| Chapter
1 INTRODUCTION
TO DEVELOPING XML WEB SERVICES USING
MICROSOFT ASP.NET
|
OVERVIEW MICROSOFT
OFFICIAL CURRICULUM
COURSE OUTLINE
- Chapter 1: The Need for XML Web
Services
- Chapter 2: XML Web Service Architectures
- Chapter 3: The Underlying Technologies
of XML Web Services
- Three foundational technologies:
HTTP, XML, SOAP
- .NET Framework built-in support
for these technologies
- Chapter 4: Consuming XML Web
Services
- How to implement a web service
consumer
- Description documents: WSDL,
DISCO
- Chapter 5: Implementing a Simple
XML Web Service
- Chapter 6: Deploying and Publishing
XML Web Services
- Deployment using a Web Setup
project
- How to publish in the UDDI registry
- Chapter 7: Securing XML Web Services
- Chapter 8: Designing XML Web
Services
- Chapter 9: Global XML Web Services
Architecture (GXA)
- Limitations of the current specification
- Anticipating future specifications
and features
|
| THE NEED FOR
XML WEB SERVICES |
OVERVIEW
- Evolution of Distributed Applications
- Unique design considerations
of distributed applications
- Introducing Web Services
- The Web Technology Stack and
.NET
- The .NET Alternatives to Web
Services
- Common Web Service Scenarios
|
| |
EVOLUTION OF DISTRIBUTED APPLICATIONS
- Introduction
- What is a distributed application?
- Why do we need distributed applications?
- Cost of mainframes
- Data ownership
- Security
- This led to Distributed applications
being used as service providers
- The next step was to enable Distributed
applications to utilize the Web
- Problems with Traditional Distributed
Applications
- Introduction
- Two of the architectures that
enabled dist app dev
- RPC-Based Architectures
- Message-Based Architectures
- Web Standards and their effect
on dist apps
- Design Considerations for Distributed
Applications
- Introduction
- Data types that are not compatible
across different systems
- Server failures or loss of server
response
- Client failures
- Retrying a call
- Security
- Synchronizing clocks between
multiple computers
|
| |
RPC-BASED ARCHITECTURES
- Introduction
- What is a Remote Procedure Call
(RPC)?
- All calls are Synchronous calls
- Problems with RPC-based architectures
- Building redundancy
- Aggregate availability
- Load balancing and fail over
- Prioritization
- Load spikes
|
| |
MESSAGE-BASED ARCHITECTURES
- Introduction
- Asynchronous processing based
on the exchange of messages
- Message calls can be routed based
on load and priority
- Allow the client to continue
working while waiting on a response
- Problems with message-based architectures
- Message payload processing
- Interoperability
- Workflows and message sequencing
|
| |
WEB STANDARDS
- Introduction
- Problems with binary protocols
- DCOM, Java Remote Method Invocation
(RMI), and common Object Request
Broker Architecture (CORBA) rely
on binary protocols
- Firewalls
- Interoperability
- Data Formats
- This led to the development of
Web protocols and data formats
|
| |
HTML
HTTP
XML
- Problems with the Web protocols
- Security
- Performance
|
| |
WEB SERVICES
- Introduction
- What are Web services?
- Based on Internet technologies
|
| |
HTTP XML
- Simple Object Access Protocol
(SOAP)
- Governed by the World Wide Web
Consortium (W3C)
- Building blocks
- No restriction on the level of
granularity.
