Server
Web Services The services exposed to your SL client
Web Services may be running on SOO or not Depending on this topology, your security
configuration changes cross domain security access file
Interaction & Transactional Services
Silverlight Client
Silverlight RIA & Interop Architecture
HTML + XAP
Web Browser
Site Of Origin
Web Server
Web Services
Services Host
Cross Domain Policy required if the Site Of Origin does not host the Web Services
1. XAP & Static Resources Access
(HTTP GET)
2. Data Access(SOAP/RPC or
XML/REST)
@ MSDN Blogs – Silverlight_plus_Java
Constraints
Infrastructure Security DMZ (if the application is public facing), Secured transport (HTTPS) if private communication has to be enforced as
it is the case in B2B or B2C environments Application Security
Authentication may be form, windows or claim based depending on the consumption (internal employees, subcontractors, partners or customers)
Authorization may be role based from various repositories (Active Directory, Claims, SQL Database)
Application Topology Some Business Logic may pre-exist and be hosted on a node that is
distinct from the Site Of Origin or Business Logic may be written from scratch
Services Gateway and Protocols Adaptation The Business Logic may not be directly accessible to the Silverlight client
application Or this Business Logic may be accessible through a different protocol
and/or format
Scenarios
D2D (DevToDev) - Development Env B2E-new (Business To Employee) - New Silverlight App B2E-preexist - Silverlight App on an Intranet with
existing Business Logic B2B (Business to Business) - Silverlight App delivered
to partners B2C (Business to Consumer) - Silverlight App delivered
to customers.
SilverLight + Java
Technical Scenarios SL client + Java Services
Through Java Web Server or IIS Java Services hosted on same tier or different tier
from Web Server SL client + .Net Services + Java Services
It is a .Net to Java interop issue, nothing specific about SL, not studyed here
Scenari that make sense : TO BE REVIEWED SL client IIS + WCF Web Services Java Services
Client + interaction SOA + transactional SOA SL client Java Web Server + Web Services
Typically the dev env of a Java Developer SL client Java Web Server + Web Services
Interaction & Transactional Services
Silverlight Client
D2D Scenario : Developer Envwithout cross-domain policy
HTML + XAP
Web Browser
the Site Of Origin is also servicing the
Web ServicesBusiness Logic
1. XAP(HTTP GET)
2. Data Access(SOAP/RPC or
XML/REST)
@ MSDN Blogs – Silverlight_plus_Java
Interaction & Transactional Services
Silverlight Client
D2D Scenario : Developer Envwith cross-domain policy
HTML + XAP
Web Browser
1. XAP(HTTP GET)
2. Data Access(SOAP/RPC or
XML/REST)
@ MSDN Blogs – Silverlight_plus_Java
Site Of Origin
Web Server
Web Services
Services Host
Cross Domain Policy
Interaction & Transactional Services
Silverlight Client
B2E: Intranet Envwithout mediation
HTML + XAP
Web Browser
Site OfOrigin
Web Server
Web Services
Services Host
1. XAP(HTTP GET)
2. Data Access(SOAP/RPC or
XML/REST)
Authentication& Authorization(Windows Based)
@ MSDN Blogs – Silverlight_plus_Java Cross Domain Policy required if the Site Of Origin does not host the Web Services
Interaction & Transactional ServicesSilverlight Client
B2E : Intranet Envwith mediation
HTML + XAP
Web Browser
Site OfOrigin
Web Server
Protocol & Format
Adaptation
Services Gateway
1. XAP(HTTP GET)
2. Data Access(SOAP/RPC or
XML/REST)Web
Services
Services Host
Protocols governance enforcement as defined by security policies
3. Conforms tothe preexistingprotocol
Cross Domain Policy Authentication& Authorization(Windows Based)
@ MSDN Blogs – Silverlight_plus_Java
Interaction & Transactional ServicesSilverlight Client
B2B : Partner Env
HTML + XAP
Web Browser
Site OfOrigin
Web Server
Protocol & Format
Adaptation
Services Gateway
1. XAP(HTTP GET)
2. Data Access(SOAP/RPC or
XML/REST)Web
Services
Services Host
Protocols governance enforcement as defined by security policies
3. Conforms tothe preexistingprotocol
Cross Domain Policy Authentication& Authorization(Claim based)
@ MSDN Blogs – Silverlight_plus_Java
Over SSL
DMZ(Reverse Proxy)
Interaction & Transactional ServicesSilverlight Client
B2C : Customer Env
HTML + XAP
Web Browser
Site OfOrigin
Web Server
Protocol & Format
Adaptation
Services Gateway
1. XAP(HTTP GET)
2. Data Access(SOAP/RPC or
XML/REST)Web
Services
Services Host
Protocols governance enforcement as defined by security policies
3. Conforms tothe preexistingprotocol
Cross Domain Policy Authentication& Authorization(Form based)
@ MSDN Blogs – Silverlight_plus_Java
Over SSL
DMZ(Reverse Proxy)
top related