Designing the End to End .NET Application Hans Verbeeck [email protected] Developer Consultant Microsoft EMEA
Designing the End to End .NET ApplicationHans [email protected] ConsultantMicrosoft EMEA
2
Agenda
A usecase driven approach From Use Case to data model to physical database
design Demo Choices to make up front
Type of client Partitioning of the application Host for the middle tier Data carrier
Conclusions
3
Why analize?
Analyze the Business Problem Understand the Business Logic Consider Enterprise Issues
4
UML – Unified Modelling Language9 types of diagrams
Class (Package) diagrams Use Case diagrams Statechart diagrams Object diagrams Sequence diagrams Collaboration diagrams Activity diagrams Component diagrams Deployment diagrams
5
Use Cases are...
Textual description of a general interaction with the system
Services or functions provided by the system to its users
List Available Products
User
Raise Purchase Order
Vendor System
Process Order
ACTORS
USE CASES
SYSTEM BOUNDARY
6
Applied Use Cases
Actors are our user roles Browser Reporter (data) Admin Buyer+ External systems offering their shopping catalogs
through Web Services Use Cases
Course grained in design
7
Football247.net use case diagram
Browse Football
DataBrowser
Reporter
Buy
Administrator
Authentication
Game Reporting
Shopping
User Maintenace
Import Football Data
…
Game Maintenance
8
Agenda
A usecase driven approach From Use Case to data model to physical database
design Demo Choices to make up front
Type of client Partitioning of the application Host for the middle tier Data carrier
Conclusions
9
Beyond the Use Case
Pick most important Use Case first Browse Football Data
Most of the Football247.net web site is served by this use case +90% of operations will be read operations Example:
A user browses to the homepage of the football247.net site. He takes a look at the league table for the Premier League. He clicks on his favorite team and sees the upcoming games, he continues by looking at the results for the past games and finally he checks the news about the team
Our reasoning: When a Browser clicks on a team he’s most likely interested in different kinds of information about the team
10
Football247.net
Football247.Presentation
User Tier
Business Tier
Data Tier
SystemArchitecture
SolutionStructure
ApplicationArchitecture
.Administrator, .Reporter
.WebSite .WebControls
.WinControls
.Facades
Football247.Business
.Facades .Host
.Services
Football247.Data
.DataAccess
Football247.Common
.Core
.Datasets
11
The Façade PatternProvides a simple interface to a complex system
FaçadeFaçadeClient
Facade
Uses1
*
12
The BrowserFacadeOur Façades are Use Case Façades
+GetFutureGamesByDivisionID(in divisionID : int, in numberOfDays : int) : FutureGameData+GetLiveGamesByDivisionID(in divisionID : int) : LiveGameData+GetPastGamesByDivisionID(in divisionID : int, in numberOfDays : int) : PastGameData+GetGameDetailsByID(in gameID : int) : GameDetailData+GetDivisions() : DivisionData+GetDivisionByID(in divisionID : int) : DivisionData+GetTeamsByDivisionID(in divisionID : int) : TeamData+GetTeamDetailsByID(in teamID : int, in pastNumberOfDays : int, in futureNumberOfDays : int) : TeamDetailData+GetPlayersByTeamID(in teamID : int) : PlayerData+GetPlayerByID(in playerID : int) : PlayerData+GetNewsItemByID(in newsItemID : int) : NewsData+GetNewsByDivisionID(in divisionID : int, in numDays : int) : NewsData+GetDivisionalTablesByDivisionID(in divisionID : int) : DivisionalTableData
«Façade»BrowserFacade
GetDivisions() : DivisionData GetTeamsByDivisionID(in divisionID : int) :
TeamData ... GetTeamDetailsByID(...) : TeamDetailData
13
Sequence DiagramsUse them to get an idea of methods and data involved in more complex operations
reporterFacade gameServices
gameEventsDataAccesor
gameEventTypeValidator
PostGameEvents(GameEventData)
Validate(EventType)
OK
AddGameEvent(GameEventData) game
DataAccesor
GetGameByID(ID)
GameData
UpdateGame(GameData)
X X
X
X
X
If it’s a goal event then the game’s score Should be updated in the same transaction
14
Designing DatasetsGetTeamsByDivisionID(in divisionID : int) : TeamDataGetTeamDetailsByID(...) : TeamDetailData
+Teams
«Dataset»TeamData
+TeamID+TeamName
«DataTable»Teams
+TeamID+OfficialTeamID+TeamName+StadiumName+City+DivisionID+Trainer+LogoUri+DivisionName
«DataTable»Teams
+Teams+Players+NewsItems+FutureGames
«Dataset»TeamDetailData
+PastGames
+PlayerID+PlayerNumber+PlayerName+PlayerPosition+GoalsScored+Age+Nationality+PictureUri
«DataTable»Players
15
Agenda
A usecase driven approach From Use Case to data model to physical database
design Demo Choices to make up front
Type of client Partitioning of the application Host for the middle tier Data carrier
Conclusions
16
Use Case
Façade
DataSet
DataTable
Visio for Enterprise Architects
17
Agenda
A usecase driven approach From Use Case to data model to physical database
design Demo Choices to make up front
Type of client Partitioning of the application Host for the middle tier Data carrier
Conclusions
18
Web Forms or Windows FormsDo you want thin, thick, fat, rich, dumb, smart, Windows or Internet?