- Can provide access to static
resources or be fully interactive
applications
- Can aggregate other web services
Are the future of distributed applications
- Provide interoperability through
the use of SOAP
- Multilanguage support
- Promote reuse
- Based upon industry supported
standards
|
| |
THE WEB TECHNOLOGY STACK AND .NET
- Introduction
- TCP/IP
- Sockets
- HTTP
- XML or binary formats
- SOAP
|
| |
.NET ALTERNATIVES TO WEB SERVICES
- Introduction
- Stand-alone listeners
- Can use a pre-written ISAPI filter
to handle low-level communication
- Can write a server application
to monitor the port
- Custom protocol handlers
- .NET remoting
|
| |
COMMON WEB SERVICE SCENARIOS
- ASP/Hosted applications tend have
the following characteristics
- App is viewed as a portal
- App exists in an isolated environment
- Each subscriber has their own
instance of the app
- Subscribers do not share data
- ASPs usually require hosted apps
to
- Application integration
|
| Chapter 2
|
OVERVIEW
SERVICE-ORIENTED ARCHITECTURE
- Introduction
- To build flexible, robust dist
apps, you should ensure:
- Meeting these requirements, results
in:
- Primary roles in a service-oriented
architecture
- Service provider
- Service consumer
- Service broker
- These roles interact to perform
three basic operations
- Find services ? service consumers
find services by using a service
broker
|
| |
WEB SERVICES ARCHITECTURES AND SERVICE-ORIENTED
ARCHITECTURE
- Introduction
- Overview of Web Service Architectures
- Basic elements in a web service
are
- Web Services as an Implementation
of a Service-Oriented Architecture
- Demonstration: An Electronic
Funds Transfer Web Service
|
| |
ROLES IN A WEB SERVICES ARCHITECTURE
- Introduction
- The Web Service Provider
- Must support the .NET Common
Language Runtime
- Examples of Web service providers
- The Web Service Consumer
- Must be able to locate the web
service
- Must be able to use WSDL documents
to generate Proxy classes
- Must support Asynchronous calls
- Example of Web service consumers
- The Web Service Broker
- Interaction between brokers and
providers
- Interaction between brokers and
consumers
- UDDI registries
|
| |
THE WEB SERVICES PROGRAMMING MODEL
|
| Chapter 3
|
OVERVIEW
- Introduction
- HTTP Fundamentals
- Using HTTP with the .NET Framework
- XML Essentials
- XML Serialization in the .NET
Framework
- SOAP Fundamentals
- Using SOAP with the .NET Framework
|
| |
HTTP FUNDAMENTALS
- Overview of HTTP
- Resources are located through
a URL. Syntax
- HTTP is a Stateless protocol
- Structures of HTTP Requests and
Responses
- HTTP Requests use the following
format
- Supported methods include GET,
POST, TRACE, CONNECT
- HTTP Responses use the following
format:
- The GET and POST Methods
- Introduction
|
| |
HTTP GET HTTP POST
USING HTTP WITH THE .NET FRAMEWORK
- .NET Classes for Working with
HTTP
|
| |
XML ESSENTIALS
- Introduction
- Overview of XML
- XML documents contain elements
and attributes
- XML documents must be Well-formed
- Schema
- XSD Fundamentals
- Introduction
- Simple and complex types
- Groups
- Compositors
- Derivation
- Restriction
- Extension
|
| |
XML SERIALIZATION IN THE .NET FRAMEWORK
|
| |
SOAP FUNDAMENTALS
- Overview of SOAP
- SOAP messages
- Parts of a SOAP message
- SOAP envelope
- SOAP encoding rules
- SOAP RPC representation
- Protocol bindings for HTTP and
HTTP-EF
- SOAP Envelope
- SOAP Header
- SOAP Body
- SOAP Fault
|
| |
CONTROLLING THE SOAP MESSAGE FORMAT
- Introduction
- SOAP encoding definitions
- Formatting the SOAP body
- RPC encoding
- Document encoding (default)
- Formatting parameters
|
| Chapter 4
|
OVERVIEW
- Introduction
- WSDL Documents
- Web Service Discovery
- Web Service Proxies
- Implementing a Web Service Consumer
Using Visual Studio .NET
|
| |
WSDL DOCUMENTS
- What is WSDL?
- Primary child elements of a WSDL
document
- The types element
- The message element
- The portType element
- Primary child elements of a WSDL
document
- The binding element
- The service element
|
| |
WEB SERVICE DISCOVERY
- What is Disco?
- Two ways to discover available
web services
- Static discovery
- Dynamic discovery
- Dynamic discovery disabled
- WS-Inspection
- Locating Discovery Documents
Using Disco.exe
- Introduction
- Syntax
- Uses for Disco.exe
- Programmatic Discovery
|
| |
WEB SERVICE PROXIES
- Introduction
- Proxies and WSDL
- Introduction
- Why are proxies needed?
- Using WSDL to generate proxies
- Generating Proxies Using Wsdl.exe
- Syntax for invoking Wsdl.exe
- Proxy class details
- Configuring Proxies
- Url property
- Credentials property
- Timeout property
- Proxy property
- AllowAutoRedirect property
|
| |
IMPLEMENTING A WEB SERVICE CONSUMER
USING VISUAL STUDIO .NET
- Implementing a Console Client
- Create a console application
- Add a Web reference
- Invoke the Web service by using
the proxy
- Implementing a Web Forms Client
- Create an ASP.NET Web application
- Add a Web reference
- Invoke the Web service by using
the proxy
- Synchronous vs. Asynchronous
Clients
- Introduction
- Limitations of synchronous calls
- Making asynchronous calls using
the proxy
- Implementing an XML Web Service
Consumer Using Visual Studio .NET
|
| Chapter 5
IMPLEMENTING A SIMPLE XML
WEB SERVICE
|
OVERVIEW CREATING A WEB SERVICE
PROJECT
- Creating a Web Service Project
- Examining the Parts of a Web
Service Project
- Introduction
- References
- System namespace
- System.Web namespace
- System.Data namespace
- System.Web.Services namespace
- System.XML namespace
- .asmx file
- Service Help page
- Serice Method Help page
- Service Description page
- Global.asax
- Web.config
- The .vsdisco file
- AssemblyInfo (.cs or .vb)
- The /bin folder
|
| |
IMPLEMENTING WEB SERVICE METHODS
- Exposing Web Service Methods
- Specify that the method is public
- Apply the WebMethod attribute
to the method.
