Pro Scalable .NET 2.0 Application Designs
Joachim Rossberg Rickard Redler
Pro Scalable .NET 2.0
Application DesignsPro Scalable .NET 2.0 Application Designs Copyright © 2006 by Joachim Rossberg and Rickard Redler All rights reserved. No part of this work may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or by any information storage or retrieval system, without the prior written permission of the copyright owner and the publisher.
ISBN: 1-59059-541-6 Printed and bound in the United States of America 9 8 7 6 5 4 3 2 1
Trademarked names may appear in this book. Rather than use a trademark symbol with every occurrence
of a trademarked name, we use the names only in an editorial fashion and to the benefit of the trademark
owner, with no intention of infringement of the trademark. Lead Editor: Ewan Buckingham Technical Reviewer: Jason LefebvreEditorial Board: Steve Anglin, Dan Appleman, Ewan Buckingham, Gary Cornell, Tony Davis, Jason Gilmore,
Jonathan Hassell, Chris Mills, Dominic Shakeshaft, Jim Sumser Project Manager: Beckie Stones Copy Edit Manager: Nicole LeClerc Copy Editor: Julie M. Smith Assistant Production Director: Kari Brooks-Copony Production Editor: Lori Bring Compositor and Artist: Kinetic Publishing Services, LLC Proofreader: Linda Seifert Indexer: Broccoli Information Management Interior Designer: Van Winkle Design Group Cover Designer: Kurt Krames Manufacturing Director: Tom Debolski Distributed to the book trade worldwide by Springer-Verlag New York, Inc., 233 Spring Street, 6th Floor,New York, NY 10013. Phone 1-800-SPRINGER, fax 201-348-4505, e-mail orders-ny@springer-sbm.com, or
visit http://www.springeronline.com. For information on translations, please contact Apress directly at 2560 Ninth Street, Suite 219, Berkeley,CA 94710. Phone 510-549-5930, fax 510-549-5939, e-mail info@apress.com, or visit http://www.apress.com.
The information in this book is distributed on an “as is” basis, without warranty. Although every precau-
tion has been taken in the preparation of this work, neither the author(s) nor Apress shall have anyliability to any person or entity with respect to any loss or damage caused or alleged to be caused directly
or indirectly by the information contained in this work.The source code for this book is available to readers at http://www.apress.com in the Source Code section.
To Karin
Opus, you will always be with me in my heart
Gaston, this one is for you as well
—Joachim Rossberg
To Jenny & Leah
—Rickard Redler
Contents at a Glance Foreword . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xv About the Authors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xvii About the Technical Reviewer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xix Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxi Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxiii
CHAPTER 1
. . . . . . . . . . . . . . . . . . . . 1
Introduction to Enterprise Application Design ■
CHAPTER 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31 Windows Server System ■
CHAPTER 3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63 Cluster Techniques ■
CHAPTER 4
. . . . . . . . . . . . . . . . . . . . . 97
An Overview of the Windows Server Family ■
CHAPTER 5 . . . . . . . . . . . . . . . . . . . . . . . 149 The Enterprise Application Architecture ■
CHAPTER 6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207 Web Services Design and Practice ■
CHAPTER 7 . . . . . . . . . . . . . . . . . . . . . . . . . . . 277 Service Oriented Architecture (SOA) ■
CHAPTER 8 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 307 Internet Information Services ■
CHAPTER 9 . . . . . . . . . . . . . . . . . . . . . . . . . . 345 Data Storage Design and SQL Server ■
CHAPTER 10 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 391 An Example Application ■
APPENDIX A . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 473 Test Equipment At Dell
■ APPENDIX B . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 475
Coding Conventions ■
INDEX . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 489 ■ v
Contents Foreword . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xv About the Authors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xvii About the Technical Reviewer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xix Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxi Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxiii
CHAPTER 1
. . . . . . . . . . . . . 1
Introduction to Enterprise Application Design
■ In the Beginning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 Enterprises Today . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 Types of Integration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 Integration with Legacy Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
Integration with Actors Outside the Enterprise . . . . . . . . . . . . . . . . . . . 8 SOA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 Content Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 The Anatomy of a Content Management System (CMS) . . . . . . . . . . 13
Problems with Content Management Today . . . . . . . . . . . . . . . . . . . . 14 The Content Creators . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 The Unified Modeling Language (UML) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 Activity Diagram . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Use Cases and Use Case Diagrams . . . . . . . . . . . . . . . . . . . . . . . . . . . 20 Sequence Diagrams . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22 Class Diagrams . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 UML and SOA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
Object Role Modeling (ORM) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27 Why Use ORM? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29 ORM and SOA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
■ Microsoft Operating Systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33 Windows 2000 Server Family . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
CHAPTER 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31 Windows Server System
Windows Server 2003 Family . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36 Windows Server System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61 vii cafac74dd2d083cbec0906b66fcd56b1
viii C O N T E N T S ■
■ What Clustering Does . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64 Availability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64
CHAPTER 3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63 Cluster Techniques
Scalability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64 Different Types of Clusters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64 Network Load Balancing (NLB) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64 Microsoft Cluster Service (MSCS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64 Combining the Two . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65 When to Use What . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66
