Web Services and the Microsoft Platform

 

June 2006

Payam Shodjai
Microsoft Corporation

Applies to:
   Web Services

Summary: This whitepaper provides a high-level overview of Microsoft support for Web services across its product offerings. Microsoft interoperability efforts and involvement in the Web services standardization process are also discussed. (47 printed pages)

Contents

Introduction
   What Are Web Services?
   Microsoft Support for Web Services
Standards and Interoperability
   Horizontal Web Services Standards
      WS-* Architecture
      Horizontal Standards Bodies
   Vertical Web Services Standards
   Interoperability
Products
   Building Web Services
      Visual Studio 2005 and the .NET Framework 2.0
      Visual Studio Team System
      Web Services Enhancements
      .NET Framework 3.0
      BizTalk Server
   Exposing and Consuming Web Services
      Windows Vista
      Office
      SharePoint Products and Technologies
      Dynamics
      SQL Server
      Xbox Live
      MSN
      Virtual Earth
   Management
      Managing Web Services:
      Systems Management Using Web Services:
Architectural Guidance
Summary
Appendix
   Web Services Specification Support in the Microsoft Developer Platform

Introduction

What Are Web Services?

In recent years, the imperative to connect people, information, and processes has changed the way software is being developed. Successful IT systems increasingly require interoperability across platforms and flexible services that can easily evolve over time. This has led to the prevalence of XML as the universal language for representing and transmitting structured data that is independent of programming language, software platform, and hardware.

Building on the broad acceptance of XML, Web services are applications that use standard transports, encodings, and protocols to exchange information. With broad support across vendors and businesses, Web services enable computer systems on any platform to communicate over corporate intranets, extranets, and across the Internet with support for end-to-end security, reliable messaging, distributed transactions, and more.

Web services are based on a core set of standards that describe the syntax and semantics of software communication: XML provides the common syntax for representing data; the Simple Object Access Protocol (SOAP) provides the semantics for data exchange; and the Web Services Description Language (WSDL) provides a mechanism to describe the capabilities of a Web service. Additional specifications, collectively referred to as the WS-* architecture, define functionality for Web services discovery, eventing, attachments, security, reliable messaging, transactions, and management.

Microsoft Support for Web Services

Since their inception, Web services have formed the foundation of Microsoft's interoperability efforts. In addition to building its entire developer platform around Web services with .NET, Microsoft continues its commitment to the standardization process—driving vendor consensus and interoperability for both horizontal and vertical standards.

In the coming years, Web services will play an even more pivotal role across the Microsoft platform—with new developer offerings, an amplified focus on IT operations and management, expanded offerings for consumers and information workers, innovation in the business applications market and increased community outreach. For developers, the Windows Communication Foundation (WCF) is Microsoft's next generation platform for building secure, reliable, and transacted Web services. For IT Professionals, Windows Server and Microsoft Operations Manager will enable the management of heterogeneous software and hardware systems using WS-Management. For consumers, Windows Vista will support the discovery of and interaction with Web services-enabled devices, such as printers, digital cameras, and home control systems.

In addition, Microsoft's vision for Web services extends beyond support in its own products. As a platform vendor, Microsoft is focused on delivering a Web services platform upon which other vendors and customers can build customized solutions.

Standards and Interoperability

Broad vendor agreement on standards and proven interoperability have set Web services apart from integration technologies of the past. During the ongoing process of interoperability and standardization, Microsoft has driven efforts to create both horizontal as well as industry-specific Web services standards.

Horizontal Web Services Standards

WS-* Architecture

As the Web services market rapidly expanded, the need for advanced standards governing Web services security, reliability, and transactions arose. Microsoft and other vendors across the industry responded to this need by authoring a set of specifications referred to collectively as the WS-* architecture. The goal of these specifications is to provide a blueprint for advanced functionality while retaining the simplicity of basic Web services.

The most important attribute of the WS-* architecture is composability*.* Protocol composability enables incremental development of Web services solutions only as individual requirements (such as security, reliable messaging, attachments, discovery, etc.) are needed. In isolation, each of these requirements solves an elemental need. In composition, they address higher-level functionality commonly required by distributed applications. As such, the WS-* specifications can be used either independently or in combination with one another. This eliminates the complexity and overhead associated with specifications that attempt to define multiple capabilities or are tightly coupled with other specifications. It also enables developers to apply only the specific functionality needed to solve the immediate need. As new application requirements arise, new specifications can be authored without compromising backwards compatibility.

Figure 1. Schematic overview of the WS-* architecture

Horizontal Standards Bodies

To date, hundreds of IT vendors have participated in the Web services standardization process under the sponsorship of the World Wide Web Consortium (W3C), Organization for the Advancement of Structured Information Standards (OASIS) and Web Services Interoperability Organization (WS-I).

W3C

The cornerstone for Web services was laid in 1998, when the W3C released XML 1.0. Since then, the W3C has played a key role in the standardization of Web services, releasing such specifications as WSDL, SOAP, WS-Addressing, and Message Transmission Optimization Mechanism (MTOM). Microsoft continues to play an active role in the W3C, holding chairperson seats on the WSDL and WS-Policy Working Groups. Microsoft is also a member of the Web Services Coordination Group.

OASIS

OASIS has produced key Web services security specifications, including WS-Security and SAML. Microsoft holds officer seats on the Board of Directors, Executive Committee, and Board Process and Policy Committee. In addition, Microsoft co-sponsored the creation of Universal Description Discovery and Integration (UDDI), Business Process Execution Language (BPEL), eXtensible rights Markup Language (XrML), WS-Security and WS-ReliableExchange Technical Committees.

