Tag Archives: REST

ASP.NET Web API: The New Mobile Web Services

1 Reply

Those of you who know me or have attended one of my presentations know that I’m a total RESTafarian when it comes to the software architectural style I prefer for web services.

I started using REST in the early 2000s to create a high-speed, human-readable, server API to trade financial instruments between brokerages and counterparties. When SOAP finally got traction in the .NET and Java world, I started using it because WSDL and widespread tooling made it easy for people to consume the web services I had to publish. XML was having its moment in the sun. That being said, I could never get past the clear drop in performance I saw vs. the lighter-weight RESTful way of doing things.

Fast forward to to the cross-browser standardization of Ajax in JavaScript, and RESTful web services started to surge since SOAP was way too heavy for client-side web page calls. Along the way, a compact way of describing objects and collections of objects called JSON began to steal XML’s thunder as a way to serialize data. While this new REST + JSON pattern of lightweight communication and data serialization got it’s start with the web and JavaScript, it soon found a home in the surging tidal wave of devices that have proliferated over the last decade.

The slow, unreliable wireless data networks that brought Smartphones to life demanded a new level of efficiency when it came to wire protocols. While proprietary, binary protocols ruled in the early days, they finally gave way to something that could work with any device. At Microsoft, we began to make it easier for developers to create REST web services via our Windows Communication Foundation (WCF) and special toolkits in .NET 3.5 and 4.0.  I started using it because of the obvious benefits to wireless-efficiency and also so I could stop having to “roll my own” REST web services using bits and pieces of other technologies.  WCF is a Swiss Army Knife and does lots of things which sometimes makes it overkill when you need to expose simple function calls or data to the Internet via REST.

I’m thrilled to say that our newest, simplest way to create RESTful web services is called the ASP.NET Web API.  Using the power of ASP.NET MVC 4, we’ve delivered a framework that makes it easy to build HTTP services that reach a wide range of clients, including web browsers and most every Smartphone.  I’m using it now to expose enterprise data out to the Internet where it can be easily consumed as collections of JSON objects.  Mobile web browsers can retrieve this data via Ajax calls and store it offline in Web Storage.  Smartphone apps can download and store the data in local databases or serialize it to flash storage as JSON.  I like it!

Take it for a spin.

-Rob

Sync Framework v4 is now Open Source, and ready to Connect any Device to SQL Server and SQL Azure

11 Replies

The profound effects of the Consumerization of IT (CoIT) is blurring the lines between consumers and the enterprise.  The fact that virtually every type of mobile device is now a candidate to make employees productive means that cross-platform, enabling technologies are a must.  Luckily, Microsoft has brought the power to synchronize data with either SQL Server on-premise or SQL Azure in the cloud to the world of mobility.  If you’ve ever synched the music on your iPhone with iTunes, the calendar on your Android device with Gmail, or the Outlook email on your Windows Phone with Exchange, then you understand the importance of sync.  In my experience architecting and building enterprise mobile apps for the world’s largest organizations over the last decade, data sync has always been a critical ingredient.

The new Sync Framework Toolkit found on MSDN builds on the existing Sync Framework 2.1′s ability to create disconnected applications, making it easier to expose data for synchronization to apps running on any client platform.  Where Sync Framework 2.1 required clients to be based on Windows, this free toolkit allows other Microsoft platforms to be used for offline clients such as Silverlight, Windows Phone 7, Windows Mobile, Windows Embedded Handheld, and new Windows Slates.   Additionally, non-Microsoft platforms such as iPhones, iPads, Android phones and tablets, Blackberries and browsers supporting HTML5 are all first-class sync citizens.  The secret is that we no longer require the installation of the Sync Framework runtime on client devices.  When coupled with use of an open protocol like OData for data transport, no platform or programming language is prevented from synchronizing data with our on-premise and cloud databases.  When the data arrives on your device, you can serialize it as JSON, or insert it into SQL Server Compact or SQLite depending on your platform preferences.

