• 6 CDs featuring live instructor-led classroom sessions
  with full audio, video and demonstration components
• over 400 pages of corresponding Courseware on CD-ROM
• Hands-on labs to reinforce important concepts

• Focused on practical solutions to real-world development problems
• Comprehensive, understandable, and reusable as reference material.
• Certificate of Completion

Chapter 1

INTRODUCTION TO DEVELOPING XML WEB SERVICES USING MICROSOFT ASP.NET

OVERVIEW

MICROSOFT OFFICIAL CURRICULUM

COURSE OUTLINE

• Chapter 1: The Need for XML Web Services
• Chapter 2: XML Web Service Architectures
• Chapter 3: The Underlying Technologies of XML Web Services
• Three foundational technologies: HTTP, XML, SOAP
• .NET Framework built-in support for these technologies
• Chapter 4: Consuming XML Web Services
• How to implement a web service consumer
• Description documents: WSDL, DISCO
• Chapter 5: Implementing a Simple XML Web Service
• Chapter 6: Deploying and Publishing XML Web Services
• Deployment using a Web Setup project
• How to publish in the UDDI registry
• Chapter 7: Securing XML Web Services
• Chapter 8: Designing XML Web Services
• Chapter 9: Global XML Web Services Architecture (GXA)
• Limitations of the current specification
• Anticipating future specifications and features

THE NEED FOR XML WEB SERVICES

OVERVIEW

• Evolution of Distributed Applications
• Unique design considerations of distributed applications
• Introducing Web Services
• The Web Technology Stack and .NET
• The .NET Alternatives to Web Services
• Common Web Service Scenarios

EVOLUTION OF DISTRIBUTED APPLICATIONS

• Introduction
• What is a distributed application?
• Why do we need distributed applications?
• Cost of mainframes
• Data ownership
• Security
• This led to Distributed applications being used as service providers
• The next step was to enable Distributed applications to utilize the Web
• Problems with Traditional Distributed Applications
• Introduction
• Two of the architectures that enabled dist app dev
• RPC-Based Architectures
• Message-Based Architectures
• Web Standards and their effect on dist apps
• Design Considerations for Distributed Applications
• Introduction
• Data types that are not compatible across different systems
• Server failures or loss of server response
• Client failures
• Retrying a call
• Security
• Synchronizing clocks between multiple computers

RPC-BASED ARCHITECTURES

• Introduction
• What is a Remote Procedure Call (RPC)?
• All calls are Synchronous calls
• Problems with RPC-based architectures
• Building redundancy
• Aggregate availability
• Load balancing and fail over
• Prioritization
• Load spikes

MESSAGE-BASED ARCHITECTURES

• Introduction
• Asynchronous processing based on the exchange of messages
• Message calls can be routed based on load and priority
• Allow the client to continue working while waiting on a response
• Problems with message-based architectures
• Message payload processing
• Interoperability
• Workflows and message sequencing

WEB STANDARDS

• Introduction
• Problems with binary protocols
• DCOM, Java Remote Method Invocation (RMI), and Common Object Request Broker Architecture (CORBA) rely on binary protocols
• Firewalls
• Interoperability
• Data Formats
• This led to the development of Web protocols and data formats

HTML

HTTP

XML

• Problems with the Web protocols
• Security
• Performance

WEB SERVICES

• Introduction
• What are Web services?
• Based on Internet technologies

HTTP

XML

• Simple Object Access Protocol (SOAP)
• Governed by the World Wide Web Consortium (W3C)
• Building blocks
• No restriction on the level of granularity.
• Can provide access to static resources or be fully interactive applications
• Can aggregate other web services
• Are the future of distributed applications
• Provide interoperability through the use of SOAP
• Multilanguage support
• Promote reuse
• Based upon industry supported standards

THE WEB TECHNOLOGY STACK AND .NET

• Introduction
• TCP/IP
• Sockets
• HTTP
• XML or binary formats
• SOAP

.NET ALTERNATIVES TO WEB SERVICES

• Introduction
• Stand-alone listeners
• Can use a pre-written ISAPI filter to handle low-level communication
• Can write a server application to monitor the port
• Custom protocol handlers
• .NET remoting

COMMON WEB SERVICE SCENARIOS

• ASP/Hosted applications tend have the following characteristics
• App is viewed as a portal
• App exists in an isolated environment
• Each subscriber has their own instance of the app
• Subscribers do not share data
• ASPs usually require hosted apps to
• Application integration

