Вы находитесь на странице: 1из 72

Litware HR: A SaaS Sample Application

Architecture Strategy

Gianpaolo Carraro, Microsoft Corporation
Frederick Chong, Microsoft Corporation
Alejandro Jack, Southworks.NET

SaaS Sample Application
2 Introduction
Information in this document, including URL and other Internet Web site references, is subject to
change without notice. Unless otherwise noted, the example companies, organizations, products,
domain names, e-mail addresses, logos, people, places, and events depicted herein are fictitious,
and no association with any real company, organization, product, domain name, e-mail address,
logo, person, place, or event is intended or should be inferred. Complying with all applicable
copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part
of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted
in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for
any purpose, without the express written permission of Microsoft Corporation.
Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual
property rights covering subject matter in this document. Except as expressly provided in any
written license agreement from Microsoft, the furnishing of this document does not give you any
license to these patents, trademarks, copyrights, or other intellectual property.
2007 Microsoft Corporation. All rights reserved.
Microsoft, MS-DOS, Windows, Windows NT, Windows Server, Windows Vista, Visual Basic, Visual
C#, and Visual Studio are either registered trademarks or trademarks of Microsoft Corporation in
the United States and/or other countries.
The names of actual companies and products mentioned herein may be the trademarks of their
respective owners.
SaaS Sample Application
3 Introduction
Table of Contents
Introduction ........................................................................................................................................ 6
Scope ............................................................................................................................................... 6
Chapter 2: System and application setup ........................................................................................... 8
System Requirements ..................................................................................................................... 8
Setting Up the sample ..................................................................................................................... 8
Verifying the Installation ................................................................................................................. 8
Chapter 3: Solution Description ........................................................................................................ 11
Conceptual view ............................................................................................................................ 11
Logical view ................................................................................................................................... 13
Implementation view .................................................................................................................... 15
Folder Hierarchy ........................................................................................................................ 15
Visual Studio Organization ........................................................................................................ 16
Modularity ..................................................................................................................................... 16
Deployment view .......................................................................................................................... 17
Chapter 4: Application Scenarios ...................................................................................................... 19
About Contoso .......................................................................................................................... 19
About Fabrikam ......................................................................................................................... 19
About Litware ............................................................................................................................ 20
Fictitious Business Scenario .......................................................................................................... 20
Chapter 5: How to ............................................................................................................................. 21
How to: Provision a tenant ............................................................................................................ 21
How to: Change the style .............................................................................................................. 22
How to: Change the layout configuration. .................................................................................... 25
How to: Change the main menu configuration ............................................................................. 26
How to: Add/Remove custom field to entity ................................................................................ 28
How to: Show/Hide custom field in view ...................................................................................... 30
How to: Add a new workflow definition ....................................................................................... 32
How to: Change ruleset definition ................................................................................................ 34
How to: Add user to role ............................................................................................................... 35
How to: Change Roles in workflow ............................................................................................... 36
Chapter 6: Applying Multi-tenant Architecture Principles ................................................................ 38
SaaS Sample Application
4 Introduction
Multi-Tenant Architecture Tenets................................................................................................. 38
The Configurability Tenet .............................................................................................................. 38
The Templatized Configurability Approach ............................................................................... 39
Applying the Configurability Tenet ........................................................................................... 40
The Multi-Tenant Efficiency Tenet ................................................................................................ 46
Applying the Multi-Tenant Efficiency Tenet .............................................................................. 49
The Scalability Tenet ..................................................................................................................... 52
Tenant Provisioning ....................................................................................................................... 53
Appendix A: Troubleshooting ............................................................................................................ 54
Browsing www.litware.com redirects to Microsoft Web site ....................................................... 54
Server Error: Configuration Error ............................................................................................... 54
Directory Listing Denied ............................................................................................................. 55
Server Error: Compilation Error ................................................................................................. 56
Server Error: LogonUser failed with error code : 1326 .............................................................. 57
Server Error: An error was encountered while creating the virtual folder ............................... 58
Server Error: General access denied error ................................................................................. 59
Server Error: Cant logon or create user ....................................................................................... 60
Appendix B: Glossary ......................................................................................................................... 62
Cross-cutting concern................................................................................................................ 62
Data model ................................................................................................................................ 62
In the cloud................................................................................................................................ 62
Isolation ..................................................................................................................................... 62
Loosely coupled ......................................................................................................................... 63
Multi tenant efficient ................................................................................................................ 63
On premise ................................................................................................................................ 63
Pattern ....................................................................................................................................... 63
Presentation .............................................................................................................................. 63
Process ...................................................................................................................................... 63
Sample application .................................................................................................................... 63
Scaleable.................................................................................................................................... 64
Story Scene ................................................................................................................................ 64
Tenant ....................................................................................................................................... 64
SaaS Sample Application
5 Introduction
Test Rig ...................................................................................................................................... 64
Total cost of ownership ............................................................................................................. 64
User Story .................................................................................................................................. 64
WF (Windows Workflow Foundation) ....................................................................................... 64
Workflow Customization ........................................................................................................... 64
Appendix C: Test lab .......................................................................................................................... 65
Why Load Tests? ........................................................................................................................... 65
LitwareHR Lab ............................................................................................................................... 65
Lab configuration .......................................................................................................................... 66
Controller .................................................................................................................................. 66
Agent ......................................................................................................................................... 66
Web Application Servers ........................................................................................................... 67
DB Server ................................................................................................................................... 67
Testing the Application ................................................................................................................. 67
Tenant Provisioning ................................................................................................................... 67
Job Search ................................................................................................................................. 67
Sign Up ...................................................................................................................................... 68
Login .......................................................................................................................................... 68
Open Position ............................................................................................................................ 68
Submit Resume ......................................................................................................................... 68
Tests Results as a feasibility study ................................................................................................ 68
Contributors ...................................................................................................................................... 70
Additional resources ......................................................................................................................... 72

SaaS Sample Application
6 Introduction
Introduction
SaaS is a journey walk with us! This has been our motto since we started our SaaS architecture
guidance about one year ago.
In this journey, the release of LitwareHR represents an important milestone; most likely the most
important since the launch of the SaaS architecture web site on MSDN back in August
(http://msdn.microsoft.com/architecture/saas). Aimed at software architects and developers, the
goal of LitwareHR is twofold:
To be the embodiment of the architectural guidance described in our whitepapers
To demonstrate how the Microsoft platform is used in the creation of SaaS solutions
With this release of LitwareHR, we believe we are moving forward in the understanding of
designing and building SaaS applications, but as mentioned, this is a journey, LitwareHR will evolve
over time. New knowledge will impact future implementations, new technologies will change how
certain aspects will be implemented. LitwareHR version 1.0 illustrates what we know today.
Enjoy LitwareHR, enjoy the learning and if this is not enough for you, join us on Codeplex
(http://www.codeplex.com/LitwareHR) and help us make LitwareHR a better place.
Scope
Version 1.0 of this sample is not intended to solve all problems related to the development of
multitenant efficient SaaS applications. For example, this release does not cover the load
balancing pattern (Maturity Level IV: Scalable, Configurable, Multi-Tenant-Efficient) and it only
reaches Maturity Level III: Configurable, Multi-Tenant-Efficient of the Software as a Service
Maturity Model
1
.
The sample includes a web application named LitwareHR that is inspired by a Human Resources
System in an environment described in the business scenario. FOR MORE INFORMATION, SEE CHAPTER
4: APPLICATION SCENARIOS
This application does not implement all the variations of a complex transaction processing
application. It demonstrates features common to any SaaS application and explores other less
common features that you may find useful in a particular domain such as the Human Resources
domain. To do this, it implements solutions for some of these common, and recurrent, challenges
that developers face when creating SaaS applications. The intent is to deliver guidance on key
architecture principles and to illustrate how Microsoft technologies (e.g., WCF, WF, and SQL 2005)
can be used to leverage the benefits of multi tenant efficiency in the context of an end-to-end
sample.