The Sync Framework Toolkit provides all the features enabled by theSync Framework 4.0 October 2010 CTP.  We are releasing the toolkit as source code samples on MSDN with the source code utilizing Sync Framework 2.1.  Source code provides the flexibility to customize or extend the capabilities we have provided to suit your specific requirements. The client-side source code in the package is released under the Apache 2.0 license and the server-side source code under the MS-LPL license.  The Sync Framework 2.1 is fully supported by Microsoft and the mobile-enabling source code is yours to use, build upon, and support for the apps you create.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Now some of you might be wondering why you would use a sync technology to move data rather than SOAP or REST web services.  The reason has to do with performance and bandwidth efficiency.  Using SOA, one would retrieve all the data needed to the device in order to see what has changed in SQL Server.  The same goes for uploading data.  Using the Sync Framework Toolkit, only the changes, or deltas, are transmitted over the air.  The boosts performance and reduces bandwidth usage which saves time and money in a world of congested mobile data networks with capped mobile data plans.  You also get a feature called batching, which breaks up the data sent over wireless networks into manageable pieces.  This not only prevents you from blowing out your limited bandwidth, but it also keeps you from using too much RAM memory both on the server and your memory-constrained mobile device.  When combined with conflict resolution and advanced filtering, I’m sold!

I think you’ll find the Sync Framework Toolkit to be an immensely valuable component of your MEAP solutions for the enterprise as well as the ones you build for consumers.

Keep Synching,

Rob

 

Consumerization of IT Collides with MEAP: Windows > Cloud

1 Reply

In my Consumerization of IT Collides with MEAP article last week, I described how to connect a Windows 7 device to Microsoft’s On-Premises servers.  Whether you’re talking about a Windows 7 tablet or laptop, I showed that you can follow the Garter MEAP Critical Capabilities to integrate with our stack in a consistent manner.  Remember, the ability to support multiple mobile apps across multiple mobile platforms, using the same software stack is a key tenant to MEAP.  It’s all about avoiding point solutions.

If you need a refresher on the Gartner MEAP Critical Capabilities, check out: http://robtiffany.com/meap/consumerization-of-it-collides-with-meap-windows-on-premises 

In this week’s scenario, I’ll use the picture below to illustrate how Mobile versions of Windows 7 in the form of slates, laptops, and tablets utilize some or all of Gartner’s Critical Capabilities to connect to Microsoft’s Cloud infrastructure:

image

As you can see from the picture above:

  1. For the Management Tools Critical Capability, Windows 7 uses Windows Intune for Cloud-based device management and software distribution.
  2. For both the Client and Server Integrated Development Environment (IDE) and Multichannel Tool Critical Capability, Windows 7 uses Visual Studio. The Windows Azure SDK plugs into Visual Studio and provides developers with everything they need to build Cloud applications.  It even includes a Cloud emulator to simulate all aspects of Windows Azure on their development computer.
  3. For the cross-platform Application Client Runtime Critical Capability, Windows 7 uses .NET (Silverlight/WPF/WinForms) for thick clients. For thin clients, it uses Internet Explorer 9 to provide HTML5 + CSS3 + ECMAScript5 capabilities. Offline storage is important to keep potentially disconnected mobile clients working and this is facilitated by SQL Server Compact + Isolated Storage for thick clients and Web Storage for thin clients.
  4. For the Security Critical Capability, Windows 7 provides security for data at rest via Bitlocker, data in transit via SSL, & Authorization/Authentication via the Windows Azure AppFabric Access Control Serivce (ACS).
  5. For the Enterprise Application Integration Tools Critical Capability, Windows 7 can reach out to servers directly via Web Services or indirectly through the Cloud via the Windows Azure AppFabric Service Bus to connect to other enterprise packages.
  6. The Multichannel Server Critical Capability to support any open protocol is handled automatically by Windows Azure. Crosss-Platform wire protocols riding on top of HTTP are exposed by Windows Communication Foundation (WCF) and include SOAP, REST and Atompub. Cross-Platform data serialization is also provided by WCF including XML, JSON, and OData. Cross-Platform data synchronization if provided by the Sync Framework. These Multichannel capabilities support thick clients making web service calls as well as thin web clients making Ajax calls. Distributed caching to dramatically boost the performance of any client is provided by Windows Azure AppFabric Caching.
  7. As you might imagine, the Hosting Critical Capability is knocked out of the park with Windows Azure.  Beyond providing the most complete solution of any Cloud provider, Windows Azure Connect provides an IPSec-protected connection with your On-Premises network and SQL Azure Data Sync can be used to move data between SQL Server and SQL Azure.  This gives you the Hybrid Cloud solution you might be looking for.
  8. For the Packaged Mobile Apps or Components Critical Capability, Windows 7 runs cross-platform mobile apps include Office/Lync/IE/Outlook/Bing.