- Web Method Attributes
- BufferResponse
- CacheDuration
- Description
- EnableSession
- MessageName
- TransactionOption
- Examining Data Types and Parameter
Lists
- Introduction
- Simple data types
- Input and output parameters
- Variable length parameter lists
- Complex data types
- Classes and structures
- Arrays
- Collections
- DataSets
- Creating a Typed DataSet Using
the Component Designer
- Generate a SqlDataAdapter
- Use the SqlDataAdapter to create
a typed DataSet
- Creating a Typed DataSet Using
the XML Designer
- Add an XML schema to the project
- Add an XML simpleType element
to the schema
- Add an XML complexType element
to the schema
- Creating a Typed DataSet Using
the XML Designer
- Add an XML element to the project
- Generate the typed DataSet class
- View the generated DataSet
|
| |
MANAGING STATE IN AN ASP.NET WEB SERVICE
- Introduction
- Application State
- ASP.NET provides support for
application state through:
- Using application state
- Contents and StaticObjects
Application state synchronization
- Session State
- ASP.NET provides the following
support for session state:
- Identifying a session
- Using session state
- Session state collections
- Session state configuration
- Cookieless sessions
|
| |
DEBUGGING WEB SERVICES
- Debug, Trace, and Switch Classes
- Debug
- Trace
- Switches
- Listeners
- TextWriterTraceListener ? output
to a stream
- EventLogTraceListener ? output
to an event log
- DefaultTraceListener ? output
to the output window
- Configuring Debug and Trace Settings
- Interactive debugging
- Tracing
- Configuring a TraceSwitch
- Configuring listeners
- SOAP Extensions and Tracing
- Introduction
- SOAP extensions
- Tracing using SOAP extensions
- Performing Tracing Using a SoapExtension
- View a SoapExtension class
- View the output from a SoapExtension
class
- Tools for Debugging Web Applications
- Introduction
- Page-level tracing
- Application-level tracing
- Writing to an event log
- Performance counters
|
| Chapter 6
DEPLOYING AND PUBLISHING
XML WEB SERVICES
|
OVERVIEW DEPLOYING WEB SERVICES
- Introduction
- Files Required for Deploying
Web Service
- Deploying Web Services Manually
- When to deploy Web services manually
- Web services can be deployed
manually by using:
- IIS settings are not copied to
target Web server
- Deploying Web Services Using
Windows Installer Files
- Creating a Web Setup Project
|
| |
OVERVIEW OF UDDI
- Introduction
- What Is UDDI?
- A collection of specifications
- UDDI Programmer?s API Specification
- UDDI Data Structure Specification
- UDDI registry implementations
- Why Use UDDI?
- Information provided by UDDI
|
| |
PUBLISHING A WEB SERVICE ON AN INTRANET
- Custom publish/discover solutions
- Implement UDDI Services in Windows
Server 2003
- Hard-coded endpoints
- Overview of Using UDDI
- UDDI Data Structures
- Installing the UDDI SDK
- Privately on an intranet
- Jointly on an extranet
- Publicly on the Internet
- Setting a Reference to the UDDI
DLL
- Set a reference to the Microsoft.Uddi.dll
file
- Include the UDDI namespaces in
you code files
|
| |
PUBLISHING A WEB SERVICE
- Introduction
- Configuring a Web Service for
Publication
- Configuring discovery
- Permissions and security policy
- Configuring assemblies
- Localizing a Web service
- Publishing a Web Service Programmatically
- USING UDDI
- Finding a UDDI Registry
- Retrieving Array
- Contents of UddiSiteLocation
Object
- Connecting to a UDDI Registry
- The UddiConnection object supports
two methods of authentication
- Windows Integrated Authentication
UDDI Authentication
- Locate a business
- Finding a Web Service
- Retrieve binding information
- Bind to the Web service
|
| Chapter 7 |
OVERVIEW OVERVIEW OF SECURITY
- Authentication vs. Authorization
- Authentication
- Authorization
- Types of Authentication
- IIS Authentication
- ASP .NET authentication
- Forms authentication
- Passport authentication
- Custom SOAP header authentication
- Types of Authorization
- Windows NT security
- Role-based security
- Code access security
- Configured ASP .NET authorization
- Methods of Encryption
- Introduction
|
| |
BUILT-IN AUTHENTICATION
- Introduction
- Basic and Digest Authentication
- Basic authentication
- Digest authentication
- Integrated Windows Authentication
- Limitations
- Characteristics
- Using IIS Authentication on a
Web Server
- IIS Server must be configured
to support authentication
- Configuring an ASP.NET Web service
- Accessing user identity in a
Web service
- Providing credentials
|
| |
CUSTOM AUTHENTICATION USING SOAP HEADERS
- Introduction
- Using a SOAP Header in a Web
Service Consumer
- SOAP headers are specified in
the WSDL document
- Web service proxies and SOAP
headers
- Remember to disable other authentication
types
|
| |
AUTHORIZATION USING ROLE-BASED SECURITY
- Introduction
- Identities
- Introduction
- Generic Identity
- WindowsIdentity
- Principals
- What are roles?