1
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnbda/html/archstratctchlngtail.asp
SaaS Sample Application
7 Introduction
It is important to clearly state that this sample is NOT meant for completeness; instead, it
selectively implements solutions to different challenges and you will find that many of the features
of a real SaaS application are NOT implemented.
The sample includes the source code for LitwareHR and for the several reusable assets that it uses,
such as the SaaS Hosting Platform Runtime.
The sample also uses several Enterprise Library application blocks and it includes the Enterprise
Library assemblies, but it does not include the source code. (To download the source code and
documentation for the Enterprise Library, go to Enterprise Library for .NET Framework 2.0)
You can use the sample in different ways. You can step through a running example that
demonstrates application-specific code built on reusable guidance. You can also copy sections of
the source code that implements any particular guidance into your own applications, etc
SaaS Sample Application
8 Chapter 2: System and application setup
Chapter 2: System and application
setup
This chapter describes how to install and run the sample application.
System Requirements
This sample was designed to run on the Microsoft Windows Server 2003 operating system and it
will require the .NET Framework 2.0 and .NET Framework 3.0 to run.
Before you can compile and run the sample, the following must to be installed:
Windows Server 2003 SP1 or R2
Internet Information Services (IIS) 6.0 or later
SQL Server 2005 Express Edition, SQL Server 2005
Microsoft Visual Studio 2005 Team Suite (recommended, but not required) or Microsoft
Visual Studio 2005 Professional Edition
.NET Framework 3.0
Visual Studio 2005 extensions for .NET Framework 3.0 (Windows Workflow Foundation)
Visual Studio 2005 extensions for .NET Framework 3.0 (WCF & WPF), November 2006 CTP
Enterprise Library for .NET Framework 2.0
Active Directory Application Mode (ADAM) SP1
Guidance Automation Extensions
Guidance Automation Toolkit
Setting Up the sample
To install the sample, unzip the LitwareHR.zip file and run LitwareHR.msi file. This executable will
deploy the various assets of the sample to your computer.
To complete the set up process follow the instructions provided on the readme file located in
%INSTALL_DIR%\Setup\.
This document will ask you to execute multiple scripts that will create an ADAM instance, the
databases and the certificates required to run the application. This is called Data Center
provisioning and is done only once.
Verifying the Installation
You should now verify that you have the correct set up. On the taskbar, click Start, point to
Programs, and then point to Microsoft AST. You should see the LitwareHR menu and 3 icons.
There are several assets now configured on your system you might want to verify:

SaaS Sample Application
9 Chapter 2: System and application setup





Figure 1: A user named Provisioning member of Administrators has been added to the system

Figure 2: An ADAM instance has been created and a trusted subsystem account has been associated to that instance
SaaS Sample Application
10 Chapter 2: System and application setup

Figure 3: Four (4) databases are created on SQL Server

Figure 4: Five (5) websites are created on IIS
Note: If you dont find some of these assets on your system, you might have missed steps of the set
up process. FOR MORE INFORMATION, SEE APPENDIX A: TROUBLESHOOTING
SaaS Sample Application
11 Chapter 3: Solution Description
Chapter 3: Solution Description
This chapter describes the architectural representation of the sample. It tries to provide a
comprehensive picture of the sample, its functional elements, and the interactions between those
elements.
Note: Software architecture is a complex, multifaceted set of artifacts that cannot be fully
explained in a single diagram or from a single viewpoint. To help explain these artifacts, software
architects typically use a number of different perspectives, or views, to depict architectures.
Conceptual view
The conceptual view is a high-level overview of the key architecture elements and their
relationships.
The sample includes a web application named LitwareHR that is inspired by a Human Resources
System in an environment described in the business scenario. FOR MORE INFORMATION, SEE CHAPTER
4: APPLICATION SCENARIOS
The various Web sites are designed and constructed in a way that promotes proven practices for
Web sites that are highly scalable, robust, flexible, and failure-resilient. These attributes are
common for Web sites concurrently created by multiple, independent development teams.
Note: The sample does not implement all the variations of a complex transaction processing Web
application. It is important to clearly state that this sample is NOT meant for completeness;
instead, it selectively implements solutions to different challenges and you will find that many of
the features of a real SaaS application are NOT implemented.
The following is the high-level overview of the LitwareHR application

Figure 5: LitwareHR conceptual view
SaaS Sample Application
12 Chapter 3: Solution Description
The sample demonstrates the architecture of Web applications that implement the following:
Presentation logic
This consists primarily of Web pages, master pages, and the code to manage the user interface
behavior. This code includes validation components that process user input.
Business logic
These are services and components that interact with local persistence stores and the platform
services.
LitwareHR is composed of 3 of these web sites and 2 modules.
Recruiting module
It is domain specific and is only suitable when building HR applications.
SHP module
It contains features and building block that you will probably use in many SaaS applications in
different domains.
The sample application was designed with integration in mind. That is why the Contoso scenario
includes integration between in-house, on premise and LOB of applications. FOR MORE
INFORMATION, SEE CHAPTER 4: APPLICATION SCENARIOS
The following is the high-level overview of the Contoso IT portfolio

Figure 6: Contoso LLC conceptual view
SaaS Sample Application
13 Chapter 3: Solution Description
Logical view
The logical view is a detailed description of key elements of the architecture. The view describes
the grouping of design elements (classes and interfaces) into packages represented as
namespaces; it also describes the static and dynamic relationships between the classes.

Figure 7: Logical view
Litware.WebSite
This project contains Web pages, master pages, and the code to manage the user interface
behavior for provisioning. This code includes validation components that process user input.
LitwareHR.Authentication.SvcHost
This project contains the host files and configuration necessary to host the Authentication Security
Token Service (STS) in IIS. This service issues a token required to access the services hosted by
LitwareHR.Portfolio.SecureHost.
LitwareHR.Authorization.SvcHost
This project contains the host files and configuration necessary to host the Authorization Security
Token Service (STS) in IIS. This service issues a token required to access the services hosted by
LitwareHR.Portfolio.SecureHost.
LitwareHR.Portfolio.Contract
SaaS Sample Application
14 Chapter 3: Solution Description
This library contains the service contracts and data contracts defined by LitwareHRs portfolio
service.
LitwareHR.Portfolio.Gateways
Gateways used to access LitwareHRs service portfolio (all the services), these gateways are used
by both the Private Web site and Public Web site.
LitwareHR.Portfolio.SecureHost
This project contains the host files and configuration necessary to host and expose LitwareHRs
internal service portfolio (all the services) through a secure interface.
LitwareHR.Portfolio.Services
This project implements the services defined in LitwareHR.Portfolio.Contract. This project
integrates all the other services when needed.
LitwareHR.Portfolio.UnSecureHost
This project contains the host files and configuration necessary to host and expose LitwareHRs
external service portfolio (all the services) through an unsecure interface.
LitwareHR.PrivateApp.Presenters
This project contains the Views and Presenters (Model-View-Presenter MVP pattern used by the
PrivateApp.
LitwareHR.PrivateApp.WebUX
This project contains Web pages, master pages, and the code to manage the user interface
behavior for configuring and customizing the application. This code includes validation
components that process user input.
LitwareHR.PublicApp.Presenters
This project contains the Views and Presenters (Model-View-Presenter MVP pattern used by the
PublicApp.
LitwareHR.PrivateApp.WebUX
This project contains Web pages, master pages, and the code to manage the user interface
behavior for the runtime experience of the tenant users. This code includes validation components
that process user input.
LitwareHR.Recruiting.Contract
This project contains the service contracts and data contracts by the Recruiting logic.
LitwareHR.Recruiting.Services
Implements services defined in LitwareHR.Recruiting.Contract
LitwareHR.Recruiting.Workflow
SaaS Sample Application
15 Chapter 3: Solution Description
This library contains the WF (Windows Workflow Foundation) related logic used to implement the
recruiting process.
Shp.Runtime.Contract
This library contains the service contracts and data contracts used by the SHP.
Shp.Runtime.Services
Implements services defined in Shp.Runtime.Contract
Shp.Security.BrokeredReceiver
This library contains the logic for the authorization and authentication Security Token Services.
Shp.Security.BrokeredSender
This library contains logic used by ASP.NET web sites to communicate with the Security Token
Services (provide credentials; manage security token keys, etc)
Implementation view
The implementation view describes how the classes and interfaces are organized into directories,
projects, and assemblies in the file system and in the Microsoft Visual Studio development
system.
This sample was organized so that the namespaces, physical folders, and Visual Studio projects
each reflects the order and structure of the other. Similarly, the source code is organized to have
consistency within its namespaces, physical folders, and Visual Studio projects. The tight
relationship between these ways of organizing the code makes it easier to locate specific code
segments.
Folder Hierarchy
The folder hierarchy follows the major design elements. These are Dlls, Setup, and Src.