Web Forms Windows FormsUser Experience
Relatively hard to make web pages dynamic with DHTML.
Dynamic, responsive UI. End users love it.
Deployment
Easy. Only on server. Can be deployed through web server..NET Framework required on client.
Updating Shadow copying prevents restarts of the web application
Can update on web server.
Security Authorized actions depend on zone.
Authorized actions depend on zone. Code Access Security.
Mobile Microsoft Mobile Internet Toolkit
.NET Compact Framework
ReachReach RichRich
19
Presentation Data
Football247.net clients
WSFaçade(asmx)
ASP .NETUI
(aspx)
WINService
Business
WSFaçade
ES Façade
BizServices
DAL
SPor
browser
admin
reporter
20
Agenda
A usecase driven approach From Use Case to data model to physical database
design Demo Choices to make up front
Type of client Partitioning of the application Host for the middle tier Data carrier
Conclusions
21
Partitioning a distributed application
Deployment Security Scalability / Performance
22
Partitioning for deploymentHow many physical tiers must be supported? Possible deployment scenarios
Stand alone application (single box) Distributed application Hosted stand alone application Hosted distributed application
Design Patterns make abstraction of component location and inter-component-communication
Football247.net is designed for flexible deployment
23
Partitioning for deploymentone, two, three-tier
Presentation Data
WSFaçade(asmx)
ASP .NETUI
(aspx)
WINService
Business
WSFaçade
ES Façade
BizServices
DAL
SPor
browser
admin
reporter
+ Easy to admin+ Most hosting companies offer this+ Performance might benefit from
no-network-hops
- Scalability: can only scale up- Security: if this machine is
compromised, everything is
Single box
24
Partitioning for deploymentone, two, three-tier
Presentation Data
WSFaçade(asmx)
ASP .NETUI
(aspx)
WINService
Business
WSFaçade
ES Façade
BizServices
DAL
SPor
browser
admin
reporter
Database Server
+ Performance: minimized network hops
+ More options for security and scalability
- Scalability: UI and middle-tier must scale together
- Security: when web server is compromised, the hacker can access data
access code- cost
Web Server as application server
25
Partitioning for deploymentone, two, three-tier
Presentation Data
WSFaçade(asmx)
ASP .NETUI
(aspx)
WINService
Business
WSFaçade
ES Façade
BizServices
DAL
SPor
browser
admin
reporter
Database Server
+ Scalability: web farms+ Security: DMZ+ Middle tier is a resource to be
used by many different clients
- Perf: network hops- Complexity: Web Server is not in
corporate domain- cost
Application Server
Web Server
26
Partitioning for security
Keep most complex deployment scenario you need to support in mind
Football247.net Web Server in DMZ + Application Server + Database
Server DMZ: Not in domain so no integrated Windows authentication
Single box at hosting company Not in a Windows Domain
Decision: Custom Authentication Pluggable architure Ready for future technologies (WS-Security) Runs in any deployment scenario
27
Presentation Data
Authentication and authorization
WSFaçade(asmx)
ASP .NETUI
(aspx)
WINService
Business
WSFaçade
ES Façade
BizServices
DAL
SP
or
browser
admin
reporter
User supplies User User supplies User ID and PasswordID and Password
< < /> />User ID and User ID and Password travel in Password travel in SoapHeadersSoapHeaders
Custom HTTP Handler unpacks Custom HTTP Handler unpacks credentials, raises event in credentials, raises event in global.asax which creates and global.asax which creates and caches principal.caches principal.
< < /> />User ID and User ID and Password travel in Password travel in SoapHeadersSoapHeaders
.NET role .NET role based securitybased security
Based on role, one of Based on role, one of four connectionstrings four connectionstrings is used(browser,admin, is used(browser,admin, reporter, default).reporter, default).
