Announcing Next Generation Business Intelligence Software with Silverlight
I have been excited about Silverlight since Silverlight 1.1 Alpha was announced in early 2007. I have seen tremendous potential in the RIA technology from its inception. Being through the .NET 1.0 release in 2002 and seeing how Microsoft can make a powerful framework that can integrate with across their products made me feel secure that Silverlight was going to get full integration support by Microsoft. Fast forward to 2009 and we are in the third release of Silverlight. Silverlight has evolved tremendously and has caught up feature-wise with Adobe's RIA products (Flash, Flex, AIR) and is ahead in some features. If you have been following this blog or my identity online, you are aware I am very passionate about the technology well beyond a Flash alternative. I think Silverlight often gets compared to other RIAs and does not properly distinguish its attributes that make it a great business RIA. Features like enterpise service integration (WCF, .NET RIA Services), HD Smooth Streaming, SharePoint (web parts), Bing SDK/Map integration, cloud computing (Azure), mobile, parallel computing, etc., are not amplified enough.
One of my complaints is that the message of what this technology can accomplish in a business environment is currently being under-represented by the online community and Microsoft. It is easy to find an article on how to do a flip animation or bind to a datagrid. However, I think Silverlight needs to be represented better as a busines tool and how the RIA architecture can be applied to solve real business problems. Take a look at the list of books available for Silverlight (http://www.silverlightshow.net/Books.aspx). Looking at the list, you will notice that a majority of the books are essentially intros to Silverlight features. Some of the books have different names, but essentially you are not getting an application of the technology to solve business scenarios. Don't get me wrong; some of the books I have read truly stand out (i.e., John Papa's Data Driven Services, SharePoint Dev using Silverlight, Jeff Paries's Foundation Silverlight Animation) and go well beyond listing object properties and show you how to apply advanced engineering concepts using Silverlight. However, I saw an opportunity to provide a resource that shows how Silverlight can be applied to solve business problems.
Over the last two years, I have had the opportunity to use Silverlight in the enterprise and saw its potential for delivering Business Intelligence (BI) solutions. Silverlight's ability to execute on the client and deliver visual intelligence makes it a fanastic option to surface interactive Business Intelligence analytical modules. I decided to combine my experience of designing Business Intelligence solutions and apply these principles to Silverlight in a new book. After about six months of work, I am pleased to announce my book Next Generation Business Intelligence Software with Silverlight 3. The book will be available in the October/November timeframe and is currently listed as a pre-order on Amazon, Barnes and Noble, etc.
What will you learn from investing in this resource?
Covering the entire scope of BI and applying these concepts to Silverlight applications is simply not realistic in one single resource. Even if I had the option of writing 750 pages or more, important facets of BI would be missed. Therefore, I decided to focus on the presentation tier of Business Intelligence applications. For example, I didn't think it was fair to focus on the data and services tier with these technologies going through a rapid implementation and tooling evolution (RIA Services, WCF REST, Oslo, ADO.NET Data Services 1.5, etc.). However, Silverlight's rendering and client processing engine is mature enough to warrant a guide on how to implement client-side BI concepts. Therefore, topics like visual intelligence, data visualizations, predictive analytics, collective intelligence, interactive tools, parallel computing, working with large data sets, etc., are covered in my book on the presentation tier.
Who is this book for?
This book has three intended audience segments and their goals:
- Silverlight Developers - Learn how to extend your Silverlight knowledge in real-world applications. Learn the basics of Business Intelligence 2.0.
- Business Intelligence Professionals - Get a better understanding of how Silverlight can help you overcome some of the challenges to implement simple BI tools.
- Strategic Decision Makers (architects, CIO, technical director, etc.) - Understand if Silverlight is the right platform to deliver BI software.
What is the chapter list?
- The first chapter (Business Intelligence 2.0 Defined) is an introductory chapter to Business Intelligence. This chapter will introduce BI and the new wave of BI 2.0. The content will show how Business Intelligence is evolving and embracing new software development advancements. This chapter will contrast classic BI and BI 2.0 by showing numerous examples of current software offerings. Lastly, this section will define the core items of BI 2.0 which will be implemented throughout this book using Silverlight.
- The second introductory chapter (Advantages of Applying BI 2.0 Using Microsoft Silverlight) introduces the Microsoft RIA technology: Silverlight. This chapter is dedicated to analyzing the current Microsoft Business Intelligence product vertical and providing opinions why Silverlight is a good fit for implementing Business Intelligence tenets. After reading this chapter, you will understand the key enterprise and business integration features of Silverlight that will be discussed in this resource.
- Chapter Three (Silverlight as a BI Client) looks at what makes an effective BI client. It goes on to specifically detail Silverlight tools and features that can be used to create a fantastic functioning analytical experience. The chapter goes into specific functionality such as LINQ data queries, business algorithm implementations and local storage.
- In Chapter Four (Adding Interactivity to BI Data), the information from the previous chapters is used to show how to use Silverlight to bring interactivity to BI applications. This chapter will teach by example on how to add simple interactions that can make a BI client easier to use and feel more fluid. It concludes with how these concepts can be leveraged for future designs with multi-touch screens to create the ultimate interactive experience.