As you can see from this and last week’s article, Windows 7 meets all of Gartner’s Critical Capabilities whether it’s connecting to Microsoft’s On-Premises or Cloud servers and infrastructure.  They great takeaway from the picture above, is Windows 7 only needs to know how to integrate its apps with WCF in the exact same way as is does in the On-Premises scenario.  Windows developers can focus on Windows without having to concern themselves with the various options provided by Windows Azure.  Cloud developers just need to provide a WCF interface to the mobile clients.

When an employee walks in the door with a wireless Windows 7 Slate device, you can rest assured that you can make them productive via Windows Azure without sacrificing any of the Gartner Critical Capabilities.

Next week, I’ll cover how Windows Phone connects to an On-Premises Microsoft infrastructure.

Best Regards,

Rob

Windows Phone 7 Line of Business App Dev :: Uploading Data back to Azure

6 Replies
Looking back over the last 6 months of this series of articles, you’ve created wireless-efficient WCF REST + JSON Web Services in Azure to download data from SQL Azure tables to Windows Phone.  You’ve maintained in-memory collections of objects in your own local NoSQL object cache.  You’ve used LINQ to query those collections and bind results to various Silverlight UI elements.  You’ve even serialized those collections to Isolated Storage using memory-efficient JSON.  So what’s left to do?
Oh yeah, I guess you might want to know how to upload an object full to data back to a WCF Web Service in Azure.  In order to keep this article simple and to-the-point, I’m going to work with a basic Submarine object and show you how to fill it with data and upload it from a Windows Phone or Slate to a WCF REST + JSON Web Service.  Let’s take a look at this object:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Runtime.Serialization;
namespace Models
{
[DataContract()]
public class Submarine
{
[DataMember()]
public int Id { get; set; }
[DataMember()]
public string Name { get; set; }
}
}
It includes just an integer data type called Id, and a string called Name.  As in previous articles before, its decorated with a [DataContract()] and two [DataMember()]s to allow .NET serialization to do its thing.  So the next thing we need to do is create and populate this Submarine object with data, serialize it as JSON, and send it on its way using WebClient.
Below is the method and its callback that accomplishes this:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Net;
using System.Windows;
using Microsoft.Phone.Controls;
using System.IO;
using System.Runtime.Serialization.Json;
using System.Text;
private void AddSubmarine()
{
Uri uri = new Uri(“http://127.0.0.1:81/SubService.svc/AddSubmarine”);
Models.Submarine submarine = new Models.Submarine() { Id = 3, Name = “Seawolf” };
DataContractJsonSerializer ser = new DataContractJsonSerializer(typeof(Models.Submarine));
MemoryStream mem = new MemoryStream();
ser.WriteObject(mem, submarine);
string data = Encoding.UTF8.GetString(mem.ToArray(), 0, (int)mem.Length);
WebClient webClient = new WebClient();
webClient.UploadStringCompleted += new UploadStringCompletedEventHandler(webClient _UploadStringCompleted);
webClient.Headers["Content-type"] = “application/json”;
webClient.Encoding = Encoding.UTF8;
webClient.UploadStringAsync(uri, “POST”, data);
}
void webClient_UploadStringCompleted(object sender, UploadStringCompletedEventArgs e)
{
var x = e.Result;
}
As you can see above, I point the URI at a WCF Service called SubService.svc/AddSubmarine.  How RESTful.  Next, I create an instance of the Submarine object, give it an Id of 3 and the Name Seawolf.  I then use the same DataContractJsonSerializer I’ve been using in all the other articles to serialize the Submarine object to a JSON representation.  Using the MemoryStream, I write the JSON to a stream and then artfully turn it into a string.  Last but not least, I instantiate a new WebClient object, create an event handler for a callback, and upload the stringified Submarine object to the WCF Service.