WS-I

As Web services specifications started to emerge, it became clear that the grouping of specifications into "profiles" was essential for increased interoperability. As such, Microsoft and others in the industry founded WS-I—an open industry organization chartered to promote Web services interoperability. WS-I has released the most widely adopted Web services profiles, including WS-I BasicProfile. It has also released a variety of tools for conformance testing.

Vertical Web Services Standards

The agreement on horizontal Web service standards, such as XML, SOAP, and the WS-* architecture created the foundation for the emergence of vertical Web services standards. Microsoft has played an active role in the creation of these standards, driving over a dozen vertical standards in the education, health care, finance, automotive, and telecommunication industries through working relationships with the following standards bodies:

• Association for Cooperative Operations Research and Development (ACORD)
• Association for Retail Industry Standards (ARTS)
• Automotive Industry Action Group (AIAG)
• Clinical Data Interchange Standards Consortium (CDISC)
• Continental Automated Buildings Association (CABA)
• Distributed Management Task Force (DMTF)
• EAN International and the Unified Code Council (EAN.UCC)
• EPCglobal
• European Forum for Electronic Business (EEMA)
• Financial Information eXchange (FIX/FPL)
• Health Level Seven (HL7)
• Human Resources XML (HR-XML)
• IMS Global Learning Consortium (IMS)
• Interactive Financial eXchange Forum (IFX)
• OPC Foundation (OPC)
• Open Financial Exchange Consortium (OFX Consortium)
• Open Travel Alliance (OTA)
• RosettaNet
• Schools Interoperability Framework (SIF)
• Society for Worldwide Interbank Financial Telecommunications (SWIFT)
• TeleManagement Forum (TM Forum)

Highlights of Microsoft's current working relationships with vertical standards bodies include:

• Automotive Industry Action Group (AIAG)—AIAG is an association of companies involved in the automotive industry charged with developing standards for the automotive supply chain. Microsoft is a sponsoring board member. It co-sponsored a project to define the functional requirements and recommended guidance needed to drive service-oriented architectures (SOA) for next-generation automotive supply chain scenarios leveraging Web services.
• Distributed Management Task Force (DMTF)—DMTF is an industry organization leading the development of management standards such as WS-Management. Microsoft co-founded this organization and is currently a board member.
• EPCglobal—EPCglobal leads the development of industry-driven standards for the Electronic Product Code (EPC) to support the use of Radio Frequency Identification (RFID) in trading networks. Microsoft is participating in the Reader Protocol and Reader Management working groups of EPC Global Software Action Group. Microsoft has also submitted XML message formats for the Reader Protocol specification and recently made contributions to the Reader Management specification.
• Health Level Seven (HL7)—HL7 is one of several American National Standards Institute (ANSI)–accredited Standards Developing Organizations (SDOs) operating in the healthcare arena. Microsoft has been driving the submission of three Web services specifications (WS-Addressing, WS-Security and WS-ReliableMessaging) as an update of the HL7 Web Services Basic Profile.
• IMS Global Learning Consortium—The IMS Global Learning Consortium develops standards for learning technology and several IMS specifications have become worldwide de facto standards for delivering learning products and services. ** Microsoft is a member of the Technical Board, helping IMS define and deliver e-Learning standards with prescriptive guidance for WS-Security, Addressing and MTOM-based attachments.
• Open Financial Exchange Consortium—The OFX Consortium leads the development of standards for the electronic exchange of financial data. Over 2000 banks and brokerage firms as well as major payroll processing companies use OFX. Microsoft is co-founder of the OFX Consortium and is currently working on OFX 2.0 extensions.
• RosettaNet—RosettaNet is a global standards organization that promotes collaborative commerce. Billions of dollars are transacted each year using RosettaNet standards. Microsoft currently hold seats on the Executive and Architectural Advisory Councils, driving RosettaNet's next-generation architectural specifications and integration framework based on Web services.
• TeleManagement Forum—The TM Forum is a global standards body for communications services, contributing to the Information and Communications Services (ICS) industry for over 15 years. Microsoft has been driving the creation of a specification for enabling Operations/Business Support Systems (OSS/BSS) functions to be exposed as Web services.

Interoperability

In addition to broad participation in the Web services standards process, Microsoft has also driven real-world interoperability. Interoperability of the WS-* architecture is ensured by two processes: the submission of specifications to standards bodies, such as OASIS and the W3C, and the Web Services Workshop Process. Submission to standards bodies guarantees thorough review of the specifications by a technical committee of subject matter experts across the industry. The Web Services Workshop Process, which provides a channel for community and industry feedback, is based on the Internet Engineering Task Force (IETF) principle that requires at least two interoperating implementations of a specification before submission to standards bodies. The complementary nature of these processes is key to reconciling outlier specifications and achieving widespread industry support of common protocols for interoperability.

To date, Microsoft and more than 70 other vendors have participated in the WS-* process. With many of the specifications either standardized or submitted to standards bodies, vendors are shifting their attention to the implementation of the WS-* architecture. Developers can expect interoperability across vendor products that implement these specifications, enabling businesses to build heterogeneous systems that connect by design. Microsoft already provides early implementations of several WS-* specifications in Web Services Enhancements (WSE) and will provide an implementation of the entire WS-* architecture with WCF, which is currently in Beta 2.

Products

At its core, Microsoft is a platform company and is committed to providing a rich ecosystem for building and managing connected systems. Microsoft has invested heavily in Web services, building its entire next generation developer platform around Web services with Microsoft .NET.

From building Web services, to consuming them, to managing them—Microsoft provides comprehensive Web services support across its entire range of product offerings.

Building Web Services

Visual Studio 2005 and the .NET Framework 2.0

The .NET Framework 2.0 is Microsoft's managed code programming model and runtime for building applications on the Windows platform. Visual Studio is the professional development environment for building these applications. Together, Visual Studio and the .NET Framework 2.0 are designed to improve developer productivity and increase application reliability and security by providing a fully managed application environment. Developers can build high-performance, multi-tier applications for Windows and the Web, and use the .NET Compact Framework to build smart device software for mobile devices.