SUMMARY

Chapter 2

OVERVIEW

SERVICE-ORIENTED ARCHITECTURE

• Introduction
• To build flexible, robust dist apps, you should ensure:
• Meeting these requirements, results in:
• Primary roles in a service-oriented architecture
• Service provider
• Service consumer
• Service broker
• These roles interact to perform three basic operations
• Find services ? service consumers find services by using a service broker

WEB SERVICES ARCHITECTURES AND SERVICE-ORIENTED ARCHITECTURE

• Introduction
• Overview of Web Service Architectures
• Basic elements in a web service are
• Web Services as an Implementation of a Service-Oriented Architecture
• Demonstration: An Electronic Funds Transfer Web Service

ROLES IN A WEB SERVICES ARCHITECTURE

• Introduction
• The Web Service Provider
• Must support the .NET Common Language Runtime
• Examples of Web service providers
• The Web Service Consumer
• Must be able to locate the web service
• Must be able to use WSDL documents to generate Proxy classes
• Must support Asynchronous calls
• Example of Web service consumers
• The Web Service Broker
• Interaction between brokers and providers
• Interaction between brokers and consumers
• UDDI registries

THE WEB SERVICES PROGRAMMING MODEL

SUMMARY

Chapter 3

OVERVIEW

• Introduction
• HTTP Fundamentals
• Using HTTP with the .NET Framework
• XML Essentials
• XML Serialization in the .NET Framework
• SOAP Fundamentals
• Using SOAP with the .NET Framework

HTTP FUNDAMENTALS

• Overview of HTTP
• Resources are located through a URL. Syntax
• HTTP is a Stateless protocol
• Structures of HTTP Requests and Responses
• HTTP Requests use the following format
• Supported methods include GET, POST, TRACE, CONNECT
• HTTP Responses use the following format:
• The GET and POST Methods
• Introduction

HTTP GET

HTTP POST

USING HTTP WITH THE .NET FRAMEWORK

• .NET Classes for Working with HTTP

XML ESSENTIALS

• Introduction
• Overview of XML
• XML documents contain elements and attributes
• XML documents must be Well-formed
• Schema
• XSD Fundamentals
• Introduction
• Simple and complex types
• Groups
• Compositors
• Derivation
• Restriction
• Extension

XML SERIALIZATION IN THE .NET FRAMEWORK

• Introduction
• Caveat

SOAP FUNDAMENTALS

• Overview of SOAP
• SOAP messages
• Parts of a SOAP message
• SOAP envelope
• SOAP encoding rules
• SOAP RPC representation
• Protocol bindings for HTTP and HTTP-EF
• SOAP Envelope
• SOAP Header
• SOAP Body
• SOAP Fault

CONTROLLING THE SOAP MESSAGE FORMAT

• Introduction
• SOAP encoding definitions
• Formatting the SOAP body
• RPC encoding
• Document encoding (default)
• Formatting parameters

SUMMARY

Chapter 4

OVERVIEW

• Introduction
• WSDL Documents
• Web Service Discovery
• Web Service Proxies
• Implementing a Web Service Consumer Using Visual Studio .NET

WSDL DOCUMENTS

• What is WSDL?
• Primary child elements of a WSDL document
• The types element
• The message element
• The portType element
• Primary child elements of a WSDL document
• The binding element
• The service element

WEB SERVICE DISCOVERY

• What is Disco?
• Two ways to discover available web services
• Static discovery
• Dynamic discovery
• Dynamic discovery disabled
• WS-Inspection
• Locating Discovery Documents Using Disco.exe
• Introduction
• Syntax
• Uses for Disco.exe
• Programmatic Discovery

WEB SERVICE PROXIES

• Introduction
• Proxies and WSDL
• Introduction
• Why are proxies needed?
• Using WSDL to generate proxies
• Generating Proxies Using Wsdl.exe
• Syntax for invoking Wsdl.exe
• Proxy class details
• Configuring Proxies
• Url property
• Credentials property
• Timeout property
• Proxy property
• AllowAutoRedirect property

IMPLEMENTING A WEB SERVICE CONSUMER USING VISUAL STUDIO .NET

• Implementing a Console Client
• Create a console application
• Add a Web reference
• Invoke the Web service by using the proxy
• Implementing a Web Forms Client
• Create an ASP.NET Web application
• Add a Web reference
• Invoke the Web service by using the proxy
• Synchronous vs. Asynchronous Clients
• Introduction
• Limitations of synchronous calls
• Making asynchronous calls using the proxy
• Implementing an XML Web Service Consumer Using Visual Studio .NET