So where did I upload the Submarine object to?
It takes two to Mango, so let’s take a look.  For starters, it goes without saying that every WCF Service starts with an Interface.  This one is called ISubService.cs:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Runtime.Serialization;
using System.ServiceModel;
using System.ServiceModel.Web;
using System.Text;
namespace DataSync
{
[ServiceContract]
public interface ISubService
{
[OperationContract]
[WebInvoke(UriTemplate = "/AddSubmarine", BodyStyle = WebMessageBodyStyle.Bare, RequestFormat = WebMessageFormat.Json, ResponseFormat = WebMessageFormat.Json, Method = "POST")]
bool AddSubmarine(Models.Submarine sub);
}
}
Unlike previous articles where I had you download data with WebGet, this time I’m using WebInvoke to denote that a PUT, POST, or DELETE HTTP Verb is being used with our REST service.  The UriTemplate gives you the RESTful /AddSubmarine, and I added the Method = “POST” for good measure.  Keep in mind that you’ll need the exact same Submarine class on the server that you had on your Windows Phone to make all this work.
Let’s see what we get when we Implement this Interface:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Runtime.Serialization;
using System.ServiceModel;
using System.ServiceModel.Web;
using System.Text;
using Microsoft.WindowsAzure;
using Microsoft.WindowsAzure.Diagnostics;
using Microsoft.WindowsAzure.ServiceRuntime;
using Microsoft.WindowsAzure.StorageClient;
using System.Configuration;
using System.Xml.Serialization;
using System.IO;
namespace DataSync
{
public class SubService : ISubService
{
public SubService()
{

}

public bool AddSubmarine(Models.Submarine submarine)
{
try
{
if (submarine != null)
{
//Do something with your Deserialized .NET Submarine Object
//… = submarine.Id //… = submarine.Name
return true;
}
else
{
return false;
}
}
catch
{
return false;
}
}
}
}
Here we end up with SubService.svc with the simple AddSubmarine method where you pass in a Submarine object as a parameter.  What you do with this object, I’ll leave to you.  Some might be tempted to INSERT it into SQL Azure.  I’d prefer that you drop it into an Azure Queue and have a Worker Role do the INSERTing later so you can stay loosely-coupled.  Just in case you need a refresher on a REST-based Web.config file, here’s one below:
<?xml version=”1.0″?>
<configuration>
<!–  To collect diagnostic traces, uncomment the section below.
To persist the traces to storage, update the DiagnosticsConnectionString setting with your storage credentials.
To avoid performance degradation, remember to disable tracing on production deployments.
<system.diagnostics>
<sharedListeners>
<add name=”AzureLocalStorage” type=”DataSync.AzureLocalStorageTraceListener, DataSync”/>
</sharedListeners>
<sources>
<source name=”System.ServiceModel” switchValue=”Verbose, ActivityTracing”>
<listeners>
<add name=”AzureLocalStorage”/>
</listeners>
</source>
<source name=”System.ServiceModel.MessageLogging” switchValue=”Verbose”>
<listeners>
<add name=”AzureLocalStorage”/>
</listeners>
</source>
</sources>
</system.diagnostics> –>
<system.diagnostics>
<trace>
<listeners>
<add type=”Microsoft.WindowsAzure.Diagnostics.DiagnosticMonitorTraceListener, Microsoft.WindowsAzure.Diagnostics, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35″
name=”AzureDiagnostics”>
<filter type=”" />
</add>
</listeners>
</trace>
</system.diagnostics>
<system.web>
<compilation debug=”true” targetFramework=”4.0″ />
</system.web>
<!–Add Connection Strings–>
<connectionStrings>