The .NET Framework provides Web services support that enables the more than 3.5 million .NET developers to develop, discover, debug, deploy, and consume Web services using any of the more than 20 programming languages supported on .NET. Furthermore, the .NET Framework supports WS-I Basic Profile for cross-platform interoperability. This allows .NET applications to consume and expose Web services that interoperate with virtually any application, regardless of programming language or platform.

Visual Studio's "Add Web Reference" dialog box automatically generates proxy code for WSDL-defined Web services, enabling consumption of Web services in Windows, Web, Mobile and Office-based applications.

Visual Studio also makes it easy for developers to publish and locate Web services in UDDI. From the start page of Visual Studio, developers can publish information about their Web Services directly to UDDI. As developers create new services, they can make them known across the enterprise directly from Visual Studio. By connecting to UDDI through the "Add Web Reference" dialog box, a developer may locate available Web Services.

Figure 2. The Add Web Reference dialog box in Visual Studio automatically generates proxy code from WSDL. (Click image to see larger version.)

Visual Studio also supports unit testing and load testing of Web services. Web services operations can be called directly from unit tests, much like local code. In addition, Visual Studio provides attributes and methods specifically for testing Web services.

Lastly, Visual Studio Tools for Office (VSTO) brings the power of Visual Studio and the .NET Framework 2.0 to business solutions built on Word and Excel. All Web services functionality offered by the .NET Framework can be exposed through Word and Excel solutions. As a result, developers can expose, consume, manage, and debug Web services within these solutions.

Visual Studio Team System

Visual Studio Team System (VSTS) expands the Visual Studio product line to include new software lifecycle tools for operations managers, architects, testers, project managers, and developers. Released in November 2005, VSTS reduces the complexity of delivering distributed applications and facilitates communication among members of a software team.

For developers building Web services-enabled software, VSTS extends the core capabilities of Visual Studio 2005, enabling architects to work in teams to visually design collections of Web services and validate a distributed application's architectural design against the requirements of the deployment environment. Developers can define and modify Web methods for ASMX Web services graphically, alleviating the need to manually edit configuration files to specify Web services configuration information. VSTS also gives IT Professionals the tools to graphically specify Web services settings and constraints, such as authentication and security requirements.

Figure 3. The VSTS designer visualizes interactions between collections of Web services. (Click image to see larger version.)

VSTS includes Visual Studio Team Test (TT), an integrated Visual Studio component that enables code generation of test method stubs, code coverage analysis and running of tests inside the IDE. This functionality is useful for Web services developers that want to perform regression tests and performance tests. Since Web services generally expose a Web page for manual invocation, one can also use the integrated Web testing recorder to quickly record a series of Web services tests. Once activities against the target Web site are recorded, test code is generated and can be extended with further customization.

Lastly, Visual Studio Team Foundation Server (a part of VSTS) is the team collaboration server providing functionality such as version control, work item tracking, and enterprise project management for VSTS clients. Partners can extend Team Foundation Server through a set of Web services.

Web Services Enhancements

While Visual Studio and the .NET Framework 2.0 provide support for the development of basic Web services, customers in recent years have required advanced Web services functionality, including end-to-end security, routing and message attachments. Web Services Enhancements (WSE) 3.0 is a fully supported extension of the .NET Framework 2.0 and add-on to Visual Studio 2005 for building secure Web services. Released in November 2005 to coincide with the release of Visual Studio 2005, WSE 3.0 implements the latest industry-supported WS-* specifications.

Now that the WS-Security family of specifications has, to a large extent, solidified, the main goal for WSE 3.0 is to provide developers with the first complete implementation of these security specifications. As such, WSE 3.0 supports the following WS-* specifications (see Appendix for versioning information):

• XML, SOAP, WSDL
• WS-Security
• WS-Trust
• WS-SecureConversation
• WS-Addressing
• MTOM

The focus on security was also one of the reasons why WSE 3.0 supports MTOM. Securing attachments over Direct Internet Message Encapsulation (DIME) requires transport-level security, whereas MTOM attachments can be secured by using either transport- or message-level security. As a result, developers can secure Web services attachments by taking advantage of some of the benefits of message-level security, such as end-to-end security and support for different credential types.

WSE 3.0 also introduced a set of "turnkey" security scenarios. These scenarios are high-level security building blocks that allow developers to concentrate on the business logic of a service in the knowledge that the underlying Web services communication is secure. The new configuration editor has also made creating and maintaining WSE policy files much easier. A GUI wizard creates and configures turnkey scenarios, without the developer having to resort to the XML representation of the policy file. WSE 3.0 also defines security sessions via policy, such that any given service can also act as a Security Token Service (STS).

Figure 4. The WSE Security Settings Wizard generates policy files for turnkey security scenarios. (Click image to see larger version.)

One of the main objectives of the WSE 3.0 release is to provide a path to WCF, the unified programming model and runtime for building secure, reliable and transacted Web services. WSE 3.0 offers interoperability with WCF when using the turnkey security scenarios and also provides some programming model parity with WCF.

.NET Framework 3.0

In parallel to the development of WSE, Microsoft has been developing the .NET Framework 3.0, its next-generation managed code programming model for building applications on the Windows platform. The .NET Framework 3.0 enables developers to create visually stunning, connected, and workflow-enabled applications. It will ship as a core part of Windows Vista and will also be available on Windows XP and Windows Server 2003 through the .NET Framework 3.0 Runtime Components. The main components of the .NET Framework 3.0 for building and leveraging Web services are WCF, the Windows Workflow Foundation (WF) and Windows CardSpace.