Network Load Balancing Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66 Concept . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67 Scalability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69 Availability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69 Manageability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70 Pros and Cons . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70
MS Cluster Service Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71 Concept . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72 Availability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73 Manageability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73 Pros and Cons . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73 Application Center Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74 Concept . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75 Cluster Services and Load Balancing . . . . . . . . . . . . . . . . . . . . . . . . . . 76 Synchronization and Deployment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82 Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83 Use of Application Center . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89 Maintaining Session State in a Clustered Solution . . . . . . . . . . . . . . . 94 Pros and Cons . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96
CHAPTER 4
. . . . . . . . . . . . . . 97
An Overview of the Windows Server Family
■ Windows Server Architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97 Scalability, Availability, and Reliability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112 Performance Comparisons . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133 Security in Windows . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148
ix C O N T E N T S
■
CHAPTER 5
. . . . . . . . . . . . . . . . . 149
The Enterprise Application Architecture
■ What Is an Enterprise Application? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149 Internet Information Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151
COM+ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151 Microsoft Message Queuing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 152 Windows Server 2003 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153 .NET Framework . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153 The Enterprise Architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156 Enterprise Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157
OOP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 158 Abstraction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 158 Encapsulation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 158 Inheritance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 158 Polymorphism . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159 Design Patterns and Layers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159 Creational Patterns . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 160 Structural Patterns . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161 Behavioral Patterns . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163 The Enterprise Application and Its Layers . . . . . . . . . . . . . . . . . . . . . 166
The Enterprise Library . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 170 Caching Application Block . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 170 Configuration Application Block . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 171 Data Access Application Block . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 171 Cryptography Application Block . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 171 Exception Handling Application Block . . . . . . . . . . . . . . . . . . . . . . . . 171 Logging and Instrumentation Application Block . . . . . . . . . . . . . . . 171 Security Application Block . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 171
Coding Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 172 Comments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 172 Memory Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 172 Data Access Strategy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173 Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 174 .NET Enterprise Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 175 Transactions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 176 Deployment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177 Versioning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 180 Serviced Components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 181
x C O N T E N T S ■
Windows/Web Forms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 184 Windows Forms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185 Web Forms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 187 Web Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188
.NET Remoting in the Enterprise World . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188 The .NET Remoting Architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189 Choosing .NET Remoting Objects or Web Services . . . . . . . . . . . . . 190 Content Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 191 Analyze the Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 191 Some of the Content Management Tools on the Market . . . . . . . . . 194 Content Management Systems Wrap-Up . . . . . . . . . . . . . . . . . . . . . . 197 Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 198 Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 199 Input Validation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 202
Testing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 203 Rule 1: Testing Should Begin in the Planning Phase . . . . . . . . . . . . 203 Rule 2: Test Against Measurable Criteria . . . . . . . . . . . . . . . . . . . . . . 203 Rule 3: Testing Is for Experienced Developers—
Not for Rookies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 203 Rule 4: The Test Environment Should Be Identical to the Real Environment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 203 Rule 5: Security Concerns Will Continue to Increase . . . . . . . . . . . . 204
Rule 6: Approach Automated Testing Tools with Caution . . . . . . . . 204 Rule 7: Complex Today—Even Worse Tomorrow . . . . . . . . . . . . . . . 204 Testing Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 204 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 206
CHAPTER 6
. . . . . . . . . . . . . . . . . . . . . . . 207
Web Services Design and Practice