Figure 8: Folder structure
Each folder represents a discrete portion of the architecture and design, containing related code
or scripts.
SaaS Sample Application
16 Chapter 3: Solution Description
The Dlls folder contains binary dependencies like Enterprise Library (To download the source code
and documentation for the Enterprise Library, go to Enterprise Library for .NET Framework 2.0).
The Setup folder contains the scripts that perform DataCenter provisioning and the Src folder
contains all the source code for the application.
Visual Studio Organization
The Visual Studio projects are named after the namespace that they contain. There is one project
per namespace and one assembly per namespace.

Figure 9: Visual Studio Organization

Modularity
One of our development goals is to demonstrate the technique for building a complex site that is
based on modules that can be independently developed, tested, versioned, and deployed.
More specifically for the Litware HR solution structure, the recruiting specific application code is
clearly separated from the SaaS hosting platform code:
SaaS Sample Application
17 Chapter 3: Solution Description

Figure 10: Modularity

Deployment view
For the system architecture, this view documents the likely physical topology. It includes each
computer in the implementation and describes how they are interconnected. The configuration
for each node is also specified operating system, database, and applications.
To enable you to easily build, set up, and run the sample, the sample deploys and runs on a single
tier (machine) but is designed to be run on the 3 tiers like it is shown in the following figure.

Figure 11: Deployment view
Client Tier
Internet explorer 6 or later
Application Tier
SaaS Sample Application
18 Chapter 3: Solution Description
Windows 2003 R2, SP1
Visual Studio 2005 Team Suite
IIS
.NET 3.0
Resource Tier
Windows 2003 R2, SP1
ADAM
SQL Server 2005, Standard Edition


SaaS Sample Application
19 Chapter 4: Application Scenarios
Chapter 4: Application Scenarios



About Contoso

Contoso is a Shoe Retail Chain which is facing a fast growth across the country. It operates through
a franchise of stores usually operated by its owner and 2 or 3 employees maximum.
About Fabrikam
Fabrikam is an Independent Music School that offers music lessons as well as concerts to their
local community. They started as a family business and it now has more than 20 employees.

SaaS Sample Application
20 Chapter 4: Application Scenarios
About Litware
Litware is the provider of a SaaS Application for tracking open jobs and candidate information,
including work experience, preferences, and comments from interviewers. Litware is the leader in
On-Demand recruiting software.
Fictitious Business Scenario
Contoso has an HR system that is used for managing employee information and benefits. The
existing system does not do recruitment tasks. Since a few months ago, Contoso begun expanding
across the country rapidly and needs a better way to manage their recruitment process.
However, Contoso does not want to acquire an on premise system as it will add to their IT
management burden. After some research, Litware appears as a possible solution to their needs.

Fabrikam has a website (www.fabrikam.com) where they provide information about the kind of
lessons the school offers, a calendar of music events for the community, etc. As part of the school
initiative to leverage IT and the Internet to support more of its business functions, it is now looking
to recruit staff and teachers online as well as automate its recruitment process.
Up to now, Fabrikam has been recruiting through advertisement in the local newspaper and using
paper system and excel spreadsheets to manage its recruitment process. By making its open
positions available online, Fabrikam thought it could also tap into music talents that would not be
available otherwise.
Despite their desire to leverage IT, Fabrikam knows that it does not want to take on significant IT
burden of managing internal systems. After some research, they found Litware.



SaaS Sample Application
21 Chapter 5: How to
Chapter 5: How to
The following topics describe activities that the user perform when customizing the application.
How to: Provision a tenant
This topic describes how to make tenant provisioning for a tenant named Fabrikam.
FOR MORE INFORMATION, SEE CHAPTER 6: TECHNICAL CHALLENGES - TENANT PROVISIONING
Steps
1. Browse the Litware Web site (http://www.litware.com/ )
2. Navigate to: Try the application
3. Enter Fabrikam Inc. in the Legal name field
4. Enter Fabrikam in the Alias field
5. Select small from the Domain model options
6. Enter P@ssW0rd in the Admin Password field
7. Enter P@ssW0rd in the Confirm Password field
8. Click Provision the application

Figure 12: Organization Information page
Outcome
A tenant named Fabrikam has been created and you will see a page with links to the Public and
Private Web sites.
SaaS Sample Application
22 Chapter 5: How to

Figure 13: Tenant successfully provisioned
Next Steps
The following are typical tasks that you perform after you make a tenant provisioning:
Change the style
Add/Remove custom field to entity
Add a new workflow definition
How to: Change the style
This topic describes how to change the style at runtime.
In order to change the style you need a valid CSS file that matches the elements used by
LitwareHR. For the purpose of this How To we are going to use the CSS file used on Fabrikam
Web site.
SaaS Sample Application
23 Chapter 5: How to

Figure 14: CSS file used on Fabrikam's Web site
FOR MORE INFORMATION, SEE CHAPTER 6: TECHNICAL CHALLENGES - CUSTOMIZED UI, STYLES
Prerequisites
This topic assumes that a tenant named Fabrikam is already provisioned. FOR MORE INFORMATION,
SEE HOW TO: PROVISION A NEW TENANT
Steps
1. Browse the Fabrikam Private Web site (http://www.litwareHR.com/fabrikam/private)
2. Navigate to: Configuration & Customization Presentation Configure Styles
3. Enter Fabrikam in the Name field
4. Enter http://www.fabrikam.com/Css/main.css in the Url field
5. Click Add Style
SaaS Sample Application
24 Chapter 5: How to

Figure 15: Preferences page
6. Navigate to: Configuration & Customization Presentation
7. Select Fabrikam in the Style drop-down list
8. Click Update
Outcome
You will see that the look and feel of the Public and Private Web sites has changed.