- Chapter Five (Introduction to Data Visualizations) is the first chapter in a series of chapters about Visual Intelligence. The content in this chapter will show the empirical advantages of creating a visual representation of data versus classic tabular layouts. This chapter shows how visualizing data has matured and grown over the last several years. The concept of natural visualizations is introduced by defining the different characteristics and Silverlight implementations.
- Chapter Six (Creating Data Visualizations for Analysis) continues to build on the visual intelligence topic by showing how to enhance data visualizations with features to make turn them into analytical tools. This chapter will show you how to create advanced visualizations by extending the default Silverlight data visualization presentation.
- Chapter Seven (Enhancing Visual Intelligence in Silverlight) is the last chapter that focuses on creating complex composite data visualizations. You will also see how Silverlight as a professional visual intelligence environment can implement BI 2.0 functionality.
- Chapter Eight (Applying Collective Intelligence) introduces collective intelligence as a form of social Business Intelligence. This chapter defines the importance of Collective Intelligence on the web today. Furthermore, you will see how Silverlight can be used to gather and surface Collective Intelligence to users.
- Chapter Nine (Predictive Analytics) will describe how to integrate forward-looking data structures in our client logic to perform "what-if" scenarios. This chapter will also show how statistics used on aggregates can deliver instant insight on future events.
- Chapter Ten (Improving Performance with Concurrent Programming) is an advanced chapter that covers additional enhancements that can be gained by using multiple cores to aid in BI calculations. You will see how you can enhance the performance of BI modules by leveraging Silverlight’s advanced CPU and GPU programming features.
- Chapter Eleven (Integrating with Business Intelligence Systems) is a chapter that shows you how to apply the concepts that you have learned and integrate them into new solutions or existing BI systems. Silverlight in an SaaS delivery model as well as Silverlight web parts are covered in this chapter.
- Appendix A (Prototyping Applications with Dynamic Data) includes a short primer on prototyping data applications in Microsoft Expression Blend 3. This short section provides a quick overview on how to use Blend’s dynamic data feature to quickly create and add data to UI functionality without having to spend time architecting databases and services. This is a powerful tool to prototype BI 2.0 analytical modules without needing access to large-scale data repositories.
Companion Web Site
In addition to providing the source code and samples with this book, I have decided to create a companion web site for this resource. I don't think it would be fair for me to claim that this book can be fully understood by non-Silverlight developers if all that was provided was a zip file with source code. The companion web site will include all of coding scenarios as live demos which will allow readers without the full Silverlight development environment to fully understand the content. Furthermore, it will include the source code and samples that were not covered in detail in the book. I plan to use the companion web site as a vehicle to deliver further information on Business Intelligence and Silverlight in the form of web resource links, training videos, whitepapers and more advanced examples. I am currently working on the companion web site and it will be launched when the book is closer to being published.
If you are a Silverlight developer or interested in Business Intelligence, I encourage you to give my book a try to see how visual and interactive analytical tools can be delivered to average users with Silverlight.
Sample Content of What You Will See In This Book
Creating a Silverlight Predictive Analytics Tool to estimate future sales revenue
Optimizing Data Processing with Concurrent Programming (looks scary; it really isn't)
Learn about distributive client-side architecture for BI
Silverlight as an enterprise Visual Intelligence Environment (Trellis Data Visualization with KPI goals)
Don't worry if this is all alien to you...I will walk you through BI 2.0 fundementals as well...
Best WCF Book and WCF Resource - 2nd Edition
Update 12/5/2010: The 3rd edition of this book is out and it is pretty much the same as the 2nd edition. If you are interested in the Azure Service Bus, there is a new chapter. The new (3rd edition) book is still missing information for RESTful architectural design, so if you are looking for WCF REST look elsewhere.
- Intro
- Here Comes the 2nd Edition
- Where and What is the New Content
- Updated Syntax
- Visual Studio 2008 Capabilities
- WCF .NET 3.5 & .NET 3.5 SP1
- ServiceModelEx Library
- Where is the REST?
- So what is in it for the Silverlight Developer?
- Summary
Intro
I have over 50 books in my technical library (This includes ONLY active ones, after over a decade or so in IT. I have probably owned over 150 technical books and retired well over two-thirds of them). However, rarely is there a resource/book that comes out that I have referenced again and again (not even mentioning re-reading). A lot of these books I read mostly through. Some I even re-read or went back to parts. Very few of these books I considered a resource for a long time and went back to multiple times. The main reason is that with the advent of the internet, lots of books become outdated almost as soon as they are in print. A book has to be written really well and deliver insight that is hard to find elsewhere. This article is dedicated to my favorite WCF resource.
WCF is one of the harder technologies to master properly. It is an enterprise/business level technology that if you do not create these type of projects you will have very little exposure to the technology. Furthermore, the technology is very powerful and demands a deep understanding in order to implement properly. A lot of developers when looking to get started always look to Google to provide them with a good example from which to learn. WCF is one of those technologies where trying to learn from an example or an article on the web is the wrong approach. You could make that argument with every technology; however, when I started playing with Silverlight over a year ago or WPF, you can easily build on top of the knowledge you gain. However, WCF is an enterprise level SOA platform that has so many intricacies and gotchas that you need to know about. It makes trying to learn from a certain point (i.e., bindings, security, configuration) very hard. I fell into this trap as well when I first started playing with WCF a little back in 2006. I felt I was getting information in pieces and it was hard to grasp the overall concept or idea Microsoft was trying to convey with WCF.