Windows Communication Foundation

WCF is Microsoft's unified programming model and runtime for building Web services applications with managed code. It extends the .NET Framework with functionality to build secure, reliable, and transacted Web services that interoperate across platforms.

WCF is built from the ground-up to combine and extend the capabilities of existing Microsoft distributed systems technologies, including Enterprise Services, System.Messaging, .NET Remoting, ASMX, and WSE, to deliver a unified development experience based on Web services.

WCF supports the WS-* architecture, enabling the development of interoperable Web services that incorporate end-to-end security, reliability and transaction support:

• Messaging: XML, SOAP, WS-Addressing, and MTOM

WCF supports both Representational State Transfer (REST) and SOAP-based Web services. WCF also supports WS-Addressing, which defines additions to the SOAP header for addressing SOAP messages. This frees SOAP from relying on the underlying transport protocol for addressing information. MTOM defines an optimized transmission format for attachments in SOAP messages based on the XML-binary Optimized Packaging (XOP) specification.

• Metadata: WSDL, WS-MetadataExchange, WS-Policy, and WS-SecurityPolicy

WCF supports the Web Services Description Language (WSDL), which defines a standard language for specifying services and various aspects of how those services can be used. WCF also supports WS-Policy and WS-SecurityPolicy to describe more dynamic aspects of a service's behavior that cannot be expressed in WSDL, such as a preferred security option. Lastly, WCF's support for WS-MetadataExchange means that clients can request service metadata, such as the WSDL and policies for a service, via SOAP.

• Security: WS-Security, WS-Trust, and WS-SecureConversation

WCF supports both transport-level security via SSL and message-level security, by implementing WS-Security, WS-Trust, and WS-SecureConversation. These specifications define additions to SOAP for message-level protection, integrity, authentication, and identity federation. Message-level security is not limited to a single type of credential and gives developers more granular control over which message parts should be secured.

• Reliability: WS-ReliableMessaging

WCF supports WS-ReliableMessaging, which defines additions to the SOAP header that enable reliable end-to-end communication, even when multiple SOAP intermediaries are traversed. WS-ReliableMessaging can guarantee that a message arrives, that it arrives exactly once and that it arrives in order.

• Transactions: WS-Coordination, WS-AtomicTransaction

WCF supports WS-Coordination and WS-AtomicTransaction, enabling two-phase commit transactions over SOAP-based exchanges.

Figure 5. The WCF programming model enables developers to specify communication settings in code or XML configuration files. (Click image to see larger version.)

In addition to implementing the WS-* architecture, WCF also provides opportunities for new messaging scenarios with support for TCP, named pipes, P2P and custom transports. More flexibility is also available around hosting Web services. Windows Forms applications, Windows Presentation Foundation applications, ASP.NET applications, console applications, Windows services and COM+ services can all easily host Web services endpoints over different transports. WCF also has many options for digitally signing and encrypting messages, including the following token support: Kerberos, X.509, Username, and Security Assertion Markup Language (SAML).

Windows Workflow Foundation

Another new feature in the .NET Framework 3.0 used for the development of Web services is WF. WF is the programming model, engine, and tools for quickly building workflow-enabled applications on Windows. It provides a common framework for building workflows into Windows applications, whether those workflows coordinate interactions among software, people, or both.

WCF and WF are complementary building blocks for distributed application development. Workflows can drive the business process for a given service. Similarly, workflows in turn often need to interact with services to carry out a business process. As such, WCF and WF can be used to create workflow-enabled services and service-enabled workflows.

WF ships with a base activity library that includes activities for consuming and exposing services. This means that developers can create service-enabled workflows directly from within the workflow designer. Because WF provides native support for hosting and consuming services, developers can easily create composite applications that invoke other business logic.

Figure 6. WF ships with a base activity library that includes activities for consuming and exposing Web services. (Click image to see larger version.)

Windows CardSpace

Another key component of the .NET Framework 3.0 is Windows CardSpace—the codename for a new technology that enables users to manage and more safely exchange their personal identity information online. It helps address the problems of password fatigue and online fraud such as phishing by replacing insecure username and passwords with cryptographically strong security tokens. Windows CardSpace is built on top of WCF and implements the core of the Identity Metasystem, using standard protocols to securely negotiate, request, and broker identity information between trusted identity providers and requestors.

While Windows CardSpace is built specifically for Windows, it uses standard WS-* protocols for all communications between the client, the Web site, and the identity provider (such as an employer, government agency or a bank). This means that the Web site and the identity provider can potentially be running on entirely different platforms and technologies. Furthermore, Microsoft is working with others in the industry to help them create Windows CardSpace-like user experiences on other platforms that work in a similar manner to Microsoft Windows CardSpace, helping ensure that users are protected from identity fraud regardless of their chosen platform.

Grounded in the WS-* architecture, Windows CardSpace uses the following Web services specifications to implement the necessary identity exchange protocols:

• WS-MetadataExchange is used to obtain the Web site's security policy, which defines what type of token and which claims the Web site requires.
• WS-MetadataExchange is used to obtain the policy of the identity provider and defines what security policy Windows CardSpace must use in order to obtain the user's token.
• WS-Trust is used to obtain a security token from the identity provider.
• WS-Security and WS-SecureConversation are used to secure conversations between Windows CardSpace and the identity provider.

Figure 7. Windows CardSpace uses the WS-* architecture to implement the necessary identity exchange protocols.