Figure 16: Fabrikam Private Website
Next Steps
The following are typical tasks that you perform after you change the style:
Change the layout configuration
Change the main menu configuration
SaaS Sample Application
25 Chapter 5: How to
How to: Change the layout configuration.
This topic describes how to change the layout configuration at runtime.
FOR MORE INFORMATION, SEE CHAPTER 6: TECHNICAL CHALLENGES - CUSTOMIZED UI, LAYOUT
Prerequisites
This topic assumes that a tenant named Fabrikam is already provisioned. FOR MORE INFORMATION,
SEE HOW TO: PROVISION A NEW TENANT
Steps
1. Browse the Fabrikam Private Web site (http://www.litwareHR.com/fabrikam/private)
2. Navigate to: Configuration & Customization Presentation
3. Select functional from the Layout drop-down list
4. Click Update

Figure 17: Preferences page
Outcome
You will see that the distribution of the Public and Private Web sites has changed.
SaaS Sample Application
26 Chapter 5: How to

Figure 18: Fabrikam Private Web site using the Functional Layout
Next Steps
The typical task to perform after you change the layout configuration is to change the main menu
configuration.
How to: Change the main menu configuration
This topic describes how to change the main menu configuration at runtime.
FOR MORE INFORMATION, SEE CHAPTER 6: TECHNICAL CHALLENGES - CUSTOMIZED UI, SEAMLESS
INTEGRATION BETWEEN SITES
Prerequisites
This topic assumes that a tenant named Fabrikam is already provisioned. FOR MORE INFORMATION,
SEE HOW TO: PROVISION A NEW TENANT
Steps
1. Browse the Fabrikam Private Web site (http://www.litwareHR.com/fabrikam/private)
2. Navigate to: Configuration & Customization Presentation Configure Main menu
3. Enter Blog | in the Description field
4. Enter http://www.fabrikam.com/ in the Url field
5. Check the Public check box
6. Click Add
7. Click Save Configuration
SaaS Sample Application
27 Chapter 5: How to

Figure 19: Main menu configuration
Outcome
You will see that the main menu of the Public and Private Web sites has changed.
SaaS Sample Application
28 Chapter 5: How to

Figure 20: Public Web site main menu
How to: Add/Remove custom field to entity
This topic describes how to add or remove custom fields to an entity at runtime.
FOR MORE INFORMATION, SEE CHAPTER 6: TECHNICAL CHALLENGES - CUSTOMIZED DATA MODELS
Prerequisites
This topic assumes that a tenant named Fabrikam is already provisioned. FOR MORE INFORMATION,
SEE HOW TO: PROVISION A NEW TENANT
Steps
1. Browse the Fabrikam Private Web site (http://www.litwareHR.com/fabrikam/private)
2. Navigate to: Configuration & Customization Data model
3. Click Select next to the position entity name
4. Enter jobLevel in the field named Field
5. Select Number from the Type drop-down list
6. Click Add
SaaS Sample Application
29 Chapter 5: How to

Figure 21: Data model page while adding jobLevel field
7. Click the Remove link located in the location field row
8. Click Save configuration in order to save the current entitys field configuration
Outcome
You will see that the position entity fields have changed
SaaS Sample Application
30 Chapter 5: How to

Figure 22: Position entity new schema
Next Steps
The typical task to perform after you add and remove custom fields to an entity is to show or hide
custom fields in an entitys view.
How to: Show/Hide custom field in view
This topic describes how to show or hide a custom field from an entitys view.
FOR MORE INFORMATION, SEE CHAPTER 6: TECHNICAL CHALLENGES - CUSTOMIZED UI, DYNAMIC DATA
MODELS
Prerequisites
This topic assumes that a tenant named Fabrikam is already provisioned. FOR MORE INFORMATION,
SEE HOW TO: PROVISION A NEW TENANT
This topic also assumes that a custom field named jobLevel has been added to the position
entity. FOR MORE INFORMATION, SEE HOW TO: ADD/REMOVE CUSTOM FIELD TO ENTITY
Steps
1. Browse the Fabrikam Private Web site (http://www.litwareHR.com/fabrikam/private)
2. Navigate to: Configuration & Customization Data model
3. Click Select next to the position entity name
4. Navigate to: Configure Views
5. Click Detail next to JobDetail
SaaS Sample Application
31 Chapter 5: How to
6. Click Remove in the location field row
7. Enter Title in the Label Field
8. Select title from the Field name drop-down list
9. Click Add

Figure 23: View configuration page
10. Enter Level in the Label Field
11. Select jobLevel from the Field name drop-down list
12. Click Add
13. Click Save Configuration
Outcome
You will see that the fields associated to jobDetail view have changed:
SaaS Sample Application
32 Chapter 5: How to

Figure 24: View configuration page
How to: Add a new workflow definition
This topic describes how to add a new workflow definition at runtime.
FOR MORE INFORMATION, SEE CHAPTER 6: TECHNICAL CHALLENGES - WORKFLOW, CUSTOMIZED
ACTIVATION
Prerequisites
This topic assumes that a tenant named Fabrikam is already provisioned. FOR MORE INFORMATION,
SEE HOW TO: PROVISION A NEW TENANT
Steps
1. Browse the Fabrikam Private Web site (http://www.litwareHR.com/fabrikam/private)
2. Navigate to: Configuration & Customization Business Process Add Workflow
3. Enter Fabrikam Workflow in the Name field
4. Click Add Step twice
5. Enter Interview2 in the Name field of the latest Step created
6. Click Add Step
7. Enter Result in the Name field of the latest Step created
8. Select Result in the Type drop-down list of the latest Step Created
9. Click Save
SaaS Sample Application
33 Chapter 5: How to

Figure 25: Workflow editor
Outcome
You will see that the Fabrikam Workflow definition has been created.
SaaS Sample Application
34 Chapter 5: How to

Figure 26: Fabrikam Workflow created
Next Steps
The typical task to perform after you add a workflow definition is to change the ruleset definition.
How to: Change ruleset definition
This topic describes how to change a ruleset definition at runtime.
FOR MORE INFORMATION, SEE CHAPTER 6: TECHNICAL CHALLENGES - WORKFLOW, BRANCHING ON TENANT
DATA
Prerequisites
This topic assumes that a tenant named Fabrikam is already provisioned. FOR MORE INFORMATION,
SEE HOW TO: PROVISION A NEW TENANT
Steps
1. Browse the Fabrikam Private Web site (http://www.litwareHR.com/fabrikam/private)
2. Navigate to: Configuration & Customization Business Process Edit Ruleset
3. Click the (delete) button of the first rule
4. Click Add Step
5. Select code from the entity fields drop-down list of the latest rule created
6. Enter FD-01 in the value field of the latest rule created
7. Select Long Workflow in the workflows drop-down list of the latest rule created
8. Click Save
SaaS Sample Application
35 Chapter 5: How to

Figure 27: Ruleset editor
Outcome
You will see that the Ruleset definition has been changed.
How to: Add user to role
This topic describes how to add a user to a certain role.
FOR MORE INFORMATION, SEE CHAPTER 6: TECHNICAL CHALLENGES - SECURITY, AUTHENTICATION &
AUTHORIZATION
Prerequisites
This topic assumes that a tenant named Fabrikam is already provisioned. FOR MORE INFORMATION,
SEE HOW TO: PROVISION A NEW TENANT
This topic also assumes that a user named tim is signed up.
Steps
1. Browse the Fabrikam Private Web site (http://www.litwareHR.com/fabrikam/private)
2. Navigate to: Configuration & Customization Users & Roles
3. Click Manage Roles next to the tim user name
4. Check the EvaluateCandidate check box
Outcome
You will see that the roles assigned to the user have changed:
SaaS Sample Application
36 Chapter 5: How to

Figure 28: Manage user roles page
How to: Change Roles in workflow
This topic describes how to change the roles related to the steps in a workflow.
FOR MORE INFORMATION, SEE CHAPTER 6: TECHNICAL CHALLENGES - SECURITY, WORKFLOW ROLE ACCESS
CONTROL
Prerequisites
This topic assumes that a tenant named Fabrikam is already provisioned. FOR MORE INFORMATION,
SEE HOW TO: PROVISION A NEW TENANT
Steps
1. Browse the Fabrikam Private Web site (http://www.litwareHR.com/fabrikam/private)
2. Navigate to: Configuration & Customization Business Process
3. Click Detail next to Short Workflow
4. Select EvaluateCandidate in the Role drop-down list of the second step of the workflow
5. Select EvaluateCandidate in the Role drop-down list of the third step of the workflow
6. Click Save

SaaS Sample Application
37 Chapter 5: How to

Figure 29: Workflow Editor
Outcome
You will see that the Short Workflow definition has been changed.
SaaS Sample Application
38 Chapter 6: Applying Multi-tenant Architecture Principles
Chapter 6: Applying Multi-tenant
Architecture Principles
Architecting and implementing multi-tenant applications involve many technical challenges that
are not encountered in designing traditional single tenant on-premise applications.
The key focus of this chapter is to illustrate how we have applied multi-tenant architecture
principles in the implementation of the Litware HR sample application.
Because of time constraint, we have chosen to illustrate only a small subset of those principles for
this release. More principles will be demonstrated through future releases.