How did I finally get my "aha" moment with WCF? Almost 2 years ago I bought Programming WCF Services by Juwal Lowy. This book is essentially an evolution of another great book by Juwal Programming .NET Components. (It is all about coding in C# and utilizing component based architecture for design). Out of all my technical books, this is one that I have consistantly read and referred back to multiple times. Programming WCF Services is one of those books that reads like an "advanced placement physics book"; it gives you all the details and under-the-cover information. However, having all the tools, you still need to think and implement the concepts yourself. I absolutely love this type of format because it focuses less on trying to build examples or "tell" you how to code. It covers most of the intricate topics with WCF (binding, configurations, security, reliable services, etc.) and allows you to make your own decisions on what is best for you.
Here Comes the 2nd Edition
Programming WCF Services was published on February 2007. Therefore, a large majority of the book was written in 2006. This is obviously before Visual Studio 2008, Silverlight, .NET 3.5, .NET 3.5 SP1, ADO.NET Data Services, LINQ, C# 3.0, etc., were all released. Since then many new concepts were added to WCF in .NET 3.5 as well. Furthermore, since 2006, the concept of REST-based services really picked up in adoption. Furthermore, there is an increase of frameworks and best practices that have been vetted in large scale SOA deployments. Juwal Lowy updated his great book with a 2nd Edition and it is updated with all sorts of new information. The 2nd edition was officially released just a few weeks ago in October 2008.
The 2nd edition of Programming WCF Services has been updated with a lot of great new .NET 3.5 sp1 techniques that have been released since the first publication of the book. I have both editions of the book. First, you can see that the book is a little thicker. Juwal mentioned the book was about 200 pages of extra content in an interview I heard over a month ago. I don't know if anything changed, but the book does not have 200 extra pages of content. The first edition of the book is 610 numbered pages. The 2nd edition of the book is 750 numbered pages. Obviously, doing the simple math, we now have an extra 140 pages.
You can see the 2nd Edition has noticably more content
140 pages more of WCF goodness
Where and What is the New Content
The book is organized the same way as the first edition of the book. The chapters and their sequence between the two editions is identical. Aside from several new additions to the Appendix, the overall structure of the book is the same. So where is the new content? The new content is well placed within the overall design of the book. This is a great decision because of how well the book is laid out. The book introduces the different parts that make up the WCF architecture very well and it enforces the concepts by adding to it. For example, this is perfectly demonstrated when the topic of WCF object serialization is dicussed. Juwal shows how you can do it using "traditional" .NET methods. However, DataContracts are quickly introduced as the preferred method of serialization. The concept of data contract serialization quickly becomes more complex with object inheritance, versioning, serializtion events and inferred contracts are introduced. As you can see, this is a real good way of building on a concept that might be new to even experienced developers.
Updated Syntax
As the concepts are introduced and built upon, Juwal introduces new C# 3.0 techniques, LINQ and lambda expressions into the various procedural code snippets and examples in the book. This is really nice as you can see how much better these new techniques make working with WCF API easier. LINQ and lambda expressions make their appearance in more than several examples in the book. This is a real good way of seeing how these new techniques are more than just "syntax sugar" and really add value to programming. You are also seeing how to utilize the new code from a software legend :)
Visual Studio 2008 Capabilities
WCF was introduced as part of the .NET 3.0 framework in 2006. If you remember, this did not coincide with a new release of Visual Studio. .NET 3.0 was an addition to .NET 2.0 and Visual Studio 2005. Therefore, the tool support for WCF was not completely baked. Visual Studio 2008 was released as part of the .NET 3.5 release and WCF has received enhanced support inside Visual Studio 2008. Throughout the book screenshots and notes highlight on how to do certain functions relating to WCF in Visual Studio 2008. Obviously this brings the 2nd edition to a much needed update as many developers have moved on to Visual Studio 2008.
WCF .NET 3.5 & .NET 3.5 SP1
WCF has been enhanced in several areas since it was introduced in .NET 3.0. Some of the new .NET 3.5 WCF enhacements include ADO.NET Data Services, data contract serialization, REST support, WF integration and AJAX/Silverlight supported WCF services. Unfortunately, the book only coveres all these new concepts minimally. For example, the new data contract serialization in .NET 3.5 is covered in detail; however, most of the other new additions to WCF are completely omitted. This is understandable as this would have added a lot more pages to the book and would have taken the book in a different direction.
ServiceModelEx Library
The book also includes descriptions and excerpts from the ServiceModelEx library. This framework for WCF is on idesign's website and available for free. The book does go over some of the ways you can use the framework to make the WCF programming easier. While this is a nice addition, this was available for free for a while on the web site. This code is peppered throughout the book; however, it is hard to tell if the code is part of the ServiceModelEx framework unless you check out the appendix.
Where is the REST?
This book is the BEST WCF self-paced resource on the market. Having said that, this resource is missing one of the biggest trends in SOA design paradigms: Representational State Transfer (REST). Well, isn't there probably is at least an excerpt about how REST should be avoided? Wrong. There is absolutely nothing in the book that I could find about REST at all. This is completely inexcusable for several reasons. REST is a valid enterprise service design. Many of the largest service organizations are using REST APIs (i.e., Amazon, MySpace). In fact, MySpace is based on WCF REST principles. Some of the additions in .NET 3.5 such as URL re-writting were specifically added for REST design and are omitted in this resource. REST design for "data-based" services is actually a lot more efficient (cachable, stateless, less chatty) than other WS* standards based WCF services.