SUMMARY

Chapter 5

IMPLEMENTING A SIMPLE XML WEB SERVICE

OVERVIEW

CREATING A WEB SERVICE PROJECT

• Creating a Web Service Project
• Examining the Parts of a Web Service Project
• Introduction
• References
• System namespace
• System.Web namespace
• System.Data namespace
• System.Web.Services namespace
• System.XML namespace
• .asmx file
• Service Help page
• Serice Method Help page
• Service Description page
• Global.asax
• Web.config
• The .vsdisco file
• AssemblyInfo (.cs or .vb)
• The /bin folder

IMPLEMENTING WEB SERVICE METHODS

• Exposing Web Service Methods
• Specify that the method is public
• Apply the WebMethod attribute to the method.
• Web Method Attributes
• BufferResponse
• CacheDuration
• Description
• EnableSession
• MessageName
• TransactionOption
• Examining Data Types and Parameter Lists
• Introduction
• Simple data types
• Input and output parameters
• Variable length parameter lists
• Complex data types
• Classes and structures
• Arrays
• Collections
• DataSets
• Creating a Typed DataSet Using the Component Designer
• Generate a SqlDataAdapter
• Use the SqlDataAdapter to create a typed DataSet
• Creating a Typed DataSet Using the XML Designer
• Add an XML schema to the project
• Add an XML simpleType element to the schema
• Add an XML complexType element to the schema
• Creating a Typed DataSet Using the XML Designer
• Add an XML element to the project
• Generate the typed DataSet class
• View the generated DataSet

MANAGING STATE IN AN ASP.NET WEB SERVICE

• Introduction
• Application State
• ASP.NET provides support for application state through:
• Using application state
• Contents and StaticObjects
• Application state synchronization
• Session State
• ASP.NET provides the following support for session state:
• Identifying a session
• Using session state
• Session state collections
• Session state configuration
• Cookieless sessions

DEBUGGING WEB SERVICES

• Debug, Trace, and Switch Classes
• Debug
• Trace
• Switches
• Listeners
• TextWriterTraceListener ? output to a stream
• EventLogTraceListener ? output to an event log
• DefaultTraceListener ? output to the output window
• Configuring Debug and Trace Settings
• Interactive debugging
• Tracing
• Configuring a TraceSwitch
• Configuring listeners
• SOAP Extensions and Tracing
• Introduction
• SOAP extensions
• Tracing using SOAP extensions
• Performing Tracing Using a SoapExtension
• View a SoapExtension class
• View the output from a SoapExtension class
• Tools for Debugging Web Applications
• Introduction
• Page-level tracing
• Application-level tracing
• Writing to an event log
• Performance counters

SUMMARY

Chapter 6

DEPLOYING AND PUBLISHING XML WEB SERVICES

OVERVIEW

DEPLOYING WEB SERVICES

• Introduction
• Files Required for Deploying Web Service
• Deploying Web Services Manually
• When to deploy Web services manually
• Web services can be deployed manually by using:
• IIS settings are not copied to target Web server
• Deploying Web Services Using Windows Installer Files
• Creating a Web Setup Project

OVERVIEW OF UDDI

• Introduction
• What Is UDDI?
• A collection of specifications
• UDDI Programmer?s API Specification
• UDDI Data Structure Specification
• UDDI registry implementations
• Why Use UDDI?
• Information provided by UDDI

PUBLISHING A WEB SERVICE ON AN INTRANET

• Custom publish/discover solutions
• Implement UDDI Services in Windows Server 2003
• Hard-coded endpoints
• Overview of Using UDDI
• UDDI Data Structures
• Installing the UDDI SDK
• Privately on an intranet
• Jointly on an extranet
• Publicly on the Internet
• Setting a Reference to the UDDI DLL
• Set a reference to the Microsoft.Uddi.dll file
• Include the UDDI namespaces in you code files

PUBLISHING A WEB SERVICE

• Introduction
• Configuring a Web Service for Publication
• Configuring discovery
• Permissions and security policy
• Configuring assemblies
• Localizing a Web service
• Publishing a Web Service Programmatically
• USING UDDI
• Finding a UDDI Registry
• Retrieving Array
• Contents of UddiSiteLocation Object
• Connecting to a UDDI Registry
• The UddiConnection object supports two methods of authentication
• Windows Integrated Authentication UDDI Authentication
• Locate a business
• Finding a Web Service
• Retrieve binding information
• Bind to the Web service