Multi-Tenant Architecture Tenets
The key multi-tenant architecture tenets are (We often refer to the following as the three headed
monster that haunts SaaS ISVs):
Configurability
Multi-Tenant Efficiency
Scalability

The Configurability Tenet






Since architecture decisions involve making tradeoffs, it is best described as a continuum with the
two end points depicting extreme points of the architecture decisions. The end spectrums of the
configurability architecture continuum are a totally non-configurable one-size-fits-all solution and
a fully configurable application. While a non-configurable solution has the advantage that it is
typically easier to implement, it does not have the benefit of a fully configurable application,
which is a higher fidelity user experience.
Fully Configurable One Size Fits All
High Fidelity User Experience Simpler Implementation
Figure 30 The Configurability Continuum
SaaS Sample Application
39 Chapter 6: Applying Multi-tenant Architecture Principles
There are various common aspects of a SaaS application where configurability is desirable: the
user interface, the workflow and business rules, and the data model. The Litware HR sample
application illustrates how these application components may be configured.
While it may be tempting to enable a fully configurable solution, there are several technical
considerations that can constraint what the tenant can configure in practice. These are the factors
to consider:
Security
If a configuration involves new code that is uploaded by the tenant, the unknown code can
introduce bugs and security vulnerabilities into the shared hosting environment.
Fair Resource Usage
Unknown code extension that is CPU or I/O intensive can lead to excessive use of computing
resources within the shared environment, thus denying other tenant requests from getting fair use
of the compute infrastructure. This may result in violation of the SLA contract with multiple
tenants.
Halting
New code modules may contain code that does not terminate within an acceptable time or after
consuming a certain amount of resources. If there are no checks in the runtime environment, non-
halting code may lead to resource leakage, thus causing the systems performance to degrade over
time.

The Templatized Configurability Approach










Designer Policy
Enforcement
Engine
Security,
Fairness and
Halting Policies
Runtime Policy
Enforcement
Engine
Meta Data
Meta Data
Meta Data
Application
Instance


Standard
Customers
Premium Customers
Trusted Partners
Figure 31 Templatized Configurability
SaaS Sample Application
40 Chapter 6: Applying Multi-tenant Architecture Principles
The notion of templatized configurability can help mitigate the issues mentioned above. A
templatized configuration environment consists of several components provided by the
application provider:
Templatized Designers
These are sandboxed configuration tools that constraint the customization options presented to
the users. An application provider may choose to provide several templatized designers, some
more powerful than others, but not all tenants have equal access to those designers. For example,
trusted partners may have the rights to use a more powerful designer because of their reputation
or business relationship to produce higher quality extensions. Others may gain the same right by
paying for an isolated deployment so that any resulting technical issues do not adversely impact
other tenants.
Meta data
Meta data is produced by the templatized designer. Meta data is information that describes the
extensions and customizations of the application made by the tenants. The meta data is retrieved
and used by the application runtime environment to customize the application experience for the
tenant.
Policies and Enforcement Engines
Both the designer and application runtime environments are governed by security, resource usage
and halting policies as determined by the application provider. Enforcement engines helps the
designer constraint the configuration options that are presented to the users. At runtime, the
enforcement engine polices and checks that the policies are not violated.

Applying the Configurability Tenet

Customized UI
Description
Ability to change the user experience of the application to match tenant preferences.
How is this demonstrated in the sample?
Layout for page distribution
Styles for look and feel
Seamless integration between sites for Main Menu links
Views for dynamic data models
SaaS Sample Application
41 Chapter 6: Applying Multi-tenant Architecture Principles

Customized UI, Layout
Description
Ability to separate the responsibility of the UI design distribution from the UI development.
How is this demonstrated in the sample?
Application uses a predefined list of user controls and displays those using master pages
with different page distribution to match tenant preference

Figure 32: Controls for layout

Figure 33: Master pages with different distributions

SaaS Sample Application
42 Chapter 6: Applying Multi-tenant Architecture Principles

Customized UI, Styles
Description
Ability to create a common look & feel across different tenant web sites and LitwareHR.
How is this demonstrated in the sample?
Use of ASP.NET themes and skins
Use of CSS files

SaaS Sample Application
43 Chapter 6: Applying Multi-tenant Architecture Principles

Figure 34: Different styles for the application
Customized UI, Seamless integration between sites
Description
Ability to create a common user experience across different tenant web sites and LitwareHR.
How is this demonstrated in the sample?
Application uses a main menu control that displays links configured in the SaaS hosting
platform
These links can point to places like the tenants home page
Customized UI, Dynamic Data Models
Description
Ability to display or hide fields from a particular view of the application.
How is this demonstrated in the sample?
View customization
Workflow, Customized Activation
Description
SaaS Sample Application
44 Chapter 6: Applying Multi-tenant Architecture Principles
Ability to activate tenant defined workflows.
How is this demonstrated in the sample?
Business process customization through workflow editor

Figure 35: Workflow editor
Workflow, branching on tenant data
Description
Ability to branch on tenant specific field extensions.
How is this demonstrated in the sample?
Application uses WF Rule Sets and Policy activities to branch on entity fields and launch
different workflows according to the Rule Set evaluation
SaaS Sample Application
45 Chapter 6: Applying Multi-tenant Architecture Principles

Figure 36: ruleset editor
Workflow, Multi-user
Description
Ability to coordinate competing processes with more than one participant
How is this demonstrated in the sample?
Application uses a Recruiting Process workflow that coordinates multiple child Evaluation
Processes

Figure 37: Recruiting process and candidate evaluation activation
SaaS Sample Application
46 Chapter 6: Applying Multi-tenant Architecture Principles

The Multi-Tenant Efficiency Tenet






Multi-tenant efficiency is a provider side optimization that enables the ISV to lower the long term
operation cost of providing the software service, which in turn allows the ISV to sell to new
segment of markets which cannot afford to pay for the on-premise solution.
While there are clear benefits to maximizing the sharing of computing resources, it is much more
complicated to design and implement an application that uses a lot of shared resources. The
technical considerations when architecting for multi-tenant efficiency are:

Security and Data Privacy
Application providers have to pay much more attention to application and data security within a
shared environment. Unlike a single tenant environment where weak security may compromise
the intellectual property for a single tenant, lax application security in a multi-tenant environment
can cause undesirable security and data privacy breaches that cross multiple business
organizations.
Although physical isolation is the simplest way to get security and privacy, there are security
mechanisms and patterns that can be deployed to virtually isolate one tenant from another. Some
of these are described below.
The process of authentication and authorization are critical security capabilities in a multi-tenant
environment. Authentication enables a users identity and tenant context to be established while
authorization ensures that application features and data cannot be accessed by unauthenticated
or unauthorized users.
A number of authentication mechanisms are commonly used today. For example, a formed-based
authentication Website that issues HTTP cookies is used for authenticating the browser client in
Litware HR. For smart client and Web services authentication, security token services are used to
issue security tokens that serve as proofs of authentication. In the Litware HR application, the
Shared Isolated
Lower Long term Operation Cost Simpler Implementation
Figure 38 The Multi-Tenant Efficiency Continuum
SaaS Sample Application
47 Chapter 6: Applying Multi-tenant Architecture Principles
security token service communicates with the ADAM directory service to validate the users
password before issuing a security token.
A number of multi-tenant security patterns are useful for securing the application in depth:
User and tenant context contains identity information of the authenticated user and the
users organization. This information is propagated securely across application tiers and
provides the identity context for application components to make access decisions.
The tenant encryption pattern enables each tenant to encrypt data with a secret that no
other tenants know about. So that even in the event of accidental information leakage,
the encrypted data will remain private.
The tenant permissioning pattern is typically implemented using access control lists or
role-based scheme to protect database objects such as tenant specific tables against
unauthorized access.
The tenant view filter pattern provides a filtered view to the data stored by the underlying
physical database. Only data belonging to the tenant making the data request is fetched
by the view. Data operations performed by the application (such as a SQL query) acts on
the subset of data retrieved by the filter instead of the entire set that is stored in the
physical database.
SaaS Sample Application
48 Chapter 6: Applying Multi-tenant Architecture Principles




Fairness
Service level agreement defines the expected level of services the application provider agrees to
provide to the tenant. Common items defined in the SLA contract include things like application
response time, network bandwidth usage and storage capacity.
Database
Public Web
Service
Directory
Service
Internal
Web
Service
Security
Token
Service
Smart Client
Website
Browser
Client
Tenant Encryption
Tenant Permissioning
Tenant View Filter
User and Tenant Context
Multi-tenant Security Patterns
Security
Token
Cookie-based
authentication
Figure 39 Multi-tenant Security Patterns
SaaS Sample Application
49 Chapter 6: Applying Multi-tenant Architecture Principles
Even when these terms are defined and agreed upon, the service provider must still ensure that
each request received is processed fairly and obtained the expected amount of computation time
and resources so that the terms in the service contract will not be violated. What this means is
that no request that is received ought to be starving other waiting requests due to excessively long
computation or memory usage.
In the current release of Litware HR, we have not implemented a task/request scheduler that
treats each tenants requests fairly based on a set of predefined policy for compute time and
space usage. This may be the subject of future exploration.
Applying the Multi-Tenant Efficiency Tenet
Shared Database, Shared Schema with Tenant View Filter
Description
Creating SaaS data architecture that is both robust and secure enough to satisfy tenants or clients
who are concerned about surrendering control of vital business data to a third party, while also
being efficient and cost-effective to administer and maintain.
How is this demonstrated in the sample?
Application uses a shared schema data architecture for entity definition
2


2
http://msdn2.microsoft.com/en-us/library/aa479086.aspx
SaaS Sample Application
50 Chapter 6: Applying Multi-tenant Architecture Principles

Figure 40: In this approach, all tenants share the same set of tables, and a Tenant ID associates each tenant with the
rows that it owns
Application uses tenant View Filter to display data
3


Figure 41: A view is created for each entity and tenant

3
http://msdn2.microsoft.com/en-us/library/aa479086.aspx
SaaS Sample Application
51 Chapter 6: Applying Multi-tenant Architecture Principles


Security, Authentication
Description
Ability to identify registered users of a site.
How is this demonstrated in the sample?
ASP.NET Membership and Role provider for web pages that uses a remote ADAM instance
Windows Communication Foundation
4
Authentication Security Token Service for services
that uses a remote ADAM instance
Security, Authorization
Description
Ability to change permissions for different users.
How is this demonstrated in the sample?
Forms authentication for all protected pages
Views are protected with settings in the Web.config and Web.sitemap files that denies
access to unauthorized users
Services are protected with a Windows Communication Foundation
5
Security Token
Service that denies access to unauthorized users
Security, Session
Description

4
http://wcf.netfx3.com/
5
http://wcf.netfx3.com/
SaaS Sample Application
52 Chapter 6: Applying Multi-tenant Architecture Principles
Ability to maintain sessions.
How is this demonstrated in the sample?
ASP.NET sessions
Windows Communication Foundation
6
Authentication behavior to hold Security Token in
ASP.NET session
Security, Workflow role access control
Description
Ability to execute activities based on roles.
How is this demonstrated in the sample?
WF role provider
Tracking store queries based on current executing activity

The Scalability Tenet





One of the key attractiveness of the SaaS model is in its economic potential of selling to a larger
unreached market through a provider managed and hosted infrastructure. This software delivery
model implies that the number of concurrent users that has to be supported by the application is
now the aggregate number for its entire market rather than the maximum number for its largest
single tenant. The resulting scalability impact on the application architecture can be a huge one.
A number of application scalability best practices have been common knowledge for a while, and
the same knowledge remains valid and valuable within a multi-tenant environment.
Application design best practices such as caching and stateless design, while making it easier to
scale the application, also introduces more complexity in cache and distributed state
management.
Data partitioning and replication are important techniques for scaling the data tier, but must also
be weighed against application performance tradeoff since partitioned data can introduce the
need for database transactions and latency in performing distributed queries.

6
http://wcf.netfx3.com/
Internet Scale Single User
Maximum Concurrent Users
Simpler and Faster Application
Implementation
Figure 42 The Scalability Continuum
SaaS Sample Application
53 Chapter 6: Applying Multi-tenant Architecture Principles
Due to time constraint, we are not able to accommodate Litware HR features that demonstrate
architecture principles from the scalability tenet. This could be an area of future exploration.

Tenant Provisioning
Operational excellence is a new area that may not be familiar to many ISV. Operation touches
many components such as monitoring, billing and provisioning. We are able to demonstrate the
concept of tenant provisioning through this release of Litware HR.
Description
Ability to deploy a new instance of the application with the same code image.
How is this demonstrated in the sample?
Application creates virtual directories that point to the same code image and uses a multi
tenant data architecture

SaaS Sample Application
54 Appendix A: Troubleshooting
Appendix A: Troubleshooting
This section describes problems that you might encounter when working with LitwareHR
application as well as their possible solutions.
Browsing www.litware.com redirects to Microsoft Web
site
Cause
The host file does not have the DNS entries required to run the application.
Solution
Make sure that the host file located at %WINDIR%\System32\Drivers\etc has the following DNS
entries:
127.0.0.1 www.litwarehr.com
127.0.0.1 www.litware.com
127.0.0.1 services.litwarehr.com
127.0.0.1 www.contoso.com
127.0.0.1 www.fabrikam.com
Server Error: Configuration Error

Figure 43: Error in configuration file
SaaS Sample Application
55 Appendix A: Troubleshooting
Cause
You may receive this error if the Web sites ASP.NET version is not set to 2.0.50727.
Solution
Make sure that the following Web sites ASP.NET version is 2.0.50727:
www.litware.com
www.litwarehr.com
services.litwarehr.com
FOR MORE INFORMATION, SEE SECTION III.D OF THE THE README FILE: IIS CONFIGURATION
Directory Listing Denied

Figure 44: Directory listing denied while browsing www.litware.com
Cause
Default.aspx has not been added as a default document.
Solution
Make sure that the following Web sites have Default.aspx set as default document:
www.litware.com
www.litwarehr.com
services.litwarehr.com
FOR MORE INFORMATION, SEE SECTION III.D OF THE THE README FILE: IIS CONFIGURATION
SaaS Sample Application
56 Appendix A: Troubleshooting
Server Error: Compilation Error