■Web Services and Distributed Applications . . . . . . . . . . . . . . . . . . . . . . . . . 208 What Can You Do with Web Services? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209 Deciding When to Use Web Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209 When to Use Web Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 210
When Not to Use Web Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 210 Interoperability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 211 Business-to-Business Integration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 212 Software Reuse with Web Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 212 The Building Blocks of Web Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 213
XML . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 213
XSD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 214 SOAP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 216
xi C O N T E N T S
■ SOAP over HTTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 222 SOAP over HTTPS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 223 RPC and SOAP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 224 Error Messages in SOAP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 225 WSDL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 225 UDDI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 226 Transactions and Web Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 227 Putting It All Together . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 227
Using SOAP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 230 Tracing SOAP Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 230 The Web Service Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 230 Soap Faults . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 235 Extending SOAP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 237 SOAP Headers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 238
SOAP Extensions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 239
Using SOAP Extensions to Implement Authorization for
a Web Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 240 Handling Binary Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 242Handling Attachments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 243 WS-I Specifications and Support for Security . . . . . . . . . . . . . . . . . . 243 Web Services Enhancements (WSE) SDK . . . . . . . . . . . . . . . . . . . . . 245 WSE and Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 249 WSE and Binary Attachments in DIME Format . . . . . . . . . . . . . . . . . 259 WSE and Binary Attachments with MTOM . . . . . . . . . . . . . . . . . . . . . 266 Web Services and Transactions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 267 Scaling Web Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 270
Caching Web Services Results and Other Performance
Tips and Issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 270 .NET Remoting vs. Web Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . 272 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 275CHAPTER 7
. . . . . . . . . . . . . . . . . . . . . . 277
Service Oriented Architecture (SOA)
■ Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 277 What Is a Service? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 278
What Is This Thing Called SOA? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 279 Why Use SOA? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 279 Services and SOA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 280 The Four Tenets of Don Box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 280
Sprott and Wilkes SOA Characteristics . . . . . . . . . . . . . . . . . . . . . . . . 282 Sundblad and Sundblad . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 282 Four Types of Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 285 Architecture of a Service . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 286 Entity Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 287 Presentation Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 289
Transactions in SOA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 290 Summary So Far . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 292 Component-Based Application Design vs. Service Design . . . . . . . . . . . . 292 Scalability Issues in an SOA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 301 Other Issues to Consider . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 301 Windows Communication Foundation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 302
What Is Windows Communication Foundation? . . . . . . . . . . . . . . . . 303 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 305 ■
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 307
Internet Information Services 5.0 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 307 Architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 307 Performance and Scalability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 315 Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 321
Internet Information Services 6.0 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 325 Architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 325 Performance and Scalability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 330 Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 331
Integrating ASP.NET with IIS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 338 ASP.NET 2.0 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 341 Performance Monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 342 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 343
■
. . . . . . . . . . . . . . . . . . . . . 345
Three Storage Technologies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 346 Storage Area Networks (SANs) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 346 Network-Attached Storage (NAS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . 347 Direct-Attached Storage (DAS) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 347 Logical Design . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 348 Choosing Your Storage Solution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 350
Introduction to SQL Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 353 SQL Server Editions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 354 SQL Server 2000 Architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 359 SQL Server 2005 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 387
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 389 ■
C O N T E N T S xii
CHAPTER 8 Internet Information Services
CHAPTER 9 Data Storage Design and SQL Server
xiii C O N T E N T S
■
■ Application Assumptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 391 Application Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 392
