1) Mobile apps need data services to function but hosting your own services is difficult to scale as user bases grow rapidly. The cloud addresses this by allowing services to scale easily on a pay-as-you-go model.
2) Azure makes it simple to build and host mobile backend services using familiar web technologies like ASP.NET, WCF, and SQL. This avoids the complexity and costs of managing your own server infrastructure.
3) Securing mobile apps and services is important. Azure Access Control Service (ACS) allows apps to authenticate users via common identity providers like LiveID, Google, Facebook without having to integrate directly with each provider.
10. Application types
Native look & feel -- -- ++
Camera Access -- +- ++
GPS ++ ++ ++
Secure service communication JSON/REST JSON/REST JSON/SOAP
Access to calendar -- -- ++
Twitter integration +- +- +
Distribution ++ AppStore presence AppStore presence
11. All apps have one thing in common
They need data!
Where do you get it from and where do you
store it?
– From the device and only on the device?
• Perhaps 1% of the cases
– 99% of the apps build need some way to connect
to backend services
12. This imposes an important question
Where does your data live
How can I connect to the data
– In your corporate network?
– Using corporate identity?
– Using a VPN?
Almost all classic solutions to today’s business
apps don’t apply to mobile
– I connect from anywhere
13. How do you cope with success?
So you create an app to draw a doodle and let
other guess what it is, big deal right?
– Where do you store the drawing
– Where do you manage sessions
– Where do you keep user scores
– ….
So you need a backend with services
14. But how many users will you have?
Mom and Dad for sure, perhaps your brother,
sister and their friends, nothing to get excited
about
– So where would you host your services?
– Some old Linux server in your basement?
What if I prepare for success
– Need to buy a server farm, big upfront expenses
15. Now imagine success
9 Years it took for AOL to hit 1 million users
9 Months it took for Facebook to reach 1 million users
9 Days it took for Draw Something to reach 1 million
users
– 37 million
Total downloads of the app
– 3 billion
Total drawings users have created since the game was
released seven weeks ago
– 2,000
Drawings created every second
18. Cloud implications on architecture
Cloud introduces a new phenomenon
– Pay as you go cost model
This can have major implications on your architecture
– Which cloud specific features do I use
Hard questions
– Pay based on I/O or Compute cycles
• How many I/O’s to storage of my service?
• Algorithms can make a difference!
– How much data am I going to store
• Price differences based on storage models
19. Windows Azure as your backend
Very easy to leverage the pay as you go model
Leverage all the knowledge you already have
– Building web application
– Build Soap Services
– Building Rest Services
Just publish to azure and you are done
20. Azure programming model
Important is that we can scale out our
application
– A.k.a. stateless services
Azure load balances virtual machines for you
– Nodes are not sticky!
21. Data communication with mobile
Be aware that your data transfer can incur
costs for the device owner
– Metered networks
Be aware of latency
– Good for 1 call get much data
– Bad for do many small calls with little data
22. What protocol to use?
• SOAP
– Most convenient in terms of programming and productivity
– Proxy generation based on wsdl
– Simple an familiar model
• JSON
– Better in terms of bandwidth usage
– Harder in terms of productivity
• Need to hand code the proxy
• OData
– Bandwidth wise almost similar to SOAP, since it uses Atom XML as carrier
– Same productivity issues as JSON
– Better for the universal client like Excel, not mobile
23. Your RAD services options today
ASP.NET Web API
– XML/JSON/OData/…
WCF Data Services
– JSON/OData
WCF RIA Services
– JSON/OData/SOAP
All share a common programming model, just
different origin
All part of .NET FW and there to stay
26. Securing your service using ACS
All services technology can leverage security
from ASP.NET
But do we want to maintain yet another
membership database with user information?
– Another user name and password to maintain for
the end user
– So 2005
Can’t we outsource identity management?
27. Introducing Azure ACS
• Let’s use the same identity most users already have
– Live ID, Google ID, Facebook, Yahoo, etc.
• Don’t want to write integration with each one of these
services yourselves
• Azure Access Control Service (ACS) does this for you
– You integrate with ACS and ACS will handle integration
with other parties
– Can add any WS-Federation compliant STS like a corporate
ADFS
28. ACS terminology
• STS
– Security Token Provider
– Any party that can issue an authentication token
• Identity provider
– Party that maintains the user identity, this is Windows Live, Google, Yahoo, Etc.
• Relying Party
– This is the party relying on another identity provider to hand over a set of claims about who
that identity is
• Windows live -> Unique id
• Google -> Email Address
• …
• In our case we use ACS as our identity provider, who will delegate that to another
IP
– So IP token we get is always coming from ACS and we don’t need to worry about all other
parties
30. Overview authentication steps
Identity Realm Your
Phone App ACS
Provider page Service
GetIdentityProviders()
Request to login page Login Depending on ACS
config for SWT or
IDP Token SAML you get a
header or a cookie
Map claims
ACS Token
Cookie
(containing ACS
token)
Request (with cookie)
31. Intercepting the cookie from login
Used the Azure phone toolkit, to use the standard
login control
Extend it to work with cookies
– Add a default.aspx page to your site that can return
the cookie as text
– Catch that from the page by enabling the web
browser control to accept JavaScript notify calls
– In default.aspx page, you add script notify call to hand
over the cookie data
All subsequent SOAP calls use the cookie
32. Intercepting the cookie
Get IDP’s ACS
JSON set of IDP’s
Browse to IDP
IDP
(e.g. windows Live)
Redirect to ACS + token
Redirect to ACS + token
ACS
Redirect to return URL
Return cookie + SAML token cookie
using script
invoke Go to login page
My Site
33. Changing the client to use SWT
When using rest, you can add a custom header to
your request
string headerValue = string.Format("WRAP access_token="{0}"", token);
client.Headers.Add("Authorization", headerValue);
When using WCF & SOAP, you need to add a custom
header to the request
using (var ctx = new OperationContextScope(proxy.InnerChannel))
{
HttpRequestMessageProperty httpRequestProperty = new
HttpRequestMessageProperty();
httpRequestProperty.Headers[HttpRequestHeader.Authorization] =
String.Format("WRAP access_token="{0}"",
token);
OperationContext.Current.OutgoingMessageProperties[HttpRequestMessageProperty.Name]
= httpRequestProperty;
}
34. Changing the client to use SAML
You need to add a cookie to each service request, for JSON:
CookieCollection coll =
App.AuthenticationCookieContainer;
WebClient webrequest = new WebClient();
String cookiestring ="" ;
foreach (Cookie cookie in coll){
if (count++ > 0){cookiestring += "; ";}
cookiestring += cookie.Name + "=" + cookie.Value;
}
webrequest.Headers[HttpRequestHeader.Cookie] =
cookiestring;
For SOAP using WCF stack
EventsServices.EventsDomainServicesoapClient proxy = new
EventsServices.EventsDomainServicesoapClient();
proxy.CookieContainer =
App.AuthenticationCookieContainer;
37. Summary
Mobile trend is just taking off
Mobile is nowhere without services
Deliver services at the scale of success with the cloud
New user interface concepts will influence the way we
build apps
Each form factor requires unique interface
Cloud is there to support our massive computing demand
Pay as you go model
– Game changer for new business models!
Cloud services can ease your development headache
38. Thank you! Dennis Marcel
Vroegop de Vries
DotNed Regional Director
@dvroegop @marcelv
Next session:
20:30
Lenni Occasionally Connected Systems with Windows Azure
Lobel and Windows Phone
Sleek Technologies
@lennilobel