. NET Development platform Research (a

. NET Development Platform Research



Summarize:

. The release of the net development platform marks the first major shift in the Microsoft development Platform over the past decade. This development platform includes a new software infrastructure for loading and running applications (. NET framework and ASP.net), a new development environment (Visual Studio. NET), and the programming language that supports the architecture.

Microsoft hopes that with the launch of the new platform, comments will no longer be used as a hazy software, and developers will find that the platform makes it easier to develop Web applications, especially Web Service, on Windows. This may allow more developers to embrace the company's operating system and server offerings and draw them from the competition with the Java platform.

Microsoft's clients can use the platform as a more reliable, secure, and unified standard for their applications, while Microsoft's partners can strengthen their ties to the company by helping to create early victories for the platform. However, both customers and partners should be aware that the new platform requires them to have a fundamental grasp of the new application programming interfaces and programming languages, and that it can lock them on to Microsoft's operating system and server products.



1. Introduction to Nouns:

Microsoft released it. NET development platform, which is the first major upgrade of the Microsoft software Development platform since July 1993 with the advent of the Win32 API of Windows NT3.0. WIN32 provides more powerful APIs than Win16, but does not make dramatic changes to tools and technologies. The difference is that. NET development platform has made fundamental changes in the tools and technologies that developers use to create applications.

. NET development platform makes it easier for developers to create Web applications that run on the Internet Information Server (IIS) Web server, and makes it easier to create stable, reliable, and secure Windows desktop applications. NET development platform includes the following content:

·. NET Framework (Schema), including: Common Language Runtime (CLR), a software component for running and loading applications, and a new class library that organizes developers to display graphical user interfaces in their applications , access to databases and files, and code sets that communicate on the web.

·. NET developer tools, including: Visual Studio. NET Integrated Development Environment (IDE) (Visual Studio. NET integrated development environment for developing and testing applications;. NET programming languages such as visual Basic. NET and new Visual C # to create an application that runs under the CLR and uses the class library.

· ASP. NET, a special class library that replaces the previous active Server Pages (ASP) to create dynamic Web content and Web server applications that will take the use of HTML, XML, and simple Object Access Protocol (SOAP) (Simple Object Access Protocol) and other Internet protocols and data formats.

(For an overview of the platform components, see.) NET development platform "sketch. ）





2. Why does Microsoft need a new development platform?

Microsoft hopes to use the platform to retain the foundation of its vast windows developers, which may turn to other platforms due to the commitment of Java to developers of hardware and operating system (OSs) independence. Developers themselves do not give Microsoft (or any other company) a lot of revenue. However, Windows programmers are a great support for Microsoft products within the company, such as Windows itself, and developers of commercial software form an important channel for selling Microsoft products to their customers. If Microsoft can let developers in the new. NET development platform, more companies are buying Windows Server and. NET Enterprise server (. NET Enterprise Servers), including SQL Sever, Exchange, Share Point, Commerce server, BizTalk, and more.

Microsoft is particularly thrust. NET development platform for developing a new type of application: Web Services, or server applications that Exchange XML-formatted data with other applications on the Web. (For a general overview of Web services, see Web Services: What and why?) Microsoft believes that Web services (for which the company has registered a trademark named "XML Web Services") is a low-cost and efficient way for companies to integrate existing, orphaned applications into larger business (and business-to-business) systems. Microsoft wants Web services to be a "must-have" application type that attracts programmers to develop new platforms and products, just as desktop applications with graphical user interfaces attract programmers to develop on earlier versions of Windows. Microsoft itself also plans to use the platform to develop its own public web Services (called. NET my Services), which will provide data storage and other functionality to customers on the Internet.



. NET development Platform



. NET development platform is a set of software components for building Web server applications and Windows desktop applications, and applications created with this platform run under the control of the common Language Runtime (CLR) (Common language runtime) (underlying). The CLR is a software engine that loads applications, confirms that they can be executed without errors, performs the appropriate security license validation, executes the application, and then clears them after the run is complete. The class library set provides code that enables applications to read and write XML data, communicate over the Internet, Access databases, and so on. All class libraries are built on a base class library that provides the ability to manage the most frequently used data types, such as numeric or text strings, and low-level features such as file input/output.

Web server applications typically rely on ASP.net, a server-side library that handles Web requests. Asp. NET also relies on a Web services library for sending and receiving soap information, and a Web user interface (UI), sometimes called a Web form, that is used to receive user input in a browser and dynamically generate a Web page to respond to it. Windows desktop applications can display a graphical UI by using a win form library (also known as a Windows Form).