CHAPTER 10 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 391 An Example Application
How the Application Will Work . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 392 UML Modeling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 393 Activity Diagrams . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 393 Actors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 396 Use Cases . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 396 Sequence Diagrams . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 397 Class Diagrams . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 400 Designing the Database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 403 Object Role Modeling (ORM) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 404 The Logical Database Design . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 406 The Physical Database Design . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 408 Indexing the Database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 408
Choosing the Application Platform . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 409 The Chosen Platform . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 410 The Test Environment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 411 Web Server Clusters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 412
What We Did to Secure and Tune Our System . . . . . . . . . . . . . . . . . 412 Application Layer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 426 Database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 427 The Implementation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 428
Checking That All Requirements Are Covered . . . . . . . . . . . . . . . . . . 429 Creating the Enterprise Template for Our Application . . . . . . . . . . . 430 Setting References and Dependencies Between Different Layers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 432 Adding Code to Support Enterprise Services . . . . . . . . . . . . . . . . . . 436
Implementing the Data Factory Class and the Typed
Datasets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 440 Implementing Specific Data Classes for SQL Server . . . . . . . . . . . . 447 Implementing the MSMQ Functionality . . . . . . . . . . . . . . . . . . . . . . . 451 Enabling Our Facades for Web Service Access . . . . . . . . . . . . . . . . . 455 Enabling Security in Our Application . . . . . . . . . . . . . . . . . . . . . . . . . . 458 Changing the Layers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 463 Testing the Application . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 466 Deploying the Application . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 468
Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 472
xiv C O N T E N T S ■
APPENDIX A . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 473
Test Equipment At Dell
■ APPENDIX B . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 475
Coding Conventions
■ Comments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 475 Naming . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 478
Class Naming Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 478 Interface Naming Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 478 Enumeration Naming Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 479 Read-Only and Const Field Names . . . . . . . . . . . . . . . . . . . . . . . . . . . 479 Parameter Names . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 479 Method Naming Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 480 Property Naming Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 480 Event Naming Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 480 Variables Naming Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 481 Database Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 482
Error Handling and Exceptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 483 Structured Exception Handling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 484 Error Raising and Handling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 484 Miscellaneous . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 487
INDEX . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 489 ■ cafac74dd2d083cbec0906b66fcd56b1 Foreword
here’s no doubt in my mind that the two authors of this book, Joachim Rossberg and
T
Rickard Redler, share a wealth of knowledge about the options Microsoft offers enterprises willing to create applications on the .NET platform. In this book, they share that wealth of knowledge with the rest of us.
The greatest value from this book probably comes from the higher priorities given to the breadth than to the depth of the book’s different subjects. Its perspective is that of the strategic architect rather than that of the programmer. This is also the expressed purpose of its authors; in the book’s introduction, they clearly state that the book is focused on design rather than diving deep into specifics.
True to this statement, the content of the book spans a wide collection of subjects, includ- ing technologies as disparate as content management, Unified Modeling Language (UML), Object Role Modeling (ORM), Windows Operating System versions, Network Load Balancing (NLB), Microsoft Cluster Service (MSCS), Internet Information Services (IIS), and SQL Server.
Having said that, I must also mention that some of the book’s chapters do in fact include surprising levels of detail. This is especially true in Chapter 4, which covers architecture, scalabil- ity, availability, and the security of the Windows Server family, and in Chapter 7, which is about Internet Information Services.
In their discussion of the enterprise application architecture in Chapter 5, the authors show that they are with the times; one of their sources of inspiration for this chapter is Microsoft’s ref- erence architecture for applications and services, which was published in December 2002. This chapter presents a condensed overview of the design patterns first presented by Eric Gamma et al., otherwise known as the Gang of Four. It also contains an overview of the typical application layers that together form an enterprise application, and some useful coding conventions. Mainly, though, the chapter gives an overview of the different technologies that Microsoft has made available to an architect designing such an application, and the pros and cons of each of these technologies. It’s worth noticing that even a subject such as content management gets fair cov- erage in this chapter.
It goes without saying that web services have a prominent place in the book, having its own chapter (Chapter 6). This is one of the most information-filled chapters, including several code examples. It covers not only basic XML web services, but also SOAP extensions and some of the Web Services Enhancements that are being standardized.