I am not sure what Juwal Lowy's stance is on REST design. If you find any interviews, podcasts or presentations online, you will probably hear Juwal's message that WCF deprecates the .NET programming model. He makes a valid point that other software engineering principles rely on writing a lot of plumbing code. WCF programming (not just SOA) is a step in the direction of true design of software. Essentially this is what REST design tries to do by embracing the web as for what it is and not try to "force" other designs into services. This is why I think the omission of REST from the book is disappointing.
So what is in it for the Silverlight Developer?
There is actually very little here in terms of content strictly directed at the Silverlight developer. As mentioned above, RESTful design and ADO.NET Data Services are not mentioned in the book. This is a big dent for Silverlight developers as the only other WCF capabilities that are available are basicHttpBinding and duplex binding. If you attended any of Juwal's, talks, he calls basicHttpBinding "brain dead" binding. BasicHttpBinding is obviously not covered in real rigor in the book other than to say it is not recommended at all. WS* standards based bindings are heavily recommended for the web.
Even with the limited coverage of some of Silverlight's key data access strategies, this book is an EXCELLENT resource for Silverlight developers. As I mentioned above, this book reads like a physics book. You do not have "direct content" strictly directed at the Silverlight developer. However, the book builds a very solid foundation for WCF design. If you go on the http://www.silverlight.net/ forums, you will see a majority of the questions for Silverlight are directed at either control examples or data access with Silverlight. I think a lot of ASP.NET/Flash/Winforms developers are making the jump to Silverlight WITHOUT properly understanding WCF fundamentals. You simply cannot design a data/service heavy application in Silverlight without understanding some very key Silverlight concepts. From some of the basic questions being asked, you can see that Silverlight developers are struggling with the basics of WCF and what Silverlight supports for WCF.
This is why I believe that even though there is no Silverlight examples or best practices for Silverlight and WCF, this resource is invaluable for any serious Silverlight developer working with service-based data. Before even STARTING a WCF based project, a developer needs to understand service contract design, contract serialization, WCF architecture (proxies, channels, interceptors), configuration (bindings, behavious), security (transport, message), etc.
Summary
In summary, if you want to learn about WCF or need a good WCF resource for a project, BUY this edition of this book. This book is simply invaluable in how well it presents the information at a very high technical level. The information has been updated for .NET 3.5 and includes over 140 pages of new content. The content is presented extremely well and each topic builds on itself. While it is disappointing that certain topics like REST have been omitted and there is no direct content for Silverlight developers, this book is still a great resource for any WCF developer. Having said all that, this book is meant as a resource and reads like a college engineering book. All the tools are laid out for you and how everything works including the gotchas; however, the solutions are missing [no simple plug in the numbers from an example here :)].
Silverlight clientaccesspolicy.xml files for the Enterprise (Part 1 of 2)
I decided to move this article up the chain in my backlog of articles as I have come across this scenario numerous times on the http://silverlight.net/ forums. This article will give some basic information that has been covered on numerous other sites and times and give some additional insight on how to handle cross-domain issues in enterprise Silverlight service deployments.
Note: This article is pretty long and doesn't really fit well into a blog format (which I find is very limited for effectivily presenting technical ideas on a larger scale). I am going to start moving some of my bigger articles into possible whitepaper format as well.
Contents of this article (Part 1 of 2):
Background Information about cross-domain service access in Silverlight
Silverlight 2 uses services as its primary source of retrieving data across domain boundaries. Once you enter the services and web application domain, you are exposing your content to malicious attacks. One way Silverlight prevents its applications from launching malicious attacks on other sites is through opt-in cross-domain access. This means the site has to say yes in order to receive and respond to requests from a particular domain. This opt-in feature is controlled by a clientaccesspolicy.xml file. If you have done any WCF programming with Silverlight, this should be familiar to you. If not, check the basic information on the MSDN site here.
Suppose that we have a Silverlight application hosted on http://contoso.com/ (means the main/initial XAP file). This application has a service backend that retrieves data from http://mycontososervice.com/. These are obviously on two seperate domains and we have a cross-domain issue. By default, this scenario will not work. We need to create a clientaccesspolicy.xml file on the http://mycontososervice.com/ site that will allow calls from http://contoso.com/. The location of the file must be located on the root of the site (http://mycontososervice.com/clientaccesspolicy.xml).
Here is a graphical representation of what is going on:
The clientaccesspolicy.xml file is located where the service is being hosted. This is a very important point. Most Silverlight developers that are starting out make a mistake in that they think the clientacesspolicy.xml is deployed onto the server where the Silverlight application is hosted. This is not true and can cause many debugging headaches. The clientacesspolicy.xml NEEDS to be deployed on the server hosting the WCF service so that Silverlight can properly consume it.
Note: For simplicity reasons, I am not adding the crossdomain.xml file which is used by Flash. Silverlight also uses this file in case the clientaccesspolicy.xml doesn't exist. This is done for obvious reasons as Flash/Flex has a bigger install base and Silverlight is simply leveraging a possibly pre-existing cross-domain file.
