12,064,870 members (43,611 online)
In large companies / governments / ... most of the time the application architecture needs to follow a set of rules (focused on maintainability and security).
These could be rules like the following:
Each project / company will have its own rules but the concept stays the same.
Here is an example of how this could be achieved in ASP.NET:
As you can see, for the data tier to be compromised one must first compromise the presentation and the business logic tier.
You can also assume that in most cases each physical tier is also protected by a firewall.
When you're building an application in Silverlight with WCF RIA Services you'll get the following setup:
The setup is still a 3-tier achitecture, but the presentation tier runs on the client.
You could argue if the middle tier does or does not count as a presentation tier (since everything runs on the client) but let's say it does.
If you look at this from a security point of view it's less safer.
Once the webserver in the middle is compromised one has direct access to the data tier.
We could just add an extra tier containing some WCF Services that would be consumed by our WCF RIA Services but that would cause code duplication.
This would be an undesired side effect and thus we won't see this as a good solution to our problem.
In my last post (Things you can do with WCF RIA Services and a regular .svc file) I described how you could separate the web application (hosting Silverlight) and the services. Resulting in the following setup:
As you can see here we're a step closer. Our services can live on one server and our web page (hosting the Silverlight application) on an other server. This does separate our tiers physically. But the problem is that Silverlight still requires a connection to WCF RIA Services directly.
In this setup our Business Logic Tier should be exposed to the internet / be in a DMZ / ... for our Silverlight client to access it.
And again, if this server is compromised one has direct access to the Data Tier!
For more information about ARR please visit: http://www.iis.net/download/ApplicationRequestRouting
An other interesting topic to look at is content based routing: http://hashtagfail.com/post/1000967093/wcf-routing-ria-services
We'll be using ARR (in combination with URL Rewrites) because it allows us to use IIS as a reverse proxy.
Using this reverse proxy we'll be able to achieve the following setup:
Follow these steps to install and configure IIS Application Request Routing.
A. Preparing the server(s)
Important note: If you work with multiple servers (and that's what you'll do in a real environment), you need to do this on your presentation tier (the ASP.NET website containing the Silverlight application).
B. Creating the site for the business logic tier
C. Provisioning the business logic tier site
Splitting up a Silverlight+RIA Services application requires some actions and you can read all about it in my last article.
We'll be using the solution from that article to get started right away. Note that this solution does not connect to a data tier, it just simulates this using a static list.
Now, create a file called clientaccesspolicy.xml in the root of this site containing the following XML (required for cross site access in Silverlight):
<?xml version="1.0" encoding="utf-8"?> <access-policy> <cross-domain-access> <policy> <allow-from http-request-headers="*"> <domain uri="http://*" /> <domain uri="https://*" /> </allow-from> <grant-to> <resource path="/" include-subpaths="true"/> </grant-to> </policy> </cross-domain-access> </access-policy>
That does it. Our business logic tier (on a 'separate server') has been configured and is working.
D. Creating the site for the presentation tier (and reverse proxy)
Note that the 'Host name' points to presentationtier under Binding.
E. Provisioning the presentation tier site
Now you've got a fictive server running the services and an other server running the actual web application hosting the Silverlight application.
The Silverlight application runs locally but still connects to the business logic tier. Now we created a setup as described in Separate (WCF RIA Services split in 2 servers).
F. Configuring IIS Application Request Routing and IIS Rewrite
And there you have it. Even tough we're visiting a page on the server presentationtier it's showing us content from the logictier server.
This means our Silverlight application no longer needs to talk to the logictier server. And thus, we don't need to expose our logictier server to the internet or put it in a DMZ.
Note 1: The clientaccesspolicy.xml file we placed in the LogicSite is no longer required.
Note 2: The system.serviceModel part in the config is very important. If it's missing you'll get the following error:
In your browser:
Server Error in '/' Application.
The resource cannot be found.
WebHost failed to process a request.
Sender Information: System.ServiceModel.Activation.HostedHttpRequestAsyncResult/27111447
Exception: System.Web.HttpException (0x80004005): The service '/riaservices/Tasks.svc' does not exist. ---> System.ServiceModel.EndpointNotFoundException: The service '/riaservices/Tasks.svc' does not exist.
G. The final result in our Silverlight application
And we're done...
If you want you can start Fiddler and you'll see that our Silverlight application is only accessing our presentationtier server:
After a very long article this is what we've accomplished:
Our solution is ready for the enterprise!