Scalability and performance are all-pervading themes throughout the book. Each time the authors present a product or a technology, they also include a section about how it can affect the performance and scalability of the application being architected. The book is full of recom- mendations on which powerful hardware to use under different circumstances and how best to configure your system. For example, Chapter 7 gives advice on which performance counters to monitor on your Web server and which kinds of values you should expect and strive for.
xv
xvi F O R E W O R D ■
This book should be especially valuable for those architects, designers, and developers who are new to enterprise development in Microsoft environments; this includes both those used to designing and building smaller-sized applications for Microsoft Windows and those used to designing and building enterprise-class applications in other environments such as J2EE. It should also be a fine book for university classes, because it gives students such a good overview of the technologies many of them will live with once they’re out of the university. Joachim and Rickard have all the reason in the world to be proud of what they have achieved with this book.
Sten Sundblad
Microsoft MSDN Regional Director (RD) About the Authors JOACHIM ROSSBERG was born in 1967, the year of the Summer of Love.
■
He grew up in the southeast part of Sweden just outside the small town of Kalmar.
After school he worked for ten years as an assistant air traffic con- troller in Halmstad on the Swedish west coast. There he also met his wife, Karin. The urge to learn more grew stronger, and after some years he started studying psychology. This led to studies at the University of Gothenburg, where he finished his bachelor’s degree in psychology in 1998. During this time, his interest in computers began, and he switched to studying informatics instead. After graduating from university in 1998, he began working in the IT business as a con- sultant at one of the world’s six largest IT consultancies. After some years there, rewarding him with great experiences, he decided to try a smaller company, and is now employed at Know IT Consulting in Gothenburg. Joachim has during these years been working as a system developer, system designer, project manager, and infrastructure designer. Nowadays he mainly focuses on project management, but still keeps his technical interest alive. He has also, along with Rickard, been a driver for the Microsoft competence network at Cap Gemini Ernst & Young. Although he is Microsoft focused—as evidenced by his MCSE, MCSA, MCSD, and MCDBA certifications—he also works with other techniques and vendors.
Joachim has also had a company on the side called O.R. Education and Development. This company offered trainings, conferences, and courses in computer-related areas. Nowadays these are performed under the flag of Know IT Consulting.
Joachim and Karin live in Gothenburg with their two cats. In his spare time, he likes to read (anything non-technical), listen to music, and watch movies (he used to work at two cinemas in Kalmar in his youth). He also spends a lot of time at the gym, running, or inline skating.
was born in 1973 in town of Örebro located in the
■
middle of Sweden. Early in his life, Rickard discovered the abstract world of computers when the Sinclair machine and the Commodore 20/64 were born. From that time on, computers were a part of his life.
During his studies at the University of Örebro, he found that the courses at the university didn’t give him the practical experience nec- essary to be a good programmer. He therefore decided to run his own company to get real-life experience—and also to make some money. Although his company did quite well, in 1997 Rickard decided to become an employee of Cap Gemini Ernst & Young in Örebro. Early on, Rickard was involved in the competence network at Cap Gemini
Ernst & Young, and when he and his wife, Jenny, later moved to Gothenburg, Rickard, along
xvii
xviii A B O U T T H E A U T H O R S ■
with Joachim, became a driver for the Microsoft competence network at Cap Gemini Ernst & Young in Gothenburg. Even though Rickard is a Certified Java Developer, these days he is working more and more with Microsoft technologies, and also holds MCP and MCSD certifica- tions both in Windows DNA and the .NET platform. Nowadays Rickard is working for Know IT Consulting in Gothenburg as architect and developer.
When Rickard has spare time outside of work, he likes to spend it with his wife and their daughter Leah. He also likes to play his guitar and sing Eric Clapton songs. About the Technical Reviewer JASON LEFEBVRE is Vice President and one of the founding partners of Intensity Software, Inc.
