Windows Azure AppFabric Cloud Middleware parsing

Source: Internet
Author: User
Keywords caching application access control providing
Tags access access control address application application services applications authentication based

Running applications on the cloud is an important service in cloud computing, but this is only one aspect. The Windows Azure platform also offers more cloud-based services that can be invoked on traditional proprietary applications or applications on cloud computing platforms. This is the goal of Windows Azure Platform AppFabric Service. When creating distributed applications, Windows Azure platform AppFabric Services can address pervasive infrastructure problems. Figure 1.11 Shows the core components: the service bus and the access Control service.


▲ Figure 1. The main features of Windows Azure AppFabric

An analysis of nouns:

Some readers may have heard the name of another product, which is Windows Server AppFabric. It is very similar to the Windows Azure platform Appfbric in functional positioning and is middleware-level, except that Windows Server AppFabric is for the Windows Server platform. Over time, we'll see two of appfabric have more and more similarities in functionality. Another point to note is that although the two appfabric mentioned here have fabric in the name of the aforementioned fabric controller, they are completely different components and are not directly related.

Service Bus

The service bus for Windows Azure platform AppFabric is conceptually similar to the Enterprise Service Bus (ESB) in traditional SOA, but it is different in scope and functionality. The service bus here is dedicated to the invocation of services on the Internet, not just within the enterprise. Deploying traditional application services to the Internet is much more difficult than most people think, and the goal of the service bus is to make it simpler. Both traditional proprietary applications and cloud applications can access each other's Web services through the service bus. The service bus assigns a fixed URI address to each service endpoint to help other applications locate and access.

In addition, the service bus can handle the challenges posed by network address translation (NAT) and enterprise firewalls. The service bus can expose the service of intranet to the Internet. Most enterprises have their own local area network, in order to solve the problem of insufficient IP address, usually set the network address translation, so each server does not have a certain address. At the same time, firewalls tend to limit most ports for security reasons. This makes it very difficult to access the services deployed in the intranet on the Internet.

The service bus was created to solve this problem. Service bus as a middleman, the user's service and the client that uses the service all communicate with it as the client of the service bus. Because the service bus does not have the problem of network address translation, the user's service and service client can easily communicate with it. In the simplest case, the service bus only needs the user's server to expose the outbound (outbound) service 80 or 443 ports, that is, only the user's server can access the Internet with the HTTPS protocol, the user's service can be connected to the service bus. Because the service access is initiated by the User Service to the service Bus outbound network connection, so its requirements on the firewall can be said to be quite low.

When a user's service is connected to the service bus, it can be registered as an Internet service. Although the service is hosted in the intranet, the bus service will assign a URI address on the Internet. At this time the service has been connected with the bus service, other applications only need to access this URI address, the service bus will be responsible for forwarding the request to the intranet services, and forwarding the service response to the client.

In essence, Windows Azure platform AppFabric provides an internet-based service bus that helps users connect different application services efficiently on the Internet. Developers and architects familiar with enterprise application architectures should be able to use bus capabilities more flexibly to build service-oriented Internet applications.

Access control Services (access controls Service,acs)

Authentication and authorization are the two most basic aspects of application security. Identity authentication is the basis of many distributed applications, then based on the user's identity information, the application system will determine the user's operational rights. The access control services provided in Windows Azure platform AppFabric provide developers with an authorization service to use in their applications, and developers can use this access control service to authenticate users of the application without having to write their own code to implement them. Access control services not only simplifies the use of existing enterprise internal identity authentication systems, but also makes it easy to use the popular identity authentication systems on the internet, such as Google, Windows Live, Yahoo, and Facebook.

After decades of evolution, identity-certified solutions are more based on declarative (Claim) approaches. The claims-based authentication model allows applications to deliver authentication and authorization to external services, where external services can centrally manage and maintain identity information and provide more professional identity management control services. The access Control service provided in Windows Azure platform AppFabric is a claims-based authentication model. With a claims-based authentication model, developers can perform multiple authentication and authorization through access control services. Through the access control configuration, enterprise clients can complete the authentication of the access control service through the login credentials provided by the Active Directory Federation server (ADFS v2). In this way, the cloud application based on access Control service can accept this authentication and realize the coexistence of multiple authentication modes.

Distributed caching

In the financial crisis, there is a popular phrase-"cash is king." In the computer field, if you want to improve performance there is also a popular saying-"Caching is king." We can see the use of various caching techniques at different computer levels. In the Windows Azure platform, in addition to the content distribution network (CDN) described earlier, Windows Azure platform AppFabric provides distributed caching capabilities in order to improve application performance. The caching service provides a distributed, memory-based caching capability for Windows Azure applications and provides access to the cached API library, as shown in Figure 1.12.


▲ Figure 1.12 Distributed cache signal

The caching service holds a local cache on each role instance of the application. If the local cache does not have the required data, it automatically accesses the shared cache provided by the cache service. As shown in Figure 1.12, the cached data is dispersed across multiple instances, and each instance holds different cached data. This caching is transparent to the application, that is, the application simply requests data, and the AppFabric caching feature automatically finds and returns data. Recently accessed data is not automatically cached, and applications need to specifically add data to the cache through APIs. For ASP.net applications running on Windows Azure, you can configure session data to be stored in a cached service, so that you can speed it up without modifying any code.

The local Windows Server AppFabric equivalent to Windows Azure AppFabric (Note: its first development project code-named Velocity) also has caching services, which are very similar. Unlike Windows Server AppFabric, Windows Azure AppFabric caching is a service that does not need to be specifically configured to administer the server, and its services are processed automatically. While the caching service is multi-tenant, each application that uses it has its own instance. Because applications must pass validation on an instance, other applications cannot access cached data that is not part of their own.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.