Example of the format of the clientaccesspolicy.xml file that grants all domains access:
Example of the format of the clientaccesspolicy.xml file that grants access ONLY to contoso.com:
Note: Notice how the only change was to add the <domain uri="http://contoso.com"/>. This is more secure and other domains will be disallowed from making service calls.
Clientaccesspolicy.xml file that only grants service access from contoso.com (other requests are not fulfilled):
Deploying cross-domain policy files on Enterprise Servers
One of the key aspects of a clientaccesspolicy.xml file is that it needs to be accessed on the root of the website. In our example above, the request is http://mycontososervice.com/clientaccesspolicy.xml. In order to achieve this on IIS, we would simply place the clientaccesspolicy.xml file on the root of our website (default IIS: c:\inetpub\wwwroot folder). If you want to grant multiple domains access, an admin simply can modify the clientaccesspolicy.xml file.
As mentioned above, Flash has an equivalent cross-domain configuration file to Silverlight called the crossdomain.xml file. This file has a different format; however, it serves the same purpose as the Silverlight clientaccesspolicy.xml file. Let's take look at how some of the largest companies based on services use this file. You can try this yourself by using any browser.
Examples of Enterprise cross-domain configurations:
Example of the Amazon crossdomain.xml file (http://www.amazon.com/crossdomain.xml) :
Example of the MySpace crossdomain.xml file (http://www.myspace.com/crossdomain.xml):
Some notes to take away from the two examples above:
-
Root domains are different and this obviously makes the domain calls cross-domain. (i.e., amazon.com != amazon.fr). You need to list all the different domains
-
Sub domains also define cross-domain calls (i.e., lads.myspace.com != myspace.com). You need to list the different sub domains.
-
Secure and unsecure (http vs. https protocols) also make the calls cross-domain.
As you can see, maintaining these files can get quite complex very quickly in more advanced scenarios. These files need to be accurate and improperly formatted xml config files can cause the validation of the configuration to be invalidated.
Problems with maintaining the clientaccesspolicy.xml file manually
Maintaing the clientaccesspolicy.xml file manually on a single or even a couple of servers is not a problem. However, maintaining complex properly validated clientaccesspolicy.xml files on multiple servers or domains can be quite challenging. One single fat finger and the file can invalidate all service calls. Improperly adding or not removing a domain can cause a serious security violation.
Scenarios where manually maintaining the clientaccesspolicy.xml file manually can be an issue:
-
You are maintaining 2 different RIAs and want to keep both XML files in sync (I know Silverlight can use Flash's file, but we want to prepare for mass Silverlight deployments)
-
The clientaccesspolicy.xml file is complex. You have over 10-15 domains, subdomains and protocols that all have to work.
-
The clientaccesspolicy.xml is dynamic
-
The solution you offer allows clients to access the site through specialized domain (i.e., client.mydomain.com, client2.mydomain.com)
-
Architecture/hosting uses SaaS model (You host services others can consume)
-
Lots of changes occur to the file and you want to eliminate the "human factor".
-
The web service server is part of a web server farm or a cluster. The files need to be in sync almost instantaneously.
-
Client anonymity is important (i.e., You don't want to expose who is consuming your services)
Obviously some of these challenges can be mitigated with other security measures and designs. However, let's assume that in your scenario you have a properly working architecture/deployment and the clientaccesspolicy.xml file is becoming a maintenance nightmare. What can you do?
HttpHandler solution for dynamic clientaccesspolicy.xml files for the Enterprise
To overcome complex cross-domain scenarios by using some of the more advanced features of ASP.NET, we can mitigate some of the manual work that comes with creating cross-domain policy files. HttpHandlers are one way to solve some of the problems I listed above.
Httphandlers are a pretty powerful tool for ASP.NET applications that extend ISAPI extensions. There are many uses for Httphandlers and one of them is to map certain web requests to specific handler functionality. (I am not going to go over handlers in detail. If you need more information, try this link: http://www.15seconds.com/issue/020417.htm). We can create an HttpHandler that will see a request for a clientaccesspolicy.xml file. Instead of manually copying the file off of the root server, we can generate the file dynamically.
Walkthrough - Creating a basic HttpHandler for clientaccesspolicy.xml files
We are going to create a few sample handlers and add functionality to each one.
Basic Clientaccesspolicy Handler Part 1 - HttpHandler basics
-
Open Visual Studio 2008 and create a new project.
-
Select "Class Library" and let's call the project "SilverlightCrossDomainHandler" (Note: Do NOT create a Silverlight Class library.)
-
Add a reference to the System.Web assembly. (We are going to be creating an ASP.NET HttpHandler which requires the IHttpHandler interface found in the System.Web assembly)
-
Add a new class to the project and call it BasicClientaccesspolicyHandler.cs.
-
Navigate to the class and change its access modifier to be public.
-
Add a using statement "using System.Web;". (This is needed as we will be implementing the IHttpHandler interface.)
-
Implement the IHttpHandler interface by simply typing ": IHttpHandler" after the BasicClientaccesspolicyHandler class name.
-
Right-click on the IHttpHandler name and select Implement Interface -> Implement Interface. This will create the methods we need to implement for this handler to work.