- Custom principal
- Principals and call context
- Using WindowsIdentity and WindowsPrincipal
Objects
- Using GenericIdentity and GenericPrincipal
Objects
- Introduction
- Creating and initializing a GenericIdentity
object
- Creating and initializing a GenericPrincipal
object
- Saving the current principal
- Authentication and Authorization
with Http Modules
- Introduction
- Http Application events and Http
Modules
- Authentication using HttpModules
- Authorization after authentication
|
| |
AUTHORIZATION USING CODE ACCESS SECURITY
- Introduction
- Code Access Security Fundamentals
- Evidence-based security
- Code access permissions
- Code groups
- Policy levels
- Named permission sets
- Code Access Security in ASP.NET
Web Services
- Identifying permissions required
by your code
- Requesting permissions in your
code
|
| |
ENCRYPTION
- Introduction
- Using SSL
- What are X.509 certificates?
- How to enable SSL on a Web server
- Using Custom SOAP Extensions
- Introduction
- The DESCryptoServiceProvider
class
- The CryptoStream class
- Encryption using SOAP extensions
|
| |
SECURING XML WEB SERVICES |
| Chapter 8
|
OVERVIEW DATA TYPE CONSTRAINTS
- Introduction
- Protocol constraints
- Structures vs. classes
- Typed vs. untyped datasets
- Arrays vs. collections
- Exceptions
|
| |
PERFORMANCE
- Introduction
- General Considerations
- Caching Guidelines
- Locking
- Making asynchronous calls
- Measuring performance and behavior
- Unnecessary code
- .NET-Specific Considerations
- Disable session state
- Choose an appropriate state provider
- Avoid exceptions
- Use native database providers
- Use ASP.NET Web gardening
- Disable debug mode
- Caching in Web Services
- Output caching
- Data caching
- Controlling caching
- File and key-based dependencies
- Expiration policies
- Item priorities
- Removal notification
- Scenarios
- Asynchronous Server-Side Methods
- Implementing asynchronous WebMethods
- Appropriate uses
|
| |
RELIABILITY
- Introduction
- Availability
- Process isolation to reduce the
risk of unintended interactions
- Process recovery model
- Measurement
- Performance counters
- WMI
|
| |
VERSIONING
- Introduction
- Versioning assemblies
- Versioning WSDL documents
- Versioning request or response
payload
|
| |
AGGREGATING WEB SERVICES
- Introduction
- Aggregated Web Service Scenarios
- Gateways to Web services
- Simple interfaces to complex
Web services
- Portals to Web services
- Designing a Web Service for Aggregation
- Protocol considerations
- Handling non-interactive clients
- Designing for ISPs & ASPs
- Self-repair and remote repair
- Implementing an Aggregated XML
Web Service
|
| Chapter 9
|
OVERVIEW INTRODUCTION TO GXA
- Limitations of Web Services
- Web services are used today to
- Tomorrow?s Web services need
to Interoperate across multiple
organizations
- Problems that baseline standards
(SOAP, WSDL, UDDI) do not solve
- Overview of Global XML Web Services
Architecture
- Design tenets of GXA
- Released specifications (October
2001)
- Future protocols
- Global XML Web Services Architecture
|
| |
ROUTING AND REFERRAL
- WS-Routing and WS-Referral
- SOAP message processing model
- WS-Routing
- WS-Referral
- Routing Scenario
|
| |
SECURITY AND LICENSING
- WS-Security and WS-License
- WS-Security
- WS-License
- Security Factoring and Authorization
Scenario
|