</connectionStrings>

<system.serviceModel>
<behaviors>
<serviceBehaviors>
<behavior>
<!– To avoid disclosing metadata information, set the value below to false and remove the metadata endpoint above before deployment –>
<serviceMetadata httpGetEnabled=”true”/>
<!– To receive exception details in faults for debugging purposes, set the value below to true.  Set to false before deployment to avoid disclosing exception information –>
<serviceDebug includeExceptionDetailInFaults=”false”/>
</behavior>
</serviceBehaviors>
<!–Add REST Endpoint Behavior–>
<endpointBehaviors>
<behavior name=”REST”>
<webHttp />
</behavior>
</endpointBehaviors>
</behaviors>
<!–Add Service with webHttpBinding–>
<services>
<service name=”DataSync.SubService”>
<endpoint address=”" behaviorConfiguration=”REST” binding=”webHttpBinding”
contract=”DataSync.ISubService” />
</service>
</services>
<serviceHostingEnvironment aspNetCompatibilityEnabled=”true” multipleSiteBindingsEnabled=”true” />
<!–<serviceHostingEnvironment multipleSiteBindingsEnabled=”true” />–>
</system.serviceModel>
<system.webServer>
<modules runAllManagedModulesForAllRequests=”true”/>
</system.webServer>
</configuration>
This Web.Config gives you the webHttpBinding you’re looking for to do a REST service.  I even left you a spot to add your own database or Azure storage connection strings.
This article wraps up the Windows Phone 7 Line of Business App Dev series that I’ve been delivering to you since last September.  Who knew I would make fun of OData or have you create your own NoSQL database to run on your phone along the way?  I think I actually wrote the first article in this series from a hotel room in Nantes, France.
But have no fear, this isn’t the end.
In preparation for Tech Ed 2010 North America coming up on May 16th in Atlanta, I’ve been building the next-gen, super-fast, super-scalable Azure architecture designed for mobile devices roaming on wireless data networks.  I’ve spent the last decade building the world’s largest and most scalable mobile infrastructures for Microsoft’s wonderful global customers.  Now it’s time to make the jump from supporting enterprise-level scalability to the much bigger consumer-level scalability.
Yes, I’m talking millions of devices.
No, you won’t have to recreate Facebook’s servers, NoSQL, Memcache, or Hadoop infrastructure to make it happen.  I’m going to show you how to make it happen with Azure in just two weeks so I’m looking forward to seeing everyone in Atlanta in two weeks.
Keep coding,
Rob

What the new App Hub in Windows Phone Mango means for the Enterprise

4 Replies

If you attended MIX 11 or watched it on Channel 9, you might have seen Todd Brix’s session titled “Making Money with your Applications on Windows Phone.”  In this session, Todd talked about all the great things Windows Phone users and developers can expect with the new Marketplace and App Hub in the Mango timeframe.  I just want to focus on two items that will be of great significance to companies and organizations that are looking to build, and privately distribute Windows Phone apps to their employees, partners and customers.

Mango-Sizes

The Beta Distribution Service allows developers to distribute pre-certified apps to an access-controlled set of beta users.  How does it work?

