Designing the End to End.NET Application Hans Verbeeck Developer Consultant Microsoft EMEA.

Designing the End to End .NET ApplicationHans [email protected] ConsultantMicrosoft EMEA

2

Agenda

A usecase driven approach From Use Case to data model to physical database

design Demo Choices to make up front

Type of client Partitioning of the application Host for the middle tier Data carrier

Conclusions

3

Why analize?

Analyze the Business Problem Understand the Business Logic Consider Enterprise Issues

4

UML – Unified Modelling Language9 types of diagrams

Class (Package) diagrams Use Case diagrams Statechart diagrams Object diagrams Sequence diagrams Collaboration diagrams Activity diagrams Component diagrams Deployment diagrams

5

Use Cases are...

Textual description of a general interaction with the system

Services or functions provided by the system to its users

List Available Products

User

Raise Purchase Order

Vendor System

Process Order

ACTORS

USE CASES

SYSTEM BOUNDARY

6

Applied Use Cases

Actors are our user roles Browser Reporter (data) Admin Buyer+ External systems offering their shopping catalogs

through Web Services Use Cases

Course grained in design

7

Football247.net use case diagram

Browse Football

DataBrowser

Reporter

Buy

Administrator

Authentication

Game Reporting

Shopping

User Maintenace

Import Football Data

…

Game Maintenance

8

Agenda




Conclusions

9

Beyond the Use Case

Pick most important Use Case first Browse Football Data

Most of the Football247.net web site is served by this use case +90% of operations will be read operations Example:

A user browses to the homepage of the football247.net site. He takes a look at the league table for the Premier League. He clicks on his favorite team and sees the upcoming games, he continues by looking at the results for the past games and finally he checks the news about the team

Our reasoning: When a Browser clicks on a team he’s most likely interested in different kinds of information about the team

10

Football247.net

Football247.Presentation

User Tier

Business Tier

Data Tier

SystemArchitecture

SolutionStructure

ApplicationArchitecture

.Administrator, .Reporter

.WebSite .WebControls

.WinControls

.Facades

Football247.Business

.Facades .Host

.Services

Football247.Data

.DataAccess

Football247.Common

.Core

.Datasets

11

The Façade PatternProvides a simple interface to a complex system

FaçadeFaçadeClient

Facade

Uses1

*

12

The BrowserFacadeOur Façades are Use Case Façades

+GetFutureGamesByDivisionID(in divisionID : int, in numberOfDays : int) : FutureGameData+GetLiveGamesByDivisionID(in divisionID : int) : LiveGameData+GetPastGamesByDivisionID(in divisionID : int, in numberOfDays : int) : PastGameData+GetGameDetailsByID(in gameID : int) : GameDetailData+GetDivisions() : DivisionData+GetDivisionByID(in divisionID : int) : DivisionData+GetTeamsByDivisionID(in divisionID : int) : TeamData+GetTeamDetailsByID(in teamID : int, in pastNumberOfDays : int, in futureNumberOfDays : int) : TeamDetailData+GetPlayersByTeamID(in teamID : int) : PlayerData+GetPlayerByID(in playerID : int) : PlayerData+GetNewsItemByID(in newsItemID : int) : NewsData+GetNewsByDivisionID(in divisionID : int, in numDays : int) : NewsData+GetDivisionalTablesByDivisionID(in divisionID : int) : DivisionalTableData

«Façade»BrowserFacade

GetDivisions() : DivisionData GetTeamsByDivisionID(in divisionID : int) :

TeamData ... GetTeamDetailsByID(...) : TeamDetailData

13

Sequence DiagramsUse them to get an idea of methods and data involved in more complex operations

reporterFacade gameServices

gameEventsDataAccesor

gameEventTypeValidator

PostGameEvents(GameEventData)

Validate(EventType)

OK

AddGameEvent(GameEventData) game

DataAccesor

GetGameByID(ID)

GameData

UpdateGame(GameData)

X X

X

X

X

If it’s a goal event then the game’s score Should be updated in the same transaction

14

Designing DatasetsGetTeamsByDivisionID(in divisionID : int) : TeamDataGetTeamDetailsByID(...) : TeamDetailData

+Teams

«Dataset»TeamData

+TeamID+TeamName

«DataTable»Teams

+TeamID+OfficialTeamID+TeamName+StadiumName+City+DivisionID+Trainer+LogoUri+DivisionName

«DataTable»Teams

+Teams+Players+NewsItems+FutureGames

«Dataset»TeamDetailData

+PastGames

+PlayerID+PlayerNumber+PlayerName+PlayerPosition+GoalsScored+Age+Nationality+PictureUri

«DataTable»Players

15

Agenda




Conclusions

16

Use Case

Façade

DataSet

DataTable

Visio for Enterprise Architects

17

Agenda




Conclusions

18

Web Forms or Windows FormsDo you want thin, thick, fat, rich, dumb, smart, Windows or Internet?

