Professional Documents
Culture Documents
Architecting A
Web-Enabled Solution
Objectives
In this session we will examine
The main goals in designing and
architecting a Web-based application
How Windows® 2000 and the .NET
Enterprise Servers can help you reach
those goals
Key decisions and trade-offs in the design
of a Windows-based Web solution
Agenda
Introduction to application architecture
Architecting for manageability
Architecting for security
Architecting for scalability
and availability
Architecting A Building
A building must be
Big enough
Strong enough
Secure enough
Maintainable
The building should
usually integrate
with existing
infrastructure
services such as
water, gas,
and electricity
Architecting An Application
Applications must
provide sufficient
Scalability
Availability
Security
Manageability
They often need to
integrate with
existing systems
Services And Tiers
Presentation Business Data
Windows 2000 Infrastructure
MSCS
DCOM
NLB
Win 32
ODBC
DHTML
HTTP
XML ADO
ADSI
COM+
ASP
OLE-DB
ISAPI
HTML
The .NET Enterprise Servers
Presentation Tier Options
<>
XSL
DHTML ASP
ISAPI
HTML
Business Logic Options
+
ASP COM+
Interpreted Compiled
Re-use within application Re-use by any application
Deploy in Web site Deploy anywhere
Can use COM+ Transactions Can use ALL COM+ services
Script Any COM language
Data Tier Options
SQL Server Active Directory Exchange Server
OLE-DB
OLE-DB
CDO
ADSI
OLE-DB
HTTP
HTTP FILE
HTTP-DAV
Agenda
Introduction to application architecture
Architecting for manageability
Architecting for security
Architecting for scalability
and availability
Manageability Requirements
As a developer,
As an I As a business manager I
need to manage
administrator, need to be able to respond
I needthetorapid
manage to a changing market and
development
the deployment and analyse business data
maintenance
and monitoring of the
of
theapplication
application
Site Development
Commerce Server 2000 solution sites
SQL Server
Virtual Root
Pipelines
Global.asa
Components
Active Directory
ASPs Templates
Business Management
Commerce Server Business Desk
Internet Explorer 5.5 based admin UI
Business Desk Example
Targeting
Define custom properties for users, pages,
products, etc.
Income (currency), driving license (Boolean)
Create Expressions based on the properties
High earner = income > 20000
Driver = driving licence is true
Create target groups based on Expressions
Wealthy drivers = high earner + driver
Target advertisements and discounts at
specific profiles
Show Porsche advert to wealthy drivers
Application Administration
Server 1 Server 2
Agenda
Introduction to application architecture
Architecting for manageability
Architecting for security
Architecting for scalability
and availability
Security Requirements
And we need to use We need to ensure that
encryption
By exposingfor our no-one can access
to the Web, sensitive data on our
sensitive data
application
we’re creating many internal network via the
security issues Internet
DMZ Internal
Domain? Network
User Authentication
Anonymous login
Can still use cookies for non-intrusive profiling
Suitable for content publishing sites
Custom form-based authentication
User data stored in any data source
Most common solution for e-commerce sites
Windows integrated login
User data stored in Active Directory™
Digest authentication from any browser
Using SSL For Encryption
Public key encryption used to pass the
session key
Session key used to encrypt all traffic
Browser creates session key and encrypts it with server’s public key
Session key is now used for all traffic in this (stateful)
session
Agenda
Introduction to application architecture
Architecting for manageability
Architecting for security
Architecting for scalability
and availability
Scalability And Availability
Requirements
The site will need to We’ve also got to
support concurrent provide 24x7 access
access by a considerable
number of users
Basically, we need to
please all of the people,
And it must still provide
all of the time!
acceptable performance
in a cost effective way
Scaling Up And Scaling Out
Scaling Up: Increasing resources
in a server
Scaling Out: Adding servers
to balance the load
State Management Choices
Storing state on the Web server
Restricts ability to load balance
ASP Session object does not provide
adequate scalability
Storing state on the client
Cookies
URL parameters, hidden form fields
XML Data Islands
Storing state on the database server
Key used to map user session to
database records
Database caching will improve performance
State And Server Affinity
No Affinity Client IP Affinity
Server 1 Server 2
Deploying Components
Web Application Database
Farm Cluster Cluster
WMI
ASP ASP
ASP ASP
COM+
COM+ COM+ COM+
(Default)
Fault Tolerance
Component Load Balancing
(CLB)
Provided by Application Center Server
Only activations are load balanced
Based on response time and round-robin
AppServer1
AppServer1: 10ms
AppServer2: 15ms AppServer2
AppServer3: 20ms Web Farm
AppServer3
SQL Server Failover
™
Clustering
Active/passive clustering
Active/active clustering
SQL Server Standby Servers
Log Shipping used to apply transaction
log to standby server
Can be used as a read-only data source
On failure of the primary server,
rename the standby server
RO
SQL Server Data Partitioning
Partitioned views are updateable
Queries are optimised for
distributed data
Sales
Demonstration
Partitioned views
Partitioned View Issues
Only very large databases will benefit
Small database performance will suffer
Partitioning should be designed from
the outset
Keep as much related data on the same
physical server as possible
Build data dependant routing logic into
the application server
Try to connect to the server storing most of
the required data
Call To Action
Minimize business logic in ASPs, use
components instead
Minimize out of process/remote calls
Scale out rather than up
Minimize application tier state
Use SSL only where required
Partition large volumes of data