You should have something like this now: (If not, simply just copy and paste the code from below)
using System; using System.Collections.Generic; using System.Linq; using System.Text; using System.Web; namespace SilverlightCrossDomain { public class BasicClientaccesspolicyHandler : IHttpHandler { #region IHttpHandler Members public bool IsReusable { get { throw new NotImplementedException(); } } public void ProcessRequest(HttpContext context) { throw new NotImplementedException(); } #endregion } } Basic Clientaccesspolicy Handler Part 2 - HttpHandler adding some code
-
Change the getter for the IsResusable property the exception to simply "return true;" (This allows the Handler to be pooled.)
-
Delete the "throw new NotImplementedException();" inside the ProcessRequest method. We are going to replace this with code. We are going to use LINQ in order to build the clientaccesspolicy.xml file. We can just as easily use StringBuilder, XmlDocuments or other forms. (This is NOT meant for production. This is just illustrating a concept.)
- Add a reference to the System.Core assembly. (This houses the LINQ methods.)
-
Add the following using statement: "using System.Xml.Linq;" .
-
Copy and paste the code below and insert it into the ProcessRequest method. The code below uses the Parse method from the XDocument class to load a string and transform it into an XDocument object.
XDocument clientaccessPolicyDoc = XDocument.Parse(
@"<?xml version=""1.0"" encoding=""utf-8""?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers=""*"">
<domain uri=""*""/>
</allow-from>
<grant-to>
<resource path=""/"" include-subpaths=""true""/>
</grant-to>
</policy>
</cross-domain-access>
</access-policy>");
context.Response.Write(clientaccessPolicyDoc.ToString());
Your class file should now look like the following:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Web;
using System.Xml.Linq;
namespace SilverlightCrossDomainHandler
{
public class BasicClientaccesspolicyHandler : IHttpHandler
{
#region IHttpHandler Members
public bool IsReusable
{
get { return true; }
}
public void ProcessRequest(HttpContext context)
{
XDocument clientaccessPolicyDoc = XDocument.Parse(
@"<?xml version=""1.0"" encoding=""utf-8""?>
<access-policy>
<cross-domain-access>
<policy>
<allow-from http-request-headers=""*"">
<domain uri=""*""/>
</allow-from>
<grant-to>
<resource path=""/"" include-subpaths=""true""/>
</grant-to>
</policy>
</cross-domain-access>
</access-policy>");
context.Response.Write(clientaccessPolicyDoc.ToString());
}
#endregion
}
}
Deploying managed HttpHandlers on IIS 7.0
This will go over deploying the HttpHandler solution we created above into IIS 7.0. I wanted to provide some basic instructions on deploying handlers as it can be tricky, making this article a complete resource. However, this article is not about deployment so I will cover only IIS 7.0. Why IIS 7.0 and not 6.0? Simply because I think that most advanced developers should be taking advantage of IIS 7.0 features and some of the new WCF 4.0 bits will only work in IIS 7.0. If you haven't converted to developing on either Vista or Windows 2008 now is a good time to do so.
This is one way we can deploy the HttpHandler on our server. I like this solution as it is a global way to add the handlers to the entire web server and it is simpler to follow. There are several different ways to do this. Another good solution would be to deploy the handlers with a Silverlight web project. This way the clientaccesspolicy.xml handler is only enabled when a Silverlight application is deployed.
-
Build the SilverlightCrossDomainHandler solution in release mode
-
Sign the assembly so that we can deploy it to the GAC
-
Install the assembly into the GAC by copying the assembly to the c:\windows\assembly\ folder
-
Edit the web server web.config and add our assembly type
-
Navigate to the C:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\ folder (v2 because that is the last version that has hooks into the core ASP.NET assemblies....NET 3.0 and 3.5 simply build on top of this)
-
Open the web.config file with Visual Studio
-
In the compliation element there is an assemblies element with several assemblies listed. We will add our custom assembly here.
-
Add this element: <add assembly="SilverlightCrossDomainHandler, Version=1.0.0.0, Culture=neutral, PublicKeyToken=4d1c49f632a38a3c"/>
-
Note: The PublicKeyToken could be different if you are doing this project on your own. Simply copy it and replace it with whatever your assembly has been signed with. You can check what your public key token is by right-clicking the assembly once it is in the GAC
-
Save the web.config file
-
Add the HttpHandler to the global web server
-
Open up IIS Manager
-
Double click on "Handler Mappings"
-
There will be several listed that are pre-installed when ASP.NET and IIS are set up by default. In order to add your own right-click and select "Add Managed Handler..." (this can take a few seconds)
-
A dialog box will appear
-
In the Request Path enter: clientaccesspolicy.xml (this will mean that ANY request to the clientaccesspolicy.xml file will be handled by our handler we choose)
-
Select the SilverlightCrossDomainHandler and whatever type you want (i.e. BasicClientaccesspolicyHandler) from the dropdown menu (if it is not located there, you probably messed up editing the web.config file)
-
Name the handler what you like (i.e. Clientaccesspolicyhandler)
-
Perform a restart on the web server or an iisreset or restart the application pool
Testing managed HttpHandlers (inside the browser)
To test our deployment simply point your browser to http://localhost/clientaccesspolicy.xml. Of course, you want to make sure that you actually do not have a clientaccesspolicy.xml file on the root of IIS. If you put the URL into the browser and click OK, you will simply get a blank page (as this is not an HTML/ASPX/RSS etc request that has a visual reponse). You can either use Fiddler or Web Development Helper. To test using the Web Development Helper (for those that use Fiddler, you know how to do this already):
- Install the tool, if you haven't done so already. The tool is an add-in for Internet Explorer after you install it you have to close all your IE sessions.