Figure 45: Compilation error while browsing www.litware.com
Cause
You may receive this error if the LitwareHR solution was not successfully compiled.
Solution
Build LitwareHR solution.
To build LitwareHR solution:
1. Click Start, point to All programs, Microsoft AST, LitwareHR
2. Click Build LitwareHR
3. Wait until the compilation has finished
SaaS Sample Application
57 Appendix A: Troubleshooting
Server Error: LogonUser failed with error code : 1326

Figure 46: Tenant provisioning failed
Causes
1. You may receive this error if the web.config file refers to an invalid Provisioning user.
2. The Provisioning user does not exist.
Solution:
1. Make sure that the Provisioning user is well referenced at the web.config file.
2. Create a Provisioning user and add it to the Administrators group.
FOR MORE INFORMATION, SEE SECTION IV.A OF THE THE README FILE: WEB.CONFIG SETTINGS
FOR MORE INFORMATION, SEE SECTION II OF THE THE README FILE: PROVISIONING USER
SaaS Sample Application
58 Appendix A: Troubleshooting
Server Error: An error was encountered while creating
the virtual folder

Figure 47: Error on create IIS structure
Causes
You may receive this error if the folder physical paths have not been correctly configured at the
web.config file.
The Provisioning user is not a member of the Administrators group.
Solution
Make sure that the folder physical paths have been correctly configured at the web.config file.
FOR MORE INFORMATION, SEE SECTION IV.A OF THE THE README FILE: WEB.CONFIG SETTINGS
Make sure the Provisioning user is a member of the Administrators group.
FOR MORE INFORMATION, SEE SECTION II OF THE THE README FILE: PROVISIONING USER
SaaS Sample Application
59 Appendix A: Troubleshooting
Server Error: General access denied error

Figure 48: Access denied on tenant provisioning
Cause
The Trusted Subsystem Account (NETWORK SERVICE) lacks permission to access the Identity
Store (ADAM).
Solution
Grant the Trusted Subsystem Account (NETWORK SERVICE) permission to access the Identity
Store (ADAM).
FOR MORE INFORMATION, SEE SECTION III.C OF THE THE README FILE: ADAM CLIENT CONFIGURATION
SaaS Sample Application
60 Appendix A: Troubleshooting
Server Error: Cant logon or create user

Figure 49: Communication error on logon or create user
Cause
You may receive this error when the required certificates have not been created because the
Trusted Subsystem Account (NETWORK SERVICE) has been granted with reading permissions on
the MachineKeys folder.
Solution
Remove the Trusted Subsystem Account (NETWORK SERVICE) from the user security list of the
following folder:
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys
SaaS Sample Application
61 Appendix A: Troubleshooting

Figure 50: Remove Trusted Subsystem Account (NETWORK SERVICE)
FOR MORE INFORMATION, SEE SECTION III.B OF THE THE README FILE: DATACENTER PROVISIONING
Create the required certificates running the following script:
%INSTALL_DIR%\Setup\DataCenter\Runtime\CertificateStore_SetUp.cmd
SaaS Sample Application
62 Appendix B: Glossary
Appendix B: Glossary
Before you begin to review the details of this sample, it would be helpful for you to review the
following terms. Many of these terms are commonly used within the industry; however, some of
these terms may have different connotations in this document or in the field of software
architecture in general.
Cross-cutting concern
A type of functionality that can be applied to multiple classes and/or applications as they do not
typically relate to a specific business problem. Typical cross-cutting concerns include functionality
such as authentication, authorization, and application instrumentation.
Data model
Data reflects the information organizations rely on to drive their businesses and transact with one
another. Knowing that the amount and type of information fluctuates with the nature of the
business, the application data model should also provide flexibility for tenants to define new data
types and to extend existing data schemas.
Given these facets of customizations, the challenges for the SaaS architect is to ensure that the
task of customizing applications is simple and easy for the customers, yet at the same time, not
incur extra manual development or operation costs for each customization.
In the cloud
SaaS applications often are licensed with a usage-based transaction model, in which the customer
is only billed for the number of service transactions used. SaaS applications are installed at the
SaaS hoster's location. SaaS applications are completely managed by the vendor or SaaS hoster; in
fact, the implementation of management tasks and responsibilities is opaque to the consumer.
Service-level agreements (SLAs) govern the quality, availability, and support commitments that the
provider makes to the subscriber.
Isolation
In many cases, there are valid reasons for dedicated resources or instances of the solution that
should be deployed for specific tenants. For example, a tenant does not want his applications
performance to be adversely affected by other tenants. Another example is when a tenant does
not want his data exposed to other tenants sharing the same database (due to certain classes of
security risks).
In the case of full isolation, all computing resources within the instance are reserved for a sole
tenant, and the solution becomes very much like an on-premise software solution.

SaaS Sample Application
63 Appendix B: Glossary
Loosely coupled
A type of distributed application that is designed to function autonomously. Design and
implementation make few assumptions about the application in which they interact, and can be
deployed and versioned independently.
Multi tenant efficient
A multi-tenant architecture must consider how computing resources can be shared and used
efficiently across the entire customer base. Examples of such resources include logical entities
such as databases, application threads and processes as well as physical commodities such as disks
drives and servers.7
On premise
On-premise applications typically are licensed in perpetuity, with a single up-front cost for each
user or site, or (in the case of custom-built applications) owned outright. On-premise applications
are, of course, installed within the customers IT environment and the IT department is responsible
for providing IT service to users, which means being familiar with network, server, and application
platforms; providing support and troubleshooting; and resolving IT security, reliability,
performance, and availability problems.
Pattern
A description of a recurring problem that occurs in a given context and, based on a set of guiding
forces, recommends a solution. The solution is usually a simple mechanism: a collaboration
between two or more classes, objects, services, processes, threads, components, or nodes that
work together to resolve the problem identified in the pattern.
Presentation
Presentation is the result of configuring the web pages style and layout.
Process
Represents the operational aspect of a work procedure: how workflow tasks are structured, who
performs them, what their relative order is, how they are synchronized, how information flows to
support the tasks and how tasks are being tracked.
Sample application
A partial implementation of a solution for a compelling business scenario that implements
selected use cases in the scenario, developed with the explicit objective of exemplifying
prescriptive guidance.

7
For more information, see Multi-Tenant Data Architecture
SaaS Sample Application
64 Appendix B: Glossary
Scaleable
Scaling the application means maximizing concurrency and using application resources more
efficiently optimizing locking duration, statelessness, sharing pooled resources such as threads
and network connections, caching reference data and partitioning large databases are examples of
best practices for scaling applications to a large number of users.
Story Scene
A story scene is considered as the basic structure or building block of a user story.
Tenant
Clients who are concerned about surrendering control of vital business data to a third party (SaaS
Provider)
Test Rig
Group of computers that consists of a single controller and one or more agents8.
Total cost of ownership
It is the total price in money, time, and resources for owning and using software.
User Story
Its an informal statement of a customer requirement formulated in the everyday language of the
user.
WF (Windows Workflow Foundation)
For more information, visit http://wf.netfx3.com/
Workflow Customization
Organizations often implement similar business capabilities with different processes. Therefore,
tenants may want to modify the application workflow to match their business processes. In
addition, each step of the workflow may be guided by business rules that specify the conditions
for which particular business actions should be taken. Since it is common to find real world
organizations operating with different business policies, a multi-tenant solution should also let
tenants encode custom rules, conditions and parameters.