Web Forms Windows FormsUser Experience

Relatively hard to make web pages dynamic with DHTML.

Dynamic, responsive UI. End users love it.

Deployment

Easy. Only on server. Can be deployed through web server..NET Framework required on client.

Updating Shadow copying prevents restarts of the web application

Can update on web server.

Security Authorized actions depend on zone.

Authorized actions depend on zone. Code Access Security.

Mobile Microsoft Mobile Internet Toolkit

.NET Compact Framework

ReachReach RichRich

19

Presentation Data

Football247.net clients

WSFaçade(asmx)

ASP .NETUI

(aspx)

WINService

Business

WSFaçade

ES Façade

BizServices

DAL

SPor

browser

admin

reporter

20

Agenda




Conclusions

21

Partitioning a distributed application

Deployment Security Scalability / Performance

22

Partitioning for deploymentHow many physical tiers must be supported? Possible deployment scenarios

Stand alone application (single box) Distributed application Hosted stand alone application Hosted distributed application

Design Patterns make abstraction of component location and inter-component-communication

Football247.net is designed for flexible deployment

23

Partitioning for deploymentone, two, three-tier

Presentation Data

WSFaçade(asmx)

ASP .NETUI

(aspx)

WINService

Business

WSFaçade

ES Façade

BizServices

DAL

SPor

browser

admin

reporter

+ Easy to admin+ Most hosting companies offer this+ Performance might benefit from

no-network-hops

- Scalability: can only scale up- Security: if this machine is

compromised, everything is

Single box

24


Presentation Data

WSFaçade(asmx)

ASP .NETUI

(aspx)

WINService

Business

WSFaçade

ES Façade

BizServices

DAL

SPor

browser

admin

reporter

Database Server

+ Performance: minimized network hops

+ More options for security and scalability

- Scalability: UI and middle-tier must scale together

- Security: when web server is compromised, the hacker can access data

access code- cost

Web Server as application server

25


Presentation Data

WSFaçade(asmx)

ASP .NETUI

(aspx)

WINService

Business

WSFaçade

ES Façade

BizServices

DAL

SPor

browser

admin

reporter

Database Server

+ Scalability: web farms+ Security: DMZ+ Middle tier is a resource to be

used by many different clients

- Perf: network hops- Complexity: Web Server is not in

corporate domain- cost

Application Server

Web Server

26

Partitioning for security

Keep most complex deployment scenario you need to support in mind

Football247.net Web Server in DMZ + Application Server + Database

Server DMZ: Not in domain so no integrated Windows authentication

Single box at hosting company Not in a Windows Domain

Decision: Custom Authentication Pluggable architure Ready for future technologies (WS-Security) Runs in any deployment scenario

27

Presentation Data

Authentication and authorization

WSFaçade(asmx)

ASP .NETUI

(aspx)

WINService

Business

WSFaçade

ES Façade

BizServices

DAL

SP

or

browser

admin

reporter

User supplies User User supplies User ID and PasswordID and Password

< < /> />User ID and User ID and Password travel in Password travel in SoapHeadersSoapHeaders

Custom HTTP Handler unpacks Custom HTTP Handler unpacks credentials, raises event in credentials, raises event in global.asax which creates and global.asax which creates and caches principal.caches principal.

< < /> />User ID and User ID and Password travel in Password travel in SoapHeadersSoapHeaders

.NET role .NET role based securitybased security

Based on role, one of Based on role, one of four connectionstrings four connectionstrings is used(browser,admin, is used(browser,admin, reporter, default).reporter, default).