- Go to Tools -> Web Development Helper
- A window shoul appear on the bottom
- Check Enable Logging (this will let you monitor any requests made from the browser)
- Navigate to the page hosting your handler (i.e. http://localhost/clientaccesspolicy.xml)
- You will see a row entry for the response from the server
- Double-click on the row and a dialog pops up with detailed information about the request
- Click the Response Content Tab and notice that we have a well formed clientaccesspolicy.xml file
Note on the screen shot that Enable Logging is checked. We received a response from the request and the Response Contect is well formed for the clientaccesspolicy.xml and it is ready to serve us:
The fun doesn't stop here :) Since we deployed the handler to handle ANY request anywhere for clientaccesspolicy.xml (which you may or may not want to do). All requests for subdomains work fine as well and are handled by the very same handler we installed. In my test case I created a sub domain and profiled and it works fine:
TroubleShooting
If you do not have the proper IIS ASP.NET and Extensibility add-ons (ISAPI) turned on, you might receive this error: (Simply go back to Add/Remove programs and add the ASP.NET and Extensibility features for IIS). Furthermore, ensure that ASP.NET is properly registered on your site.
Summary
This article introduced you to some of the basics in managing a clientaccesspolicy.xml file for the Enterprise. We looked at other cross domain files how they are published in Enterprise scenarios and how some scenarios could warrant a more dyanmic configuration file. One way to solve the complexity of dynamic cross-domain configurations is to use HttpHandlers to create the configuration for us. In part 1 of the series we created a simple HttpHandler that returned a well formed file. In part 2 of the series, we will create a dynamic clientacesspolicy.xml file from a database store that will properly create the file in a more complex scenario.
SilverlightCrossDomainHandler.zip (18.51 kb)
Silverlight and the Enterprise
Silverlight: Feature Complete
Silverlight 2 released and the feature set has been locked down for a while now. Many RIA experts, bloggers and developers have chimed in on forums or blogs on what features they would like to see in Silverlight and the direction it should take. Opinions vary greatly on this and by doing a simple search online you can see the vast differences. While I definitely agree this needs to be discussed, I feel that there is so much that Silverlight 2 currently offers that future features can be disucussed later.
Microsoft is taking a nice approach with Silverlight 2 in that they are going to be releasing additional Silverlight assemblies outside the core download. The nice result of this is that we don't have to wait any longer for the releases to come out [Silverlight 2 (1.1 Alpha) was announced March 2007!]. Furthermore, by not bloating the core with additional features, this keeps the Silverlight 2 client payload pretty small (around 4.6 megs). The first example of this "add-on" strategy is the new Silverlight controls project from Shawn Burke. Microsoft will also release "professional themes" for Silverlight the same way. Both of these and more will probably be released at the PDC 2008 this month. Instead of adding value in Silverlight by directly building features into the core, a lot of value can be built by building "around" Silverlight.
Competitive Environment: Next Generation Web
Many are already calling the end of Web 2.0. The internet is on the brink of new type of services and software that will be released under the Web 3.0 umbrella. Many companies including Google, Microsoft, Apple, Firefox, Adobe, etc., are positioning themselves in their offerings for the upcoming new generation of products. When Silverlight 2 is released, it will put Microsoft in a VERY unique position. Microsoft's main competitors in the technology are Adobe (Flash/Flex/AIR) and Sun (JavaFX). However, Microsoft has many more competitors especially with more and more core OS features moving to the web and the mobile space. Google and Apple would be Microsoft's big competitors there. However, neither Google nor Apple have a RIA technology that they own themselves (Apple's iPhone UI tech is proprietary to the device for now). Microsoft is a lot bigger than all of these companies individually; however, each of their individual companies can cause problems for Microsoft in their vertical strengths. There is one thing that Microsoft can do that none of these companies can do invidually: integrate a new UI/RIA technology in their vast horizontal of business & enterprise products (mainly because none of these companies has that enterprise product penetration). This not only would add value to Microsoft's products, but it also would add value to Silverlight indirectly. For example, this can position Silverlight as business RIA technology and Silverlight doesn't have to play catch-up in the graphical area with Adobe (PhotoShop, Illustrator, 3D acceleration, etc.).
Silverlight in the Enterprise
How can Silverlight be used in the Microsoft enterprise space? Here is a mix of existing and potential ideas where I think Silverlight can be a great addition to the presentation stack:
Parallel Computing
Silverlight is powered by the subset of .NET 3.5. Although Silverlight 2 will not allow everything in multithreading (i.e., true async delegates), it does have a decent baseline which a developer can utilize. Any current computer that has been purchased within the last couple of years includes a dual core processor. Intel is planning on releasing 6 core processors later this year. By not utilizing parallel computing, you're not maximizing the efficiency of the program and all the processing it could utilize. Microsoft is very aware of the shift to multiple cores and has invested in this with their parallel computing initiative. This library includes additions to make LINQ execute on multiple threads by simply adding the AsParallel() extension method on the end of your LINQ query. A parallel extensions library for Silverlight does not exist right now. However, adding this simple abstraction to Silverlight would be a huge boost to performance and would allow some enterprise level applications to be scaled down to the data level on the client. In my previous multithreading articles I mimicked some of the basic flow of the parallel tasks and gained up to 120% performance improvements! Enterprise architects will be able to take a serious look at Silverlight as a potential powerful "client tier" to potentially offload some simple to medium cost processing and reduce trips to the server or reduce service calls.