BizTalk Server

Complementary to the .NET Framework 3.0 technologies is BizTalk Server, a server product that enables customers to integrate systems, employees and trading partners. Web services play a key role in systems integration. As such, BizTalk Server supports the consumption of Web services as part of a business process, exposing business processes and line-of-business applications as Web services. It also provides support for SOAP, UDDI, WSDL, WS-Security, WS-Trust, and WS-SecureConversation through ASMX and WSE adapters. The WSE adapter is a "no-code" connectivity solution that integrates secure Web services with BizTalk Server. The WSE adapter can also be used to securely call Web services and publish BizTalk orchestrations as Web services. BizTalk Server 2006 adds the ability to call Web services through pub/sub-style messaging and provides a WCF adapter for incorporating WCF Web services into business processes.

Figure 8. BizTalk Server makes it easy to expose business processes as Web services. (Click image to see larger version.)

BizTalk Server also integrates with InfoPath via Web services. Together, BizTalk and InfoPath make it easier to create business process solutions that involve information workers. InfoPath allows information workers to gather and manage business data in XML, providing the integral desktop piece of the business process solutions puzzle. BizTalk Server then acts as the central orchestration point. InfoPath XML schemas can be opened inside the BizTalk Server management tools and InfoPath documents can be sent to BizTalk Server via Web services.

Exposing and Consuming Web Services

In addition to providing a rich developer platform for building Web services, Microsoft has built Web services support into its entire line of product offerings by exposing key product features as Web services. Both Microsoft's products and partner products consume these services to provide end-users with greater connectivity and better user experiences.

Windows Vista

Windows Vista is the next release of the Windows client operating system that makes it easier to build applications that are more secure, reliable, and manageable. Windows Vista also enables developers and designers to create user-experience breakthroughs that improve usability and enable greater relevance to the work users do. Finally, Windows Vista makes it easy to connect to information, systems, people, and devices though a number of innovative integration technologies.

For managed code solutions, Windows Vista provides extensive Web services support through WCF, a core component of the .NET Framework 3.0. Windows Vista also implements WS-Discovery to support the Device Profile for Web Services (DPWS). DPWS provides standards-based connectivity to network devices including printers, wireless cameras, projectors, and more. The DPWS lightweight protocol fits into small devices and enables a new wave of experiences with across-the-Internet connectivity between devices, PCs and Web services. Web Services on devices allows devices and PCs to connect to each other across the Internet, even as they roam and change IP addresses. For partners, this provides a rich platform for product differentiation, device interoperability, and services opportunities.

Web service-enabled devices under development by partners include:

• Network-connected printers that provide rich eventing and services integration (e.g. auto-reordering when print cartridge is near empty).
• Wireless projectors that support discovery and wireless presentation viewing.
• Home control systems that can synchronize with Web services and can be controlled by the owner remotely.
• Roaming IP-based cameras that can auto-synchronize photos with home PCs, Web services and even other roaming cameras.
• Home routers that provide QoS provisioning and UPnP bridging.

Figure 9. Windows Vista support for DPWS enables wireless projector discovery.

Office

Also to be released in the Vista timeframe is Office 2007, Microsoft's latest productivity suite for information workers. In addition to this suite of office applications, the Office System delivers a collection of integrated tools and services that can help developers build business solutions using Web services.

Office 2003 offers the Office Web Services Toolkit, an add-on to Visual Basic for Applications (VBA) that enables Office applications to consume Web services. Developers can use the toolkit to discover Web services in UDDI registries and consume services from within the VBA editor. For managed code solutions, developers can use VSTO to take advantage of the productivity and power of Visual Studio and the .NET Framework 2.0 to build more advanced Office applications.

Figure 10. The Office Web Services Toolkit enables developers to consume Web services inside of Office applications. (Click image to see larger version.)

In addition to providing developers with the tools to add Web services support to Office applications, Office products have built-in support for consuming Web services:

• InfoPath has built-in support for binding to data through Web services. It includes data connection tools that simplify the consumption of Web services and supports schema-based forms validation.
• Visio has built-in support for consuming database-driven Web services, such as Web services exposed by SQL Server's relational database.
• The Research Pane in Office applications consumes Web services and displays useful information such as thesaurus or encyclopedia look-ups. It can also be customized to offer branded content. For example, it can display information from Amazon's catalog of books, enabling users to find and examine detailed information about books from within the current working environment of an Office document.

Figure 11. The Research Pane in Office applications consumes Web services to return results.

SharePoint Products and Technologies

Windows SharePoint Services (WSS) is leveraged heavily by Office and provides a platform for information worker collaboration. WSS is a component of Windows Server for creating team-based Web sites that enable information sharing and document collaboration. WSS provides team services and sites to the Office System and other desktop applications. It also serves as a platform for application development and is the engine for all SharePoint sites. Including such IT resources as portals, team workspaces, e-mail, presence awareness, and Web-based conferencing, WSS enables users to locate distributed information quickly and efficiently, as well as connect to and work with others more productively.

Web services play a key role in enabling this connectivity, especially when it comes to remotely managing a deployment of SharePoint sites or interacting with a SharePoint site via a smart client application. A set of Web services enables management of list alerts, forms, picture libraries, meeting workspaces, users/groups/cross-site groups and Web parts:

• Administration—Provides methods for managing a deployment of WSS, such as for creating or deleting sites.
• Alerts—Provides methods for working with alerts for list items in a SharePoint site.
• Document Workspace—Provides methods for managing Document Workspace sites and the data they contain.
• Forms—Provides methods for returning forms used in the user interface when working with the contents of a list.
• Imaging—Provides methods that create and manage picture libraries.
• List Data Retrieval—Provides a method for performing queries against lists in WSS.
• Lists—Provides methods for working with lists and list data.
• Meetings—Provides methods that create and manage Meeting Workspace sites.
• Permissions—Provides methods for working with the permissions for a site or list.
• Site Data – Provides methods that return metadata or list data from sites or lists in WSS.
• Sites—Provides a method for returning information about the site templates for a site collection.
• Users and Groups—Provides methods for working with users, site groups and cross-site groups.
• Versions—Provides methods for working with file versions.
• Views—Provides methods for working with views of lists.
• Web Part Pages—Provides the methods to send information to and retrieve information from Web services. Web Parts communicate with one another using Web services.
• Webs—Provides methods for working with sites and sub sites.