28
Partitioning for Scalability / PerformanceNever believe anything anyone says about perf Test performance
yourself Performance tests
should model real world scenarios Do nothing tests show
only the overhead Real apps show overhead
as an often insignificant percentage of the overall work
Set the target based on capacity planning
Test regularly to insure you are hitting target
0
5
10
15
20
25
30
35
R
P
S
.aspx pagemethod
ServicedComponent (Lib)
Class Lib
ServicedComponent(Server)Web Service
29
Partitioning for Scalability / PerformanceDesigning for scalability – our choices Stored Procedures & System.Data.SQLClient
+ performance+ sp’s hide database details & protects database tables+ one location for SQL coding- portability
Web Services for Business components+ easy of deployment (xcopy)+ standards based+ future ready- performance
Optimized for reads+ Reduced cross process / cross machine calls == better
performance+ user experience- No true OO middle tier
30
Agenda
A usecase driven approach From Use Case to data model to physical database
design Demo Choices to make up front
Type of client Partitioning of the application Host for the middle tier Data carrier
Conclusions
31
Options for hosting the Middle Tier
Web Services Façade Enterprise Services Façade
Hosted by IIS, communication through Remoting Loaded as Library Application in the Presentation
Web Services Façade or the ASP .NET Web Application
ServicedComponents are COM+ Server application
Windows Service
32
Presentation Data
Options for hosting the Middle TierWeb Services Façade
WSFaçade(asmx)
ASP .NETUI
(aspx)
WINService
Business
WSFaçade
BizServices
DAL
SP
browser
admin
reporter
+ easy to deploy+ easy to deploy+ easy to reuse+ easy to reuse+ can publish in + can publish in UUDIUUDI
-PerformancePerformance-Always X-ProcessAlways X-Process
33
ServicedComponentsHuge diference between Server and Library Applications
Server LibraryRegistration
Needs to be registered in COM+ catalog and in the GAC
COM+ catalog
COM Interop
For every call Only when object is instantiated
Updating Disable, recycle, update and re-enable
Shadow Copying
Security Runs with own identity
Runs in security context of the caller
34
Presentation Data
Options for hosting the Middle TierEnterprise Services Façade
WSFaçade(asmx)
ASP .NETUI
(aspx)
WINService
Business
ESFaçade
hosted in IIS
BizServices
DAL
SP
browser
admin
reporter
+ can configure + can configure remotingremoting+ performance+ performance
-RegistrationRegistration-Always X-ProcessAlways X-Process
35
Presentation Data
Options for hosting the Middle TierEnterprise Services Façade
WSFaçade(asmx)
ASP .NETUI
(aspx)
WINService
Business
ESFaçade. Library
app. Loaded
on client process
BizServices
DAL
SP
browser
admin
reporter
+ performance+ performance
-RegistrationRegistration-Have to do authorization Have to do authorization and authentication in the and authentication in the presentation tierpresentation tier
36
Presentation Data
Options for hosting the Middle TierEnterprise Services Façade
WSFaçade(asmx)
ASP .NETUI
(aspx)
WINService
Business
ESFaçade
hosted in DLLHost(server
app)
BizServices
DAL
SP
browser
admin
reporter
+ COM+ services+ COM+ services+ DCOM has some + DCOM has some nice featuresnice features
-Registration (GAC)Registration (GAC)-Always X-ProcessAlways X-Process-DCOM is COM interopDCOM is COM interop
37
Agenda
A usecase driven approach From Use Case to data model to physical database
design Demo Choices to make up front
Type of client Partitioning of the application Host for the middle tier Data carrier
Conclusions
38
Data carrier optionsChose based on programming model, performance and maintainability
Datasets Typed Datasets XML Collections
39
Data Carrier OptionsDatasets
Pros Disconnected model
Performance Abstraction
XML aware Databinding
Cons Type checking at runtime Diffgrams XML overhead (even when used with remoting
over tcpchannel) Risk to be tightly coupled to database schema
40
Data Carrier OptionsTyped Datasets
Pros Disconnected model Designer to build XSD’s Even better databinding Design time type checking Intellisense + readability of code
Cons Deployment, versioning Diffgrams Overhead (8 – 10% slower) Support in Compact Framework Risk to be tightly coupled to database schema
41
Data Carrier OptionsTrue XML
Pros Standard Flexible
Cons Little Semantics Custom XML Manipulation
42
Data Carrier OptionsCollections
Pros OO Portable Can databind if collection implements
IBindingList Cons
Code code code Performance
43
Agenda
A usecase driven approach From Use Case to data model to physical database
design Demo Choices to make up front
Type of client Partitioning of the application Host for the middle tier Data carrier
Conclusions
44
Conclusions
It’s better to use UML than not to use it Starting with Use Cases makes sense Make important choices upfront
Deployment Security
45
Resources
In the pack you receive at the end of the day Post-event CD http://www.football247.net Football247.Net Workspace on
http://www.gotdotnet.com http://www.rational.com/UML/ Building Secure ASP .NET Solutions http
://www.microsoft.com/downloads/release.asp?ReleaseID=44047
46© 2002 Microsoft Corporation. All rights reserved.© 2002 Microsoft Corporation. All rights reserved.