170 likes | 304 Views
Silverlight, RIA & Interop Un peu d'architecture. Stève Sfartz Architecte Microsoft France http://blog.sfartz.com http://blogs.msdn.com/ssfartz http://blogs.msdn.com/cloud_computing http://blogs.msdn.com/silverlight_plus_java. In a few words …. SilverLight runs on the client tier
E N D
Silverlight, RIA & InteropUn peu d'architecture • Stève Sfartz Architecte Microsoft France http://blog.sfartz.com http://blogs.msdn.com/ssfartz http://blogs.msdn.com/cloud_computing http://blogs.msdn.com/silverlight_plus_java
In a few words… • SilverLight runs on the client tier • Local Browser Application • Packaged as a XAP • Mix of Presentation (XAML), Code (JavaScript, .Net or Dynamic) and Resources (Images…) • SilverLight interactions • HTTP stack • HTTP GET, POST / REST STYLE • WebClient, HttpWebRequest • SOAP over HTTP • WCF client • TCP/IP Socket • Duplex channel communication in SL2
A bit of vocabulary • SOO • Site Of Origin • This is the Web Site fromwhich the XAP isdownloaded • Ie, your HTTP Web Server • Web Services • The services exposed to your SL client • Web Services maybe running on SOO or not • Depending on thistopology, yoursecurity configuration changes • cross domainsecurityaccess file
Silverlight RIA & Interop Architecture Silverlight Client Interaction & Transactional Services Site Of Origin XAP & Static Resources Access (HTTP GET) HTML + XAP Web Server Web Services Web Browser 2. Data Access (SOAP/RPC or XML/REST) Services Host Cross Domain Policy required if the Site Of Origindoes not host the Web Services @ MSDN Blogs – Silverlight_plus_Java
Constraints • Infrastructure Security • DMZ (if the application is public facing), • Secured transport (HTTPS) if private communication has to be enforced as it is the case in B2B or B2C environments • Application Security • Authentication may be form, windows or claim based depending on the consumption (internal employees, subcontractors, partners or customers) • Authorization may be role based from various repositories (Active Directory, Claims, SQL Database) • Application Topology • Some Business Logic may pre-exist and be hosted on a node that is distinct from the Site Of Origin • or Business Logic may be written from scratch • Services Gateway and Protocols Adaptation • The Business Logic may not be directly accessible to the Silverlight client application • Or this Business Logic may be accessible through a different protocol and/or format
Scenarios • D2D (DevToDev) - Development Env • B2E-new (Business To Employee) - New Silverlight App • B2E-preexist - Silverlight App on an Intranet with existing Business Logic • B2B (Business to Business) - Silverlight App delivered to partners • B2C (Business to Consumer) - Silverlight App delivered to customers.
Silverlight RIA Scenarios @ MSDN Blogs – Silverlight_plus_Java
SilverLight + Java • Technical Scenarios • SL client + Java Services • Through Java Web Server or IIS • Java Services hosted on sametier or differenttierfrom Web Server • SL client + .Net Services + Java Services • It is a .Net to Java interop issue, nothingspecific about SL, not studyedhere • Scenarithatmakesense : TO BE REVIEWED • SL client IIS + WCF Web Services Java Services • Client + interaction SOA + transactional SOA • SL client Java Web Server + Web Services • Typically the devenv of a Java Developer • SL client Java Web Server + Web Services
D2D Scenario : Developer Envwithout cross-domain policy Silverlight Client Interaction & Transactional Services the Site Of Originisalsoservicing the Web Services Business Logic XAP (HTTP GET) HTML + XAP 2. Data Access (SOAP/RPC or XML/REST) Web Browser @ MSDN Blogs – Silverlight_plus_Java
D2D Scenario : Developer Envwith cross-domain policy Silverlight Client Interaction & Transactional Services Site Of Origin XAP (HTTP GET) HTML + XAP Web Server Web Services 2. Data Access (SOAP/RPC or XML/REST) Web Browser Services Host @ MSDN Blogs – Silverlight_plus_Java Cross Domain Policy
B2E: Intranet Envwithoutmediation Silverlight Client Interaction & Transactional Services Site Of Origin XAP (HTTP GET) HTML + XAP Web Server Web Services 2. Data Access (SOAP/RPC or XML/REST) Web Browser Services Host Authentication & Authorization (Windows Based) @ MSDN Blogs – Silverlight_plus_Java Cross Domain Policy required if the Site Of Origindoes not host the Web Services
B2E : Intranet Envwithmediation Silverlight Client Interaction & Transactional Services Site Of Origin XAP (HTTP GET) Protocolsgovernanceenforcementas defined by securitypolicies HTML + XAP Web Server Protocol & Format Adaptation Web Services 2. Data Access (SOAP/RPC or XML/REST) Web Browser 3. Conforms to the preexisting protocol Services Gateway Services Host Authentication & Authorization (Windows Based) Cross Domain Policy @ MSDN Blogs – Silverlight_plus_Java
B2B : Partner Env Silverlight Client Interaction & Transactional Services DMZ (Reverse Proxy) Site Of Origin XAP (HTTP GET) Protocolsgovernanceenforcementas defined by securitypolicies HTML + XAP Web Server Over SSL Protocol & Format Adaptation Web Services 2. Data Access (SOAP/RPC or XML/REST) Web Browser 3. Conforms to the preexisting protocol Services Gateway Services Host Authentication & Authorization (Claim based) Cross Domain Policy @ MSDN Blogs – Silverlight_plus_Java
B2C : Customer Env Silverlight Client Interaction & Transactional Services DMZ (Reverse Proxy) Site Of Origin XAP (HTTP GET) Protocolsgovernanceenforcement as defined by securitypolicies HTML + XAP Web Server Over SSL Protocol & Format Adaptation Web Services 2. Data Access (SOAP/RPC or XML/REST) Web Browser 3. Conforms to the preexisting protocol Services Gateway Services Host Authentication & Authorization (Formbased) Cross Domain Policy @ MSDN Blogs – Silverlight_plus_Java
Scenarios • Styles • XML/REST • SOAP/RPC • Configurations • Full Java • Mixed • Full MS