Microsoft's Web Part Toolkit for SharePoint Products and Technologies leverages the Web Services for Remote Portlets (WSRP) specification, enabling developers to build portlets that interact with other portal sites, regardless of the business system they use. This toolkit complements a variety of already available standards-based integration technologies, including the XML Data View Web Part. The WSRP Web Part Toolkit includes a ready-to-install "consumer" component that displays WSRP portlet services provided by a variety of vendors within Web Part pages hosted by WSS.

For developers interested in making SharePoint site content available over WSRP Web services, Microsoft is also providing WSRP Web Services Toolkit for SharePoint Products and Technologies. This toolkit provides samples of how to create and deploy WSRP-compliant Web services, making it even easier for businesses to leverage SharePoint application functionality and content from other portals.

SharePoint Portal Server (SPS) uses WSS sites to create portal pages for people, information and organizations. SPS extends the capabilities of WSS sites with organization and management tools, and enables teams to publish information in their sites to the entire organization. SPS exposes Web services to conduct searches, manage MySites and content taxonomy.

Dynamics

Information worker collaboration is an important foundation for streamlining processes across any business. Microsoft Dynamics—formerly known as Microsoft Business Solutions—provides business management solutions for streamlining industry-specific business processes. It includes a set of products that automate and help improve financial, customer relationship and supply chain management. Dynamics includes applications and services for retailers, manufacturers, wholesale distributors, and service companies, doing business domestically or in multiple countries.

Microsoft Dynamics can be broken down into solutions for Customer Relationship Management (CRM), Enterprise Resource Planning (ERP) and Financials:

• CRM: Dynamics CRM
• ERP: Dynamics Axapta, Dynamics Great Plains, Dynamics Solomon, and Dynamics Navision
• Financials: Small Business Financials

Dynamics CRM is built on top of a Web services layer that exposes all major CRM features as WS-I BasicProfile-compliant Web services, enabling developers to programmatically work with CRM data and execute CRM business logic. Business operations exposed through this Web services layer include sales force automation, marketing automation, customer service management, activity management, service scheduling, calendaring, email management, and workflow.

Future versions of Dynamics CRM and ERP will expose Web services APIs that use consistent schemas, operation naming, and .NET event patterns. Microsoft Small Business Financials uses Web services to provide data integration between the rich client and a set of value-added Web applications, including payroll and credit card processing, reducing the need to re-enter data.

SQL Server

Released in November 2005, SQL Server 2005 is a database platform providing data management with integrated Business Intelligence (BI) tools. The SQL Server 2005 database engine provides secure, reliable storage for both relational and structured data, allowing developers to build and manage highly available and high-performance data applications.

SQL Server's core components fall into two categories: Enterprise Data Management and Business Intelligence. The Enterprise Data Management components include Notification and Replication Services. The Business Intelligence components include Reporting, Analysis, and Integration Services.

SQL Server core functionality can be exposed as Web services. For example, SQL Server's relational database can be queried through Web services calls to stored procedures and T-SQL batches (SELECT, INSERT, UPDATE). These Web services support WS-Security and can authenticate requests based on Windows authentication over HTTP or username authentication over HTTPS. WCF can be used to write clients that interoperate with SQL Server on these secure scenarios.

Figure 12. SQL Server core functionality is exposed as Web services. (Click image to see larger version.)

Additional SQL Server functionality exposed as Web services:

• SQL Server Reporting Services exposes its entire API as Web services and can consume Web services as data sources.
• SQL Server Integration Services can connect to Web services in the Data Flow.
• SQL Server Analysis Services exposes Web services according to the XML for Analysis (XML/A) protocol.

Figure 13. SQL Server Reporting Services can consume Web services as data sources. (Click image to see larger version.)

Xbox Live

In addition to exposing Web services from business applications, Microsoft's consumer-focused software also exposes Web services. Xbox Live exposes Web services for game publishers to access game data. Launched in 2002, Xbox Live is a subscription-based online gaming service for Xbox and Xbox 360 video game consoles. Using it, gamers can chat with their friends and family, compare statistics and achievements, get full access to Xbox Live Marketplace, and more.

Xbox Live exposes a collection of Web services that enable partner game publishers and developers to extend the Xbox Live online experience to the Web. Game publishers can further their game's reach while building a vibrant Web community. Many key features of Xbox Live are exposed as SOAP-based Web services:

• Account Management: For tools that manage accounts internally
• Teams: Enables game developers to implement Xbox Live teams
• Friends & Presence: Enables game developers and publishers to recreate the Xbox Live Friends List.
• Messaging: Enables game developers to send messages via the Xbox Central developer site.
• Competitions & Query: Enables game developers to create and manage competitions.
• Alerts: Used internally by Xbox.com to send alerts that are triggered by gamers doing a specific action (e.g. logging-in, sending a friend request, etc.) on Xbox Live.
• Storage: Enables game developers to retrieve files from the Xbox Live service while on the Web.
• Signature: Used to sign and secure internal files.
• Statistics: Enables games to enumerate in-game leader boards on the Web. Most compelling implementations use the Friends and Statistics APIs together to build personalized leader boards of a player and his or her friends.

Figure 14. Halo 2 is the most popular Xbox game that uses Xbox Live Web services.

