The B2B scenario corresponds to Enterprise Web Services exposed to a partner through a Rich Client application, traditionnaly built with some dynamic HTML/AJAX technology running on the server side, that have been elected to leverage the Silverlight capabilities (enriched user experience, vector based contents, scaling, rich media…).
As listed in Silverlight scenarios for Rich Internet Applications, the following constraints apply to the Partner Environment scenario :
- Infrastructure security is mandatory : it includes a DMZ to protect the Web Server and access to the Web Services and SSL/HTTPS communications to protect the confidential data owned by your enterprise and shared with your partner.
- Protocol adaptation is required if the application is interfaced with pre-existing Web Services that cannot be immediatly consumed by Silverlight. This extract work is performed by a mediation layer, materialized in the schema below by the Services Gateway. Moreover, the Services Gateway in the Customer scenario can enforce the alignement of the incoming messages with the entreprise governance policies.
- Authentication & authorization is required to secure read and write access to Entreprise Data. Claim based authentication would be the preferred way in this scenario. If you want wish to use Form based authentication, have a look at the B2C scenario.
- A cross domain security file is required to access the Services Gateway if not host on the Site of Origin.
We plan to document this scenario by extending the “B2E with mediation” scenario with a Services Gateway (such as Managed Services Engine) and SSL/HTTPS.