8
For more information, see Test Rig Requirements for Team System
SaaS Sample Application
65 Appendix C: Test lab
Appendix C: Test lab
Use the information in this appendix to plan your test lab.
Why Load Tests?
SaaS applications not only require to execute design and development initiatives that meet
functional specifications, but also to release fast, responsive, and scaleable applications.
Determining performance objectives as part of the early stages in the design and architecture of
the application is fundamental for any successful SaaS endeavor. Building these parameters into
the design from the beginning prevents you from having to spend unnecessary time and resources
addressing performance and scalability deficits later in the life cycle.
The correct design and process will provide you an opportunity to reduce total cost of ownership
(TCO). Costs are contained not only by planning carefully in the development phase, but also by
delivering robust and scalable applications that are multi tenant efficient.
Using load tests will help you to:
Detect abnormal behaviors in the application
Determine how the application performs under light loads for short durations
Determine if the application will run successfully for a sustained duration under heavy
load
Determine how responsive the application is
Determine how the application performs at various capacities
FOR MORE INFORMATION, SEE IMPROVING .NET APPLICATION PERFORMANCE AND SCALABILITY
9

LitwareHR Lab
Visual Studio Team Edition for Testers provides a tool for creating and running load tests. The
primary goal of a load test is to simulate many users accessing a server at the same time.
When you add Web tests to a load test, you simulate multiple users opening simultaneous
connections to a server and making multiple HTTP requests. You can set properties on load tests
that broadly apply to the individual Web tests.
When you add unit tests to a load test, you exercise the performance of non-Web based server
components. An example application of a unit test under load is to test data access model
components.
Load tests can be used with a set of computers known as a rig, which consists of agents and a
controller. FOR MORE INFORMATION, SEE WORKING WITH CONTROLLERS, AGENTS, AND RIGS
10


9
http://msdn.microsoft.com/practices/compcat/default.aspx?pull=/library/en-us/dnpag/html/scalenet.asp
10
http://msdn2.microsoft.com/en-us/library/ms182634(VS.80).aspx
SaaS Sample Application
66 Appendix C: Test lab
The LitwareHR lab consists of 5 machines deployed in 3 tiers. Your lab design can vary depending
on the particular scenario that you want to simulate; for example more servers could be added to
the Web Application Tier to scale out the web farm, or simply more servers could be added as
Agent servers if you intend to generate more processing stress
11
.

Figure 51: Deployment diagram
Lab configuration
Note: This section is not intended to explain and instruct how to set up and configure a test
environment. FOR MORE INFORMATION, SEE SETTING UP THE CONTROLLER AND AGENT FUNCTIONALITY
12

Controller
Contains Visual Studio 2005 test projects and executes them according to the Test Rig
configuration. Consequently, store and displays load tests results used as basis information for
further analysis
13
.
Windows 2003 R2, SP1
Visual Studio 2005 Team Suite
Visual Studio 2005 Team Test Load Controller
SQL Server 2005, Standard Edition
Agent
Receives and carries out the instructions issued from the controller generating the processing
stress towards the web application servers. It also collects performance counters that will be
subsequently addressed to the controller.

11
For more information, see How to: Add an Agent to a Controller
12
http://msdn2.microsoft.com/en-us/library/ms182635(VS.80).aspx
13
For more information, see How to: Analyzing Load Tests Results
SaaS Sample Application
67 Appendix C: Test lab
Windows 2003 R2, SP1
Visual Studio 2005 Team Suite
Visual Studio 2005 Team Test Load Agent
Web Application Servers
Receives and processes web request form the agents. Both the presentation and business logic are
deployed in this tier.
Windows 2003 R2, SP1
Visual Studio 2005 Team Suite
IIS
.NET 3.0
DB Server
Stores persistent data. All the SQL Server 2005 databases and the ADAM instance are deployed in
this tier.
Windows 2003 R2, SP1
ADAM
SQL Server 2005, Standard Edition
Testing the Application
It is important that you create several load test use cases to bring valuable information on making
the application grow up in quality and performance. At the same time, these tests will reveal
aspects of the systems under test (analyzing the performance counters displayed by the
controller) that usually remain undiscovered and were not considered at all.
Tenant Provisioning
This test will determine if the application can provision a large number of tenants. This implies
virtual directories under IIS, OUs under ADAM and Multitenant DB.
It will also verify if it is possible to make tenant provisioning simultaneously by a considerable
amount of users.
Job Search
This test will determine the performance of the page that displays the list of Open Positions that
are queried from the Workflow Tracking Service. Additionally, it will test the pages layout and UI
configuration based on the previous user customization.
The test will simulate job searches for different tenants accomplishing a more realistic scenario by
selecting random tenant profiles.
SaaS Sample Application
68 Appendix C: Test lab
Sign Up
This test will confirm if ADAM fits to multi tenant demands through high level frequency ADSI
queries.
Login
This test will determine how many users from different tenants will be able to login at the same
time. It has some similarities with Signup test in that ADSI queries are performed.
Open Position
This test will analyze the Workflow Runtime responsiveness towards several concurrent user
requests from different tenants.
Submit Resume
When a resume is submitted, a new Candidate Evaluation Process (CEP Workflow) is launched.
This test will take the CEP workflows creation to the limit and will be also querying to the SaaS
Hosting Platform to perform Workflow Rule Set evaluation.
Tests Results as a feasibility study
Base your decisions on empiric data. Empirical results obtained from tests sometimes overwhelm
developers expectations.
One example of this is tenant provisioning, the test resulted in a complete success having 3466
users provisioned and 0 failed.
SaaS Sample Application
69 Appendix C: Test lab

Figure 52: Make Tenant Provisioning Load Test Results
SaaS Sample Application
70 Contributors
Contributors
The team that produced the sample came from a wide range of areas within Microsoft and from
many of our partner organizations. The following people made a substantial contribution to the
writing, developing, and testing of this content.
Program Management
Gianpaolo Carraro, Microsoft Corporation
Alejandro G. Jack, Southworks.NET
Architecture
Fred Chong, Microsoft Corporation
Matias Woloski, Southworks.NET
Angel Lopez, Southworks.NET
Development
Ariel Schapiro, Southworks.NET
Test
Ezequiel Bella, Southworks.NET
Edgardo Rossetto, Southworks.NET
Gustavo Azcona, Southworks.NET
Documentation
Miguel Saez, Southworks.NET
Review
Arvindra Sehmi, Microsoft Corporation
Juergen Pfeifer, Microsoft Corporation
Eugenio Pace, Microsoft Corporation
Pedro Deviggiano, Microsoft Corporation
Roberto Schatz, Microsoft Corporation
Mariano Szklanny, Southworks.NET
Johnny Halife, Southworks.NET
Alberto Ortega, Southworks.NET
Pablo Damiani, Southworks.NET
Architecture Strategy Team
SaaS Sample Application
71 Contributors
Simon Guest, Microsoft Corporation
Ron Jacobs, Microsoft Corporation
SaaS Sample Application
72 Additional resources
Additional resources
Additional Resources can be found
On MSDN
SaaS Architecture Center: http://msdn.microsoft.com/architecture/saas
LitwareHR sample application on MSDN:
http://msdn.microsoft.com/architecture/saas/sampleApp
On CodePlex
Community site: http://www.codeplex.com/LitwareHR
On Skyskrapr.net
The Making Of LitwareHR on Skyscrapr: http://www.skyscrapr.net/architects-in-
action.aspx
On blogs
Gianpaolos blog: http://blogs.msdn.com/gianpaolo
Freds blog: http://blogs.msdn.com/fred_chong

To learn more about architecture visit:
http://www.microsoft.com/architecture/
To learn more about ISV resources & programs visit:
http://msdn.microsoft.com/isv/
To learn what does it takes to become an architect visit:
http://www.skyscrapr.net/
At Skyscrapr you can access videos, training, glossaries, ARCasts, and blogs that will help you learn
more about technology architecture. It also provides insightful links into MSDNs architectural
library.