MSN

Another key consumer offering that exposes and consumes Web services is MSN. MSN is Microsoft's network of consumer Internet services, including MSN Communication Services (Hotmail and MSN Messenger), MSN Information Services (MSN.com and MSNBC.com) and Internet access services (MSN 9). MSN is among the top three Internet portals of the world with more than 440 million unique users monthly, 215 million active Hotmail accounts and 185 million active Messenger accounts.

Support for Web services spans the entire spectrum of MSN offerings:

• MSN Money Quotes service is used to provide stock quotes to the MSN properties and partner sites. For example, stock quote information is provided to MSN Search via Web services.
• myEBay component in myMSN communicates with eBay's SOAP-based Web services.
• MSN Rating and Reviews service is a Web Service consumed by MSN properties.
• MSN Encarta exposes Web services consumed by other MSN properties, such as MSN Search.
• All MSN RSS feeds are implemented as publicly accessible Web services.

Figure 15. The MSN Money Quotes service provides stock quotes to the MSN Money Web portal.

Virtual Earth

Virtual Earth, another consumer offering, is an online mapping service that offers both aerial and satellite imagery. MapPoint Web Services (MWS) is a set of Web services hosted by Microsoft and used by enterprises and independent software developers to integrate location-based services such as maps, driving directions and proximity searches into software applications and business processes. MWS has been operational since 2002 and currently handles over 20 million transactions a day. The Virtual Earth imagery will be integrated with MWS offerings in the future.

Figure 16. Virtual Earth uses MWS to get routing information. (Click image to see larger version.)

MapPoint Location Server, a separate add-on product to MWS hosted on the customer's premises, gives developers a set of Web services APIs to acquire the real-time location of mobile phones. It acts as a middle-tier service between client devices, the location service of a mobile operator, and MWS to bring together mapping and routing services. It can also find nearby points of business or personal interest based on the location of the user. With MapPoint Location Server, developers can build location-based service applications that target mobile devices such as Pocket PCs and wireless-enabled mobile computers. Microsoft MapPoint Location Server works in conjunction with MWS technology.

Management

Managing Web Services

Windows Communication Foundation Management

In addition to providing a programming model for building Web services, WCF ships with a set of tools and management features that make it easier for IT Professionals to create, deploy, configure, and monitor Web services.

The WCF support for management can be broken down into two categories: tools and instrumentation. Tools, including the WCF Configuration Editor, optimize manual tasks, such as modifying configuration files. Other management features, such as performance counters, fall into the instrumentation category. Management tools can display data exposed by WCF instrumentation and monitor the health of WCF applications.

The following management instrumentation is built into WCF:

• Tracing: WCF implements End-to-End (E2E) Tracing, a Microsoft specification for message tracing across systems. Tracing can be turned on for any WCF application and captured as trace logs. IT Professionals can then open trace logs from multiple WCF applications in the TraceViewer Tool to get a holistic overview of how a message traveled through the system.
• Performance Counters: WCF implements a set of performance counters that monitor the health of a WCF application. Performance counters can be viewed in the Microsoft Management Console (perfmon.exe).
• Windows Management Interface (WMI): WCF supports WMI, a management technology for monitoring the health of Windows applications. Tools such as WMI Common Information Model (CIM) Studio can be attached to WCF applications to reveal information such as the size of the incoming buffer, what service is currently active and which binding is being used. CIM Studio also allows IT Professionals to change certain service settings at runtime.

To visualize the data exposed by WCF instrumentation and optimize manual tasks, WCF ships with the following management tools:

• Service Trace Viewer: Visualizes tracing across systems, even MSMQ.
• Service Configuration Editor: A graphical tool that enables developers to create and modify configuration settings for WCF applications.
• Service Model Metadata Utility Tool: A command-line tool that generates a proxy from WSDL.
• COM+ Service Model Configuration Tool: Configures COM+ interfaces to be exposed as WCF services.
• WS-AT Configuration Tool: A graphical tool used to configure Microsoft Distributed Transaction Coordinator (MSDTC) for interoperable transactions using the WS-AtomicTransaction protocol.

Figure 17. The WCF Service Trace Viewer gives a holistic overview of how a message traveled through the system. (Click image to see larger version.)

Figure 18. The WCF Service Configuration Editor makes it easy for developers to visually create and modify WCF endpoints.

Figure 19. DTC can be configured for interoperable transactions using WS-AtomicTransaction.

Microsoft Operations Manager

For more advanced Web services monitoring, IT Professionals can use Microsoft Operations Manager (MOM). MOM is used by IT Professionals to administer servers and applications. It enables the management of in-band resources including heterogeneous software, Web services, and operating system components.

Microsoft Operations Manager (MOM) management packs are a collection of rules that monitor a wide array of server health indicators. MOM 2005 introduces a new management pack for Web sites and services that simplifies the management of Web services within an enterprise, including tests of availability and performance, trend monitoring, and notifications of failure or service degradation.

In previous versions of MOM, Web site monitoring was limited to basic "ping"-type rules that provided minimal information about the state of the Web application or Web service. The new Web Site and Services Management Pack (WSSMP) allows IT Professionals to build rules that are aware of the details of the HTTP request and the data returned by a Web service.

WSSMP uses a wizard to collect data and create rules for monitoring Web services. It gathers information about the request, as well as the criteria used to determine whether the application is performing as expected. The WSSMP rules are designed to monitor a Web service remotely, using a MOM agent to run the rules against an HTTP server that may or may not be directly monitored by MOM. Once the WSSMP rules are deployed, agents run the rules and send requests via a managed code response.

Figure 20. WSSMP uses a wizard to collect data and create rules for monitoring Web services. (Click image to see larger version.)

