An Overview of the Simplified Application Framework - The MessageQueue Service
(Page 4 of 7 )
Message queues are one of the most underrated technologies in application development. Its ability to decouple the client and server applications allows you to build an asynchronous application that is highly scalable and fault tolerant. Message queues are also commonly used in application integration development where applications in heterogonous environments send and receive data via message queues. In order to take advantage of message queues, developers are often required to learn different sets of APIs associated with various message queue technologies, such as MSMQ, MQSeries, and in-house custom queuing technologies. The SAF.MessageQueue service provides one set of APIs that developers can learn to program against message queues regardless of the type of underlying queuing technology. The SAF.MessageQueue service also allows you to plug in your own implementation of the queuing mechanism without having to make developers learn new sets of APIs.
SAF.MessageQueue uses the System.Messaging namespace to access MSMQ and .NET’s interop feature to access the MQSeries’s COM DLL. It relies on the Bridge design pattern to decouple the client interface from the underlying implementation of various queuing technologies. We will look at how SAF.MessageQueue works in depth in Chapter 9.
The Authorization Service Authorization is a process of determining whether a caller may access a specific underlying resource based on the caller’s identity or group. The SAF.Authorization service provides developers an easy way to add an authorization check to the application without coupling the security code to the application code. By using SAF.Authorization, developers can perform security checks, such as role-level checks or user-level checks on methods simply by adding the attributes on the methods. It provides a declarative security feature similar to that of COM+ security, in which you can define the security attributes of a component as a separate layer on top of the component.
Unlike the out-of-box .NET security attribute, which requires you to define the user/group access permission inside the application code, SAF.Authorization is designed to remove such a requirement. Using SAF.Authorization, developers can change the security permissions of a business object by modifying the settings of a configuration file without any change to the application code.
The technologies used to implement the SAF.Authorization service include .NET declarative security, .NET attributes, and .NET reflection. The SAF.Authorization service also allows developers to change the way the security permission check is performed through the use of strategy patterns. You will learn more about the SAF.Authorization service in Chapter 10.
Authentication Service Authentication is the process of identifying who the caller is. The ability to identify a caller is a prerequisite of any security feature in an application. An application often consists of many subsystems, and each has its own way of identifying a particular caller, usually with a separate set of credentials such as user name and password. This presents a problem when a caller’s request has to go through multiple subsystems. The call would have to carry and present multiple sets of credentials at every step of the way. This often adds a significant development burden and makes each subsystem heavily coupled with the authentication logic of other subsystems within an application. The SAF.Authentication service solves this problem by creating a single-sign-on feature for the whole application. With SAF.Authentication, the caller is no longer required to present multiple credentials. Instead, the caller needs to carry only one credential to gain access to all other applications/subsystems. SAF.Authentication performs the credential mapping on behalf of the callers and eliminates the need for developers to code such logic inside their applications.
SAF.Authentication achieves this single-sign-on feature through technologies such as the .NET security Web service. You will learn more detail about this service in Chapter 11.
 This chapter is from Developing Application Frameworks in .NET by Xin Chen (Apress, 2004, ISBN: 1590592883). Check it out at your favorite bookstore today. Buy this book now.
|
Next: The Cryptography Service >>
More .NET Articles
More By Apress Publishing
/ 6 