Finally, Visual Studio. NET provides a graphical integrated Development ewironment (IDE) (Integrated development environment) for creating applications on this platform. Programmers can use one or more. NET programming language to write their code, such as Microsoft's own visual Basic. NET (vb.net), Visual C + +, Visual C #, and Jscrjpt. NET and so on. A lot of other. NET programming languages can be obtained from third-party vendors.







The. NET Framework Core:

All in. NET development platform, the application run requires two core blocks to run:

Common Language Runtime (CLR) (Common language Runtime), a software engine that loads applications, confirms that they can run without errors, performs appropriate security license validation, executes applications, and then clears them when they are finished.

The. NET Framework class Library provides programmers with software components that you need to write code that runs under the control of the CLR. They provide a huge set of features-from file systems to network access to XML functionality-with a single, ordered hierarchical organization.

Web server applications can also use ASP. NET, which will be explained in detail. Desktop applications do not require ASP. NET.



The CLR has two main goals:

• Improve application stability and security

• Reduce the capacity of the lengthy and error-prone low-level code that application developers must write

These two goals are similar to the problems that vendors such as Sun and IBM are trying to solve with UNIX and host Java platforms. To solve these problems on Windows, the CLR has made fundamental changes to the programming model for loading and executing applications.









3. Web Services: What Is and why

WEB Services is a software component that encodes messages in XML format and passes messages through standard Internet protocols such as hypertext Transfer Prorocol ( HTTP) (Hyper-Text Transfer Protocol) is sent out to communicate with other applications. A Web service resembles a Web site that does not have a user interface to provide services to applications rather than to users. Instead of getting a request from the browser and returning the appropriate Web page, Web services receives an XML-formatted request message from the application, executes the task, and then returns an XML-formatted response message to the application.

IBM and Microsoft have consistently advocated the use of SOAP as a message standard for Web services. A SOAP message, like a letter, consists of an XML-formatted "envelope" and a "body" containing message data that contains a header and a series of delivery options (such as encrypted information) that indicate the recipient address of the message.

(Microsoft prefers to call this programming model "XML WEB Services"-Using "XML" to emphasize its openness.) -but this model, based on a set of World Wide Web Consortium protocol standards, is traditionally simply called "Web Services" by the industry. ）

Other vendors, such as Microsoft and IBM, advocate the use of Web services as a programming model for communicating with interconnect applications on the Internet. These companies believe that interconnected applications over the Internet will enhance the business capabilities of working with their cooperating suppliers and customers. By creating a Web services layer at the top of an existing corporate application, organizations can allow external systems to invoke the functionality of an application over the Internet (or enterprise intranet) without having to modify the application itself. For example, several companies are creating web Services to act as the front end of an order-entry application that resides within the host, allowing the customer's ordering system to submit orders over the Internet. It is important to place Web services at the top of an existing application as a way to reduce the cost of it consolidation that accompanies the consolidation and acquisition of a company, as an application that is independently developed by various departments within the company.

Microsoft also wants to use Web services to enter the service provider domain and provide the necessary services to paying customers over the Internet. The planned services are primarily. NET my services, a set of data storage Web Services managed by Microsoft, including personal information entered by a single user, such as credit card numbers and calendar arrangements. Desktop and Web server applications, if granted the user's permission, will retrieve information from the databases on the Internet through the Web services protocol.





4. How does the CLR work?

An application is entered into the CLR as a file or set of files called a compilation. This assembler is a Microsoft intermediate LANGUAGL (MSIL) code that the CLR translates into executable native code. Because of the control of application translations from MSIL to native code, the CLR can manage the execution of applications and prevent problems from occurring, so there is the term to control the code.

In addition to MSIL code, the assembly contains metadata detailing the various related data types required for the proper execution of the MSIL code. Finally, the compilation also includes a list-a document that lists all the files and software components in the assembly, which also indicates where the CLR can find other compilations that have the components required for the application to run.

To load an application, the CLR uses the compiled manifest to determine the correct version of the assembly required by the application. The CLR then examines the entire assembly of the application-that is, the MSIL code itself and the metadata that describes it-thus confirming that the code is "type safe"-Indicates that it performs only the proper operation of the appropriate data type (that is, it does not allow the developer to use an integer as a function pointer), And it accesses only the memory locations that are authorized to be accessible.