Systems Management Using Web Services

Microsoft Operations Manager

MOM not only simplifies the management of Web services; it also simplifies systems management through the use of Web services. It enables the management of out-of-band resources including hardware processors from Intel, Sun, AMD, and others. The MOM Connector Framework (MCF) is a Web services-based technology for connecting MOM to other management platforms, enabling full bidirectional alert forwarding and synchronization. This means that alerts from partner management platforms can be reported to MOM.

MCF also allows alerts to be taken outside of MOM and inserted into other management systems. These alerts are then kept in sync and MOM is updated once these outside alerts are resolved. Consuming instrumentation data will become even easier in the follow-up version to MOM 2005, which will have built-in support for WS-Management. This will significantly reduce the need to write custom scripts to consume instrumentation data exposed through WS-Management.

Figure 21. MCF is a Web services-based technology for connecting MOM to other management platform, enabling full bidirectional alert forwarding and synchronization.

Windows Server R2

Windows Server R2 (R2) also uses Web services to simplify systems management. R2, an update release to the Windows Server 2003 operating system, provides a more efficient way to manage and control access to local and remote resources while easily integrating into existing Windows Server 2003 environments. R2 provides a scalable, security-enhanced Web platform and enables new scenarios including simplified branch server management, improved identity and access management, and more efficient storage management.

R2 is more manageable than previous server versions because it supports WS-Management, enabling heterogeneous management of hardware and software. R2 includes both a WS-Management client that can consume WS-Management endpoints and a service that listens for WS-Management requests over the network. This enables the WS-Management client to talk to other WS-Management compliant systems including those from Sun, AMD, Dell, Intel, WBEM, BMC, NetIQ, and others. IT Professionals can manage and monitor both Microsoft-based and non-Microsoft resources through MOM. R2 also includes the ability to map WMI data to XML so that instrumentation from WMI providers is automatically available via WS-Management.

R2 also ships with Active Directory Federation Services (ADFS), a new component that provides Web single-sign-on (SSO) technologies to authenticate a user to multiple Web applications over the life of a single online session. ADFS accomplishes this by securely sharing digital identity and entitlement rights, or "claims," across security and enterprise boundaries.

ADFS provides a federated identity management solution that interoperates with other security products that support the WS-* architecture. ADFS does this by implementing WS-Federation Passive Profile, making it possible for environments that do not use the Windows identity model to federate with Windows environments.

Figure 22. ADFS, a component of R2, makes it possible for environments that do not use the Windows identity model to federate with Windows environments.

Architectural Guidance

Microsoft's support for Web services across its products and its commitment to the standardization process are important to realizing the productivity and connectivity benefits of Web services. To design, develop, and deploy Web services successfully, architects and developers must also learn new technologies and architectural patterns. To help in this learning process, Microsoft offers architectural guidance that covers the entire lifecycle of a Web services application. Based on customer feedback, Microsoft offers in-depth architectural guidance for real-world Web services scenarios. The guidance is offered through training courses, conferences, books, magazines, whitepapers, MSDN, and other partner Web sites.

Microsoft Developer Network (MSDN) offers an extensive repository of architectural guidance, grouping together three services: MSDN Online, MSDN Magazine and MSDN Subscriptions. MSDN Online receives over eight million unique users per month, and hosts Web Services Developer Center and the MSDN Solution Architecture Center, which provide guidance, reference models, and resources for building connected systems using Web services. Among the Web services guidance found on MSDN is the work done by the Microsoft Patterns & Practices (MPP) group.

For example, MPP's architectural guidance includes best practices on both Web services interoperability and security. Guidance on these two topics includes:

• Integration Patterns
• Web Service Security Guidance
• WS-I Basic Security Profile Reference Implementation
• Application Architecture for .NET: Designing Applications and Services
• Application Interoperability: Microsoft .NET and J2EE
• Applied Integration Baseline Reference Implementation
• Building Interoperable Web Services: WS-I Basic Profile 1.0
• Web Service Facade for Legacy Applications

Figure 23. MSDN offers an extensive repository of architectural guidance on Web services. (Click image to see larger version.)

Summary

Web services are an evolutionary step in software development and have formed the foundation of Microsoft's interoperability efforts since their inception. What sets Web services apart from past integration technologies is broad industry support and proven interoperability. As such, Microsoft is deeply committed to the open standardization process governing Web services and believes that Web services are key to enabling greater connectivity. The Microsoft ecosystem for building and managing connected systems is comprehensive, offering an entire developer platform built around Web services, broad Web services support across Microsoft products, and proven architectural guidance.

Appendix

Web Services Specification Support in the Microsoft Developer Platform

Category	Protocol / Technology	ASMX 2.0	WSE 2.0	WSE 3.0	WCF	Windows Remote Mgmt (WinRM) on R2	Web Services for Devices (WSDAPI) on Vista
Core	Basic Profile 1.1
	SOAP 1.1
	SOAP 1.2
	WS-Addressing 1.0
Binary Data Transfer	DIME
	MTOM
Other Transports & Encodings	TCP
	UDP
	HTTP 1.1
	Text-XML
	Binary-Encoded XML
	Binary Serialization
Security	WS-Security 1.0
	WS-Security 1.1
	WS-SecureConversation 2005/02
	WS-Trust 2005/02
	Basic Security Profile 1.0
	WS-Security SAML Token Profile 1.0 and 1.1
Reliability	WS-ReliableMessaging 2005/02			(implemented in sample)
Transactions	WS-Coordination 2005/08
	WS-AtomicTransaction 2005/08
	WS-BusinessActivity
Metadata, Policy & Binding	WS-MetadataExchange 2004/09
	WSDL 1.1
	WS-Policy 2006/03
	WS-PolicyAttachment 2006/03
	WS-SecurityPolicy 2005/07
Management & Devices	WS-Management 1.0
	WS-Transfer 2004/09
	WS-Enumeration
	WS-Eventing
	WS-Discovery
	Devices Profile