SharePoint 2007 Integration
SharePoint is one of Microsoft's fastest growing products in terms of adoption and revenue. In my opinion, allowing the developers to focus on designing/developing content and not focusing on "plumbing code" is probably the best feature of SharePoint. This allows businesses in the enterprise to quickly set up the SharePoint farm and deliver content quickly. Silverlight is a great UI technology to extend SharePoint. During the SharePoint 2008 Conference, Microsoft announced the Blue Print for SharePoint Services. These blue prints are meant to provide guidance for building SharePoint solutions that include Silverlight. This addition is huge for Silverlight because this technology can now be utilized in one of Microsoft's biggest enterprise offerings. I have done several solutions inside SharePoint 2007. One of the things that it missed was true AJAX integration until SP1. Even now, some things like cross web part communication cause postbacks and then one has to deal with the "statless web" workarounds. The Silverlight plug-in is a great way for extending the SharePoint experience in a more interactive way that AJAX can simply not do. Furthermore, Silverlight can access many of the SharePoint features such as Lists, work flows, etc., via SharePoint services. If you are a SharePoint developer, I am sure I don't have to go into the potential that Silverlight and SharePoint integration provides.
Windows Communication Foundation
WCF is a true SOA framework for building enterprise level services. Microsoft is one of the few companies that has a deep SOA framework such as this. Currently Silverlight only supports basic HTTP services, WCF REST services and a duplex version. Similarly to SharePoint, the biggest feature of WCF is that it allows you to focus on designing services rather than "plumbing code". WCF abstracts a lot of complexity of enterprise messaging while allowing you to make decisions in which you can stay in the "best practice" realm. WCF makes creating an enterprise service easy. For example, using the WSHttpBinding, binding the service is secure, faults propegate across services, integrates with authentication, reliability can be configured, etc. This is a truly powerful feature. A lot of WCF bindings are not available to be consumed in Silverlight because that would mean including a lot of the core .NET 3.0 libraries that would bloat the core payload. Hopefully external libraries are made available for Silverlight in the future that would allow consuming WS standard bindings. In my opinion, the further integration of Silverlight and WCF is going to help propel Silverlight as a powerful, interactive consumer of enterprise services.
SQL Server
SQL Server has come a long way since I first started using the 6.5 version. It now includes enterprise reporting (Reporting Services), a true ETL engine (SSIS) and a powerful Buiness Intelligence OLAP engine (SSAS); although it's not OLAP anymore. One of the things that has been lacking with Reporting Services and Analysis Services is the presentation layer for both the end user and the respective product administrators. Microsoft is aware of this which is shown with Microsoft's recent acquisition of ProClarity or SQL Server 2008 SSRS visualization additions. All of these products also have a "techy" look and feel with their tools because of the integration with the Visual Studio 200x shell which needs to be installed on the local workstation. This is where I think Silverlight can come in and extend a lot of the presentation or even the administration features of these SQL Server products. Silverlight is perfect because it is a web technology and it allows for deep interaction with the data. Therefore, there is nothing to install beyond the plug-in, but you can still enjoy a desktop experience. For example, imagine opening a Reporting Services report and going beyond static data and being able to do "what if" scenarios or bringing key insight to life with animations. Silverlight with SQL Server can definitely bring the data to life in the enterprise.
Mesh, Semantic Web and Cloud Computing
Silverlight RIA UI + Cloud Computing Data + Semantic Web =
Microsoft is making a big play in the new Web 3.0 realm: cloud computing, semantic web and bringing the dekstop experience via the web. Microsoft has a variety of services: Outlook Online, SharePoint Online, Exchancge Online, Mesh and other various data services. The problem with these are that they have the classic Microsoft business look and are not 100% intuitive for non-business users. This is where Microsoft has a huge edge with Silverlight. Merging the power of these services together with a super-rich and easy to use interface can make these services wildly popular. What other company can do this on a massive scale? Apple has shown that people en masse will go for an advanced UI. Microsoft can build on this with already popular products and services in the backend. This brings us a lot closer to the Minority Report type interface but with actual meaningful data behind it.
Who cares about a pretty UI if it's just an intro for a corporate site or a movie site? Silverlight and the Microsoft cloud computing platform can change this.
Bringing in data and the UI together is a very powerful combination that will bring a more dynamic UI and lets the user decide how the data is presented, viewed and analyzed. In my opinion, this is Microsoft's best shot at usurping Google in their game. This platform has the potential to be Web 3.0.
In conclusion, in this article I wanted to cover a couple of important concepts relating to Silverlight in the Enterprise. The main concept I wanted to describe is that just because Silverlight 2 is feature complete doesn't mean the technology cannot grow in value. Microsoft owns the enterprise market and this is where I think a technology like Silverlight cannot only add value to the enterprise offerings but the enterprise offerings can make Silverlight a first-class RIA technology for business. Silverlight does not have to play catchup with Adobe Flash/Flex and can lead in business/enterprise product innovation. In my opinion, "the Silverlight Enterprise Ace" is a card that Microsoft can play in the next few months and increase the popularity of Silverlight dramatically.