SUMMARY

Chapter 7

OVERVIEW

OVERVIEW OF SECURITY

• Authentication vs. Authorization
• Authentication
• Authorization
• Types of Authentication
• IIS Authentication
• ASP .NET authentication
• Forms authentication
• Passport authentication
• Custom SOAP header authentication
• Types of Authorization
• Windows NT security
• Role-based security
• Code access security
• Configured ASP .NET authorization
• Methods of Encryption
• Introduction

BUILT-IN AUTHENTICATION

• Introduction
• Basic and Digest Authentication
• Basic authentication
• Digest authentication
• Integrated Windows Authentication
• Limitations
• Characteristics
• Using IIS Authentication on a Web Server
• IIS Server must be configured to support authentication
• Configuring an ASP.NET Web service
• Accessing user identity in a Web service
• Providing credentials

CUSTOM AUTHENTICATION USING SOAP HEADERS

• Introduction
• Using a SOAP Header in a Web Service Consumer
• SOAP headers are specified in the WSDL document
• Web service proxies and SOAP headers
• Remember to disable other authentication types

AUTHORIZATION USING ROLE-BASED SECURITY

• Introduction
• Identities
• Introduction
• Generic Identity
• WindowsIdentity
• Principals
• What are roles?
• Custom principal
• Principals and call context
• Using WindowsIdentity and WindowsPrincipal Objects
• Using GenericIdentity and GenericPrincipal Objects
• Introduction
• Creating and initializing a GenericIdentity object
• Creating and initializing a GenericPrincipal object
• Saving the current principal
• Authentication and Authorization with Http Modules
• Introduction
• Http Application events and Http Modules
• Authentication using HttpModules
• Authorization after authentication

AUTHORIZATION USING CODE ACCESS SECURITY

• Introduction
• Code Access Security Fundamentals
• Evidence-based security
• Code access permissions
• Code groups
• Policy levels
• Named permission sets
• Code Access Security in ASP.NET Web Services
• Identifying permissions required by your code
• Requesting permissions in your code

ENCRYPTION

• Introduction
• Using SSL
• What are X.509 certificates?
• How to enable SSL on a Web server
• Using Custom SOAP Extensions
• Introduction
• The DESCryptoServiceProvider class
• The CryptoStream class
• Encryption using SOAP extensions

SECURING XML WEB SERVICES

SUMMARY

Chapter 8

OVERVIEW

DATA TYPE CONSTRAINTS

• Introduction
• Protocol constraints
• Structures vs. classes
• Typed vs. untyped datasets
• Arrays vs. collections
• Exceptions

PERFORMANCE

• Introduction
• General Considerations
• Caching Guidelines
• Locking
• Making asynchronous calls
• Measuring performance and behavior
• Unnecessary code
• .NET-Specific Considerations
• Disable session state
• Choose an appropriate state provider
• Avoid exceptions
• Use native database providers
• Use ASP.NET Web gardening
• Disable debug mode
• Caching in Web Services
• Output caching
• Data caching
• Controlling caching
• File and key-based dependencies
• Expiration policies
• Item priorities
• Removal notification
• Scenarios
• Asynchronous Server-Side Methods
• Implementing asynchronous WebMethods
• Appropriate uses

RELIABILITY

• Introduction
• Availability
• Process isolation to reduce the risk of unintended interactions
• Process recovery model
• Measurement
• Performance counters
• WMI

VERSIONING

• Introduction
• Versioning assemblies
• Versioning WSDL documents
• Versioning request or response payload

AGGREGATING WEB SERVICES

• Introduction
• Aggregated Web Service Scenarios
• Gateways to Web services
• Simple interfaces to complex Web services
• Portals to Web services
• Designing a Web Service for Aggregation
• Protocol considerations
• Handling non-interactive clients
• Designing for ISPs & ASPs
• Self-repair and remote repair
• Implementing an Aggregated XML Web Service

SUMMARY

Chapter 9

OVERVIEW

INTRODUCTION TO GXA

• Limitations of Web Services
• Web services are used today to
• Tomorrow?s Web services need to Interoperate across multiple organizations
• Problems that baseline standards (SOAP, WSDL, UDDI) do not solve
• Overview of Global XML Web Services Architecture
• Design tenets of GXA
• Released specifications (October 2001)
• Future protocols
• Global XML Web Services Architecture

ROUTING AND REFERRAL

• WS-Routing and WS-Referral
• SOAP message processing model
• WS-Routing
• WS-Referral
• Routing Scenario

SECURITY AND LICENSING

• WS-Security and WS-License
• WS-Security
• WS-License
• Security Factoring and Authorization Scenario

SUMMARY