■
Intensity Software (http://www.intensitysoftware.com) specializes in creating boxed products that migrate legacy mainframe applications directly to ASP.NET, with source code intact. Jason uses Visual Studio and the Microsoft .NET framework daily while architecting solutions for Intensity's consulting services clients. He is also one of the developers who created the original
IBuySpy Store demo application and its NetCOBOL for .NET translation. Jason has been a par- ticipating author in a number of books and has written numerous articles on topics related to Microsoft .NET.
xix
Acknowledgments There are a lot of people who helped us in writing this book.
Previous Edition
First of all, we would like to thank Phil Pledger, our previous edition technical reviewer, for coming up with great ideas and opinions. Phil’s comments and suggestions improved the overall quality of the book. Then we would like to thank our Swedish language reviewer for the previous edition, Johan Theorin, for making us look more fluent in the English language than we really are.
Sten Sundblad at Sundblad and Sundblad (formerly ADB Arkitektur) provided good sug- gestions for the book. Sten and Per Sundblad’s book Designing for Scalability Using Windows
DNA and Design Patterns for Scalable Microsoft .NET Applications are always sources of inspi- ration and knowledge
Erik Quist, formerly at Sundblad and Sundblad, was helpful with answering questions we had. We would also like to thank Dell Sweden for letting us use its test lab. This provided us with access to hardware we otherwise could not have gotten our hands on. Thomas Melzer and Marko Rähmö have been of great help.
Thanks to VMware Corporation for providing software so we could test our solutions without ruining ourselves financially with hardware purchases. Allan Knudsen at Microsoft Sweden helped in providing great documents about Windows Server 2003.
Wolfram Meyer, also at Microsoft Sweden, came up with great input for choosing between web services and .NET Remoting. We also want to thank all at Apress who helped with the previous edition of the book, especially Ewan Buckingham, Tracy Brown Collins, Laura Cheu, and Ami Knox.
This Edition
We would like to thank the technical reviewer for this edition, Jason Lefebvre. Thanks for new input and great suggestions.
Thanks also to Dennis Johansson at Know IT Consulting in Gothenburg. You gave valuable input on the SOA chapter. Michael Åhs. Thanks for feedback on the SOA chapter. We also want to thank all at Apress who helped with this book, especially Beckie Stones, Ewan Buckingham, Lori Bring, and Julie Smith. A special thanks to Gary Cornell at Apress for giving us the opportunity to write both of these editions. Joachim would like to thank Karin, Opus, and Gaston for their support and for accepting all the hours he spent in front of the computer. Rickard would like to thank his wife, Jenny, for supporting him through all the work on the book. Without your help we could not have done it. Thanks a lot!
xxi cafac74dd2d083cbec0906b66fcd56b1
Introduction
e feel that many designers and architects lack an understanding of how to use Microsoft
W
technology to build and implement large enterprise solutions. Far too often we have found architects shivering at the thought of building mission-critical systems based on this technol- ogy—not because they have tried and failed in their attempts, but because they simply do not have a good awareness of what tools are available. We want to change this.
The idea for this book came up in 2002. We first thought about writing this as an internal document at Cap Gemini Ernst & Young. When doing research on the market, we discovered that very few books focused on the IT architect and system designer. Most books were directed toward the developer, and we wanted a book for a broader audience. Because we think many
IT architects lack a thorough understanding of what they can actually achieve on a Microsoft platform, we decided that we should extend the intended audience of our document outside Cap Gemini Ernst & Young and try publishing it as a book. Apress has always published great books, so we turned to them first. Gary Cornell became interested, and this book is the result.
Who Should Read This Book
The target audience is primarily designers and IT architects, but we try to cover topics we feel are valuable for developers to have knowledge about as well. First, let us define these three categories. Different companies may have different definitions for these terms, so to avoid confusion we will specify what we mean here.
Architects
An architect is a person who, together with the customer (or the decision maker), retrieves the requirements and the data flow for an application or solution. The architect also defines the servers, function blocks, and so on that are needed to make the application work. An architect works with the management of the company to find out how the application should be designed at a high level. He or she also determines the need for integration with other systems.