Easily Accessing Azure Cloud Services with AppFabric

Posted by Abel Avram on Nov 26, 2009

Sections

Operations & Infrastructure,

Enterprise Architecture,

Development,

Architecture & Design

Topics

Cloud Computing ,

Identity Management ,

.NET

Tags

Service Identification ,

Azure

Microsoft Windows Azure Platform AppFabric is a set of technologies helpful to connect on-premises applications with Azure cloud services and resources and eases interoperability between users belonging to different domains. The main components are the Service Bus and the Access Control Service.

The Service Bus (SB) is an intermediary between local applications and services and resources available in the cloud. SB takes care not only of creating secure communication channels through authorization and authentication, but it also serves as a single-connection point between local applications and cloud services letting the developer focus on his own job rather than getting access to the service he needs to consume. SB can connect cloud-based applications back to on-premises ones, including accessing on-premises databases or services.

The main features of the Service Bus are:

• Services discovered through a stable, internet-accessible URL, irrespective of location
• One-way messaging between sender and listener supports uni-cast and multicast datagram distribution
• Full-duplex connection-oriented sessions between sender and listener support bi-directional communication
• Full-duplex, connection-oriented peer-to-peer sessions with network-boundary traversal create direct end-to-end connectivity through NAT
• Multiple publishers and multiple subscribers can simultaneously use the service’s topic management and event distribution system
• Support of REST and HTTP Access from non-.NET platforms
• Global hierarchical namespaces that are DNS- and transport- independent
• Anonymous access to services is supported only if you permit it

SB resolves communication issues between an user, User A, and the Azure cloud. What if another user, User B, enters the equation? What if User B is using a different ID management system? How is he going to access User A’s services and resources? Do they need to establish a federated identity agreement so User B can use his ID credentials to access User A’s resources? This is where the Access Control Service (ACS) comes into play. ACS intermediates the connection between different user applications and their resources making it look like they belong to the same domain and offering control over which resources are accessible.

Main features of ACS are:

• Setup Issuer trust with a simple Web interface or programmatically through APIs
• Supports Active Directory and other identity infrastructures, with minimal coding
• Support for multiple credentials, including X.509 certificates
• Support for standard protocols including REST
• Applications that run inside and outside the organizational boundary can rely on the service
• Validate application and user request from data and connectivity services

The Service Bus and Access Control Service can be accessed from a large variety of platforms. SB and ACS can be used through Microsoft .NET Services SDK which works with VS 2008 and .NET Framework 3.5. There is also a .NET Services SDK for Java Developers, and another for Ruby Developers.

Windows Azure AppFabric should not be confused with Windows Server AppFabric, a technology for building and managing web service applications running inside IIS and including the technologies formerly known as Dublin and Velocity.

• Older >