Expert Service-Oriented Architecture in C# 2005

A Practical SOA Book with Actionable Architectural Guidance

Beside Web 2.0 and AJAX,
Service Oriented Architecture is most probably among the top ten tech buzz
words of this year and can also be regarded as the term with most diverse array
of definitions or the most misunderstood concept. Currently there are several
books available in the market with word SOA in their titles however if you are
not looking for a 10,000 ft overview of service orientation but want a
practical guide which walks you through step by step in the journey of loosely
coupled architecture & design, Jeffery Hasan and Mauricio Duran’s “Expert
Service-Oriented Architecture in C# 2005” is the perfect book for you

.

In this book, SOA is defined as “architecture based on
loosely coupled component that exchange messages” but it doesn’t stop here.
Jeff explains in depth what each and every term in this definition mean and how
to practically implement it using WSE 3.0. Service oriented architecture is a
concept and in order to implement its features like interoperability,
declarative policies, contracts, message security, identity, trust and
transactability, one would need a concrete framework such as WSE. Readers who
have found this book more on WSE and less on SOA are usually looking at SOA
from a much abstract prospect while the book is very much hands on emphasizing more
on practical implementations. Author has tried to convey the ground realities
by transferring the theory into practice.

This 250 page book is divided into nine chapters and in
mainly three logical sections. 

  • Introduction
    to Distributed Computing, Messaging and SOA (Chapter 1-4)
  • WSE
    3.0 and SOAP   (Chapter 5-8)
  • WCF
    and future directions (Chapter 9)

Clarity is the one of the major traits of Jeff’s writing;
the book is written in no-nonsense developer friendly language; it employs
effective use of diagrams, selected listings and notes to convey its message in
short and concise manner. The book also addresses common SOA myths and tries to
bust them. For instance, how can MSMQ and web services co-exist and can even be
used in the same enterprise solution? For most people, these technologies
including Enterprise Services and remoting sound like rivals. Author debunks
these ideas by providing examples and scenarios which explain service
orientation as an architectural concept instead of a development framework.
This book goes beyond the common realm of design and further explains that SOA
is not tied together with SOAP/XML web services but can be implemented using
any distributed communication protocol providing that it supports loosely
coupled message exchange and other primary SOA traits discussed above.

Web Services Enhancements for Microsoft .NET (WSE) is a
library provided to extend the Microsoft .NET Framework capabilities of
handling web services and to keep pace with the evolving Web services protocol
specifications. In “Expert Service-Oriented Architecture in C# 2005”, author
does not discuss merely the turn key scenarios provided but provide in depth
elaborate study of WSE 3.0. The book does not contain any enterprise level case
study but some concrete and small examples to keep focus on concepts without turning
it into a WSE cook book. Author makes the business case of WS-Specifications
providing its reader a solid understanding of specifications like WS-Security,
WS-Secure Conversation, WS-Addressing, WS-Reliable Messaging and WS-Policy.
Author notes that transactions are not implemented in WSE, making it a live
specification and emphasizing on the need of windows communication foundation
(formerly code name Indigo).

Author tries to make sure that the readers are not merely
using web services as another RPC mechanism but are designing good robust
architectures. Therefore in the design patterns of building SOA, he urges on writing
type assemblies (type and methods), business assemblies, web services and
client (test harness) separately and follows the same design pattern through
out the book. Having the dedicated typed assemblies is one of the best
practices I’ve found through experience in distributed application development
as it eases the complex type communication and marshalling lot easier.

Since I’ve read the first edition and have worked with WSE
3.0 in the past, I jumped right to the chapter 9 regarding WCF and was not
disappointed. Jeff has done a fairly good job explaining the nuts and bolts of
Windows communication foundation however it’s still the tip of iceberg since
the book is not mainly about windows communication foundation. (For a
detailed study of WCF, please check David Pallman’s Programming WCF (Indigo) by
MS Press.)

If you are development manager who wants to grasp the WSE
concepts to know what can be done in the world of advance web services, chapter
1-5 will give you well rounded foundation and understanding while chapter 9
would help you building a migration strategy to WCF.  For an application architect or an API
developer, you’ll find this book specially interesting and valuable because of
its architectural approach. As an example, there are numerous times that as a
developer you build request and response objects for your web service
components with end to end security in mind. Client informs you that SSL won’t
be a silver bullet anymore since they have to do re-routing between different
layers of application process. Sound like user name token manager
authentication and SOAP headers to me, no problem! Open page 161 and code it
away. It will enlighten you about the differences between HTTPS and WS-Secure
Conversation, very well done. Even your IT folks may admire a complete step by
step direction of setting up Kerberos authentication on Windows Server 2003.

The source code provided with the book is converted using
the Visual Studio.NET 2005 wizards, contains UpgradeLog.XML and not really
reflect the WSE 3.0 changes. For instance building Chapter8\WSSecureConvService\App_Code\StockTrader.asmx.cs
throws warnings such as

Microsoft.Web.Services3.SoapContext.Security' is obsolete:
'SoapContext.Security is obsolete. Consider deriving from SendSecurityFilter or
ReceiveSecurityFilter

and

// Use the SCT to sign and encrypt the response
SoapContext

responseContext = ResponseSoapContext.Current;
responseContext.Security.Tokens.Add(sct);

throws exception as 'Microsoft.Web.Services3.SoapEnvelope'
does not contain a definition for 'IsSoapEnvelope'

As it’s not in the WSE 3.0 specs (See MSDN reference).

For a developer and architect alike, I find this to be of
great use and I would suggest it to all of you interested in service oriented
architecture or distributed application development using WSE 3.0 to give this
SOA page turner a try. Notwithstanding, those willing to invest the time will
be richly rewarded with the most intelligently written SOA book I can recall
reading in a while.

Highly recommended!



The source code can be downloaded from the
following link
Download
Source Code File

Also, you can read a sample chapter from here.

Ch.
04 - Design Patterns for Building Service-Oriented Web Services

Share