28

Partitioning for Scalability / PerformanceNever believe anything anyone says about perf Test performance

yourself Performance tests

should model real world scenarios Do nothing tests show

only the overhead Real apps show overhead

as an often insignificant percentage of the overall work

Set the target based on capacity planning

Test regularly to insure you are hitting target

0

5

10

15

20

25

30

35

R

P

S

.aspx pagemethod

ServicedComponent (Lib)

Class Lib

ServicedComponent(Server)Web Service

29

Partitioning for Scalability / PerformanceDesigning for scalability – our choices Stored Procedures & System.Data.SQLClient

+ performance+ sp’s hide database details & protects database tables+ one location for SQL coding- portability

Web Services for Business components+ easy of deployment (xcopy)+ standards based+ future ready- performance

Optimized for reads+ Reduced cross process / cross machine calls == better

performance+ user experience- No true OO middle tier

30

Agenda




Conclusions

31

Options for hosting the Middle Tier

Web Services Façade Enterprise Services Façade

Hosted by IIS, communication through Remoting Loaded as Library Application in the Presentation

Web Services Façade or the ASP .NET Web Application

ServicedComponents are COM+ Server application

Windows Service

32

Presentation Data

Options for hosting the Middle TierWeb Services Façade

WSFaçade(asmx)

ASP .NETUI

(aspx)

WINService

Business

WSFaçade

BizServices

DAL

SP

browser

admin

reporter

+ easy to deploy+ easy to deploy+ easy to reuse+ easy to reuse+ can publish in + can publish in UUDIUUDI

-PerformancePerformance-Always X-ProcessAlways X-Process

33

ServicedComponentsHuge diference between Server and Library Applications

Server LibraryRegistration

Needs to be registered in COM+ catalog and in the GAC

COM+ catalog

COM Interop

For every call Only when object is instantiated

Updating Disable, recycle, update and re-enable

Shadow Copying

Security Runs with own identity

Runs in security context of the caller

34

Presentation Data

Options for hosting the Middle TierEnterprise Services Façade

WSFaçade(asmx)

ASP .NETUI

(aspx)

WINService

Business

ESFaçade

hosted in IIS

BizServices

DAL

SP

browser

admin

reporter

+ can configure + can configure remotingremoting+ performance+ performance

-RegistrationRegistration-Always X-ProcessAlways X-Process

35

Presentation Data


WSFaçade(asmx)

ASP .NETUI

(aspx)

WINService

Business

ESFaçade. Library

app. Loaded

on client process

BizServices

DAL

SP

browser

admin

reporter

+ performance+ performance

-RegistrationRegistration-Have to do authorization Have to do authorization and authentication in the and authentication in the presentation tierpresentation tier

36

Presentation Data


WSFaçade(asmx)

ASP .NETUI

(aspx)

WINService

Business

ESFaçade

hosted in DLLHost(server

app)

BizServices

DAL

SP

browser

admin

reporter

+ COM+ services+ COM+ services+ DCOM has some + DCOM has some nice featuresnice features

-Registration (GAC)Registration (GAC)-Always X-ProcessAlways X-Process-DCOM is COM interopDCOM is COM interop

37

Agenda




Conclusions

38

Data carrier optionsChose based on programming model, performance and maintainability

Datasets Typed Datasets XML Collections

39

Data Carrier OptionsDatasets

Pros Disconnected model

Performance Abstraction

XML aware Databinding

Cons Type checking at runtime Diffgrams XML overhead (even when used with remoting

over tcpchannel) Risk to be tightly coupled to database schema

40

Data Carrier OptionsTyped Datasets

Pros Disconnected model Designer to build XSD’s Even better databinding Design time type checking Intellisense + readability of code

Cons Deployment, versioning Diffgrams Overhead (8 – 10% slower) Support in Compact Framework Risk to be tightly coupled to database schema

41

Data Carrier OptionsTrue XML

Pros Standard Flexible

Cons Little Semantics Custom XML Manipulation

42

Data Carrier OptionsCollections

Pros OO Portable Can databind if collection implements

IBindingList Cons

Code code code Performance

43

Agenda




Conclusions

44

Conclusions

It’s better to use UML than not to use it Starting with Use Cases makes sense Make important choices upfront

Deployment Security

45

Resources

In the pack you receive at the end of the day Post-event CD http://www.football247.net Football247.Net Workspace on

http://www.gotdotnet.com http://www.rational.com/UML/ Building Secure ASP .NET Solutions http

://www.microsoft.com/downloads/release.asp?ReleaseID=44047

http://www.football247.net/

http://www.gotdotnet.com/

http://www.rational.com/UML/

http://www.rational.com/UML/

http://www.microsoft.com/downloads/release.asp?ReleaseID=44047



46© 2002 Microsoft Corporation. All rights reserved.© 2002 Microsoft Corporation. All rights reserved.

Designing the End to End.NET Application Hans Verbeeck Developer Consultant Microsoft EMEA.

Documents