The CLR then loads the MSIL in the application's assembly, and in this process collects "evidence" about the assembly, for example:

• Where it is downloaded or installed

• What functions it needs to perform (that is, whether it needs to write a file or send an e-mail)

• What user is trying to run it

· Whether the assembly has a digital signature from a trusted developer, and whether the Assembly has changed since it was digitally signed.



Execute control Code

The Common Language Runtime (CLR) (Common language Runtime) component (shown in gray) loads and runs the application.

(1) class Loader (ClassLoader) loads the assembly of an application into memory. The assembly includes the Microsoft intermediate Language[msil] code, metadata describing software components in the application's assembler, and components required by other applications.

Next, Class loader uses the metadata of the application assembly to attempt to load the support assembler for the components required by any application. For example, it might load a compilation of graphical user interface (GUI) controls that are required for a desktop application. Class Loader uses versioning polily (version policy) (specified by the application's developer or system administrator) to determine which version of the assembly it supports to load. For example, a versioning policy may require that only a specific version of the GUI component be used, even if more recent versions are available. This eliminates the issue of component versioning, which has been widely used in Windows applications in the past.

(2) Once the application and the supported assembly have been loaded, the verifier has to check its contents to ensure that it is type-safe (type-safe) and to determine the appropriate security permissions for the application. This is the first step in strengthening the security process.

(3) The native compiler converts MSIL to native code that can be controlled. This is a processor-related code that knows how to interact with a service provided by the CLR, such as defragmentation (declaring that memory is no longer used by the application) or the CLR security system (which will enhance the application's security license).



This evidence constitutes a security element in the. NET framework that enables the CLR to determine whether to run an application and what permissions are required at run time.

Next, the CLR translates the MSIL code into native code that the processor can execute. (Microsoft calls this "controllable native code" to differentiate it from "uncontrollable native code", which is written in an older language like C + + and the CLR has no control over it.) A capability called Just-in-time (JIT) compilation allows the CLR to delay the translation process until it is really needed, thus preventing the CLR from translating infrequently used code. (For a graphical description of this process, see the "Execute controllable code" schematic.) ）

Finally, the CLR monitors the operation of the translated code and periodically empties the memory freed by the application (using a process called "defragmentation").



The benefits of the CLR:

The CLR enhances application reliability through the following methods:



It reduces conflicts between different versions of components. The CLR can help avoid problems when installing conflicting software components on a single machine--now Windows applications may fail if they attempt to load an incorrect version component. When a CRL loads an application, it uses metadata and an assembly manifest to ensure that it loads the correct version of all components. For example, if an application needs to access a database, the CLR uses the information in the manifest to find and load the correct data access component. The system also allows multiple versions of components to be installed in parallel.

It reduces the number of bugs and vulnerabilities that are caused by common programming errors. The CLR monitors the code to make sure it doesn't have normal programming errors. These errors can cause programs to perform improper functions, such as attempting to use an integer as a function pointer, forcibly storing numeric data to a location assigned to text data, or overwriting code (due to a buffer overflow) when loading data. Reducing bugs from these common programming errors means that applications not only run more reliably, but also have fewer vulnerabilities and vulnerabilities for attackers.

Enhanced security can make malicious code more difficult to run. Because the CLR understands the identity and source of the code for each application, it can determine whether an application is allowed to perform certain tasks (such as reading or writing to local storage or sending e-mail). This adds another layer of protection to the current security model, where the application runs in the security context of the user account that is running it (for example, all applications on the administrator's machine are running with administrator-level permissions).

Less memory leaks. If memory and components are allocated to an application but are not released, this can cause the system to run out of memory, either to impact the system or to reboot and free memory. Memory management and defragmentation of the CLR can significantly reduce the likelihood of this problem occurring.

The Assembly function (plumbing functions) reduces bugs and also saves developers time. Finally, the CLR provides a number of low-level, or assembly functions related to memory and object management, data grouping, and thread (thread). This not only creates better reliability by reducing the likelihood of bugs, but it also allows programmers to focus on "industry" code for their particular applications without having to implement standard Windows functions again.



Transition from Windows

Finally, one of the most important functions that the CLR performs is to mediate between controllable code and uncontrollable code (that is, traditional Windows code that is run away from the CLR). Specifically, it allows developers to bring new. NET code is combined with existing Windows libraries and COM components and gradually migrates an application from the old platform to the new platform. (See the "Mixed controllable and uncontrollable code" diagram).

However, it should be noted that uncontrolled code runs out of the control of the CLR, so it is possible to impact the application, leak memory, or open a security vulnerability through a buffer overflow. One. NET application is just as strong as its weakest link-its uncontrollable code.

Class Library Unified Windows API