  • The developer selects a list of up to 100 testers.  This number is subject to change based on feedback we get.
  • Developer sends an email to the designated testers that includes a private deeplink that points to the app in the Marketplace.  This allows only the testers to access and download the content since the app is not discoverable in the Marketplace via Search.
  • Only testers selected in the App Hub based on their Windows Live ID can test the app and provide feedback for 90 days.  Yes, the app will “time bomb” after 90 days.
  • The beta cannot be updated.  If you have multiple updates based on testing feedback, you must resubmit them like the first beta and send updated deeplinks to testers.
  • Testers won’t have to unlock their phone in order to beta test the apps.
  • Since there’s no certification requirement, there’s no latency between when you publish a beta app and when your private list of testers can access and download your content.
  • The cost of the beta app must be free.

Takeaway: No matter who you’re building apps and games for, the Beta Distribution Service will allow you to create higher quality content since you can now include beta testing in your development cycle.

The Private Distribution Service allows developers to privately distribute certified apps to a targeted group of users.  How does it work?

  • The app must be certified by Microsoft before distributing.
  • Developer sends an email to the targeted group of users that includes a private deeplink that points to the app in the Marketplace.  Keep in mind that the app is not discoverable in the Marketplace via Search by the general public.
  • A private app can be updated and pushed to the targeted group of users.
  • There are no limits on the number of users or the duration of time that those users can use the app.  This works just like the public Marketplace rules we have today.
  • There is no access enforcement based list of targeted users.  In other words, if an employee at a company shares the deeplink with a fellow coworker, that new person can download the content.  By including appropriate authentication and authorization mechanisms in published apps, you can prevent unwanted users from being able to do anything with the app.
  • Private apps can be free or paid
  • These private apps can be published to the public Marketplace at any time.

Takeaway: This enables the private distribution of released apps to a small or large community of users.  You could use this as an extension of your application beta testing cycle if you want to send out a release candidate to a broader group of testers than the 100 allowed via the Beta Distribution Service.  It’s also a great way to privately send your app to magazines, blogs, and other media channels to be publicly reviewed.

What does this mean for the enterprise?  Those of you who have worked with or administered enterprise software distribution systems, will quickly recognize that the Private Distribution Service doesn’t allow an administrator to push out and restrict software usage to specific organizational groups or roles.  It also doesn’t allow an administrator to uninstall specific apps  from the phones of specific users or groups either.  Lastly, it doesn’t map to an enterprise LDAP service like Active Directory.  You’re probably thinking System Center and this is definitely not that.

That being said, the Private Distribution Service overcomes the single-biggest blocker that company executives have expressed to me as a reason why they might not create and publish apps for Windows Phone.  They don’t want their private corporate apps publicly viewable and/or accessible by the broad general public searching for apps in the public Marketplace.  When they build B2C apps to reach their own customers, this is no problem, but when they build line-of-business apps meant just for their employees or partners, they don’t want these apps to be discoverable.

This means IT departments will be able to build undiscoverable Windows Phone apps for private internal use by the users they designate.  Some of the administrative issues around software distribution can be alleviated by having a corporate IT authority publish Beta and Private apps via a single Windows Live ID.  That publishing administrator can then map users, groups or roles to existing or new Windows Live IDs of employees that need to use the app.  That administrator will be able maintain the application lifecycle through beta testing, publishing, updating and decommissioning.  As I alluded to earlier in the post, once a designated employee has access to the app, her ability to run and access data and various parts of the app can be controlled by on-premise or cloud-based authentication and authorization mechanisms.  This includes things like passing Domain credentials or using claims-based auth.  Your data-in-transit is protected by SSL and your data-at-rest in Isolated Storage is protected by AES encryption.

We’ll be seeing a new Windows Phone, App Hub, and Marketplace before the end of 2011.  Its line-of-business credentials include encryption, private software distribution, server auth mechanisms, the ability to call SOAP and REST web services, socket support, multitasking, background agents, and a local SQL database just to name a few. 

You’ll soon be looking at the most enterprise-ready smartphone on the market.

-Rob