How # (sharp) is Your Katana (Ciprian Jichici)
-
Upload
itcamp -
Category
Technology
-
view
96 -
download
0
description
Transcript of How # (sharp) is Your Katana (Ciprian Jichici)
Premium community conference on Microsoft technologies itcampro@ itcamp14#
How # (sharp) is your Katana?
Ciprian JichiciGeneral Manager, GenisoftChief Architect, High-Tech Systems & SoftwareMicrosoft Regional Director, RomaniaMVP, Microsoft Azure
Roxana GoidaciChief Architect, Genisoft
Premium community conference on Microsoft technologies itcampro@ itcamp14#
Huge thanks to our sponsors & partners!
Premium community conference on Microsoft technologies itcampro@ itcamp14#
We’re proud to be Platinum sponsors!
Premium community conference on Microsoft technologies itcampro@ itcamp14#
A new world for web stacks
A real-world business scenario
#ening your Katana
Security, security, security
Agenda
Premium community conference on Microsoft technologies itcampro@ itcamp14#
A NEW WORLD FOR WEB STACKS
Premium community conference on Microsoft technologies itcampro@ itcamp14#
The Internet of Things is Here!
Premium community conference on Microsoft technologies itcampro@ itcamp14#
OWINOpen Web Interface for .NET
Premium community conference on Microsoft technologies itcampro@ itcamp14#
OWINFunc<IDictionary<string, object>, Task>
Func<IDictionary<string, object>, Task>;
Premium community conference on Microsoft technologies itcampro@ itcamp14#
The Role of OWIN
Premium community conference on Microsoft technologies itcampro@ itcamp14#
KATANA
Premium community conference on Microsoft technologies itcampro@ itcamp14#
Traditional Japanese sword
Microsoft’s implementation of OWIN
KATANA
Premium community conference on Microsoft technologies itcampro@ itcamp14#
A REAL-WORLD BUSINESS SCENARIO
Premium community conference on Microsoft technologies itcampro@ itcamp14#
The Sensiblu Mobile App
Datacenter
https://mobile.htss.ro/sensiblu
Premium community conference on Microsoft technologies itcampro@ itcamp14#
Service Availability is Critical
Datacenter
https://mobile.htss.ro/sensiblu
Microsoft Azure
REST endpoint tester
Premium community conference on Microsoft technologies itcampro@ itcamp14#
The Architecture
Premium community conference on Microsoft technologies itcampro@ itcamp14#
DEMO
A “Simple” REST tester
Premium community conference on Microsoft technologies itcampro@ itcamp14#
#ENING YOUR KATANA
Premium community conference on Microsoft technologies itcampro@ itcamp14#
Portable – substitute components
Modular/Flexible – small, focused components, giving great control over use
Lightweight/Performant/Scalable – break the monolith, consume fewer resources, scale better
The KATANA Project – High Level Goals
Premium community conference on Microsoft technologies itcampro@ itcamp14#
Common wisdom says it has a direct dependency on the complexity of the solution
Intermezzo – About Software Scalability
Premium community conference on Microsoft technologies itcampro@ itcamp14#
So…..
A piece of software that does absolutely nothing will scale infinitely
- Scot Hanselman
Intermezzo – About Software Scalability
Premium community conference on Microsoft technologies itcampro@ itcamp14#
IAppBuilder is the core concept
Enables the chaining of middleware components
The KATANA Project
Premium community conference on Microsoft technologies itcampro@ itcamp14#
The KATANA Project
Premium community conference on Microsoft technologies itcampro@ itcamp14#
Use an Azure Worker Role
Use Web API for the management endpoint
Use a lightweight web stack based on OWIN / KATANA
Use Windows Azure Active Directory for authentication
Our Technical Approach
Premium community conference on Microsoft technologies itcampro@ itcamp14#
DEMO
Bootstrapping KATANA in an Azure Worker Role
Premium community conference on Microsoft technologies itcampro@ itcamp14#
SECURITY, SECURITY, SECURITY
Premium community conference on Microsoft technologies itcampro@ itcamp14#
Our problem:
The management endpoint cannot be called by anyone
Secure, but how?
Premium community conference on Microsoft technologies itcampro@ itcamp14#
KATANA makes it all “simple”:
1. Register your service with WAAD
2. Call UseWindowsAzureActiveDirectoryBearerAuthentication
when bootstrapping
Believe it or not, that’s all you need to do
Windows Azure Active Directory @ work
Premium community conference on Microsoft technologies itcampro@ itcamp14#
But…
There a LOT going on behind the scenes…
Windows Azure Active Directory @ work
Premium community conference on Microsoft technologies itcampro@ itcamp14#
We use the Bearer token approach
- No need to prove possession of a cryptographic key
- Protect in storage and transport (that’s why we need HTTPS)
The Rich Client Story
Premium community conference on Microsoft technologies itcampro@ itcamp14#
DEMO
Implementing a secure Web API endpoint with KATANA and WAAD
Premium community conference on Microsoft technologies itcampro@ itcamp14#
We needed a small, flexible, and secure web stack in an Azure worker role
We used OWIN / KATANA integrated with Windows Azure Active Directory
Our solution demonstrates how the new modular web stack of the future works in a real, cloud-based scenario
In an nutshell…
Premium community conference on Microsoft technologies itcampro@ itcamp14#
Q & A