OWIN Katana Introduction

Scott Brady
Scott Brady
Katana
Open Web Interface for .NET - OWIN

In the .NET world there hasn't been much choice in web server technology aside from IIS and all the caveats that come with it. IIS has been around for a long time now, longer than ASP.NET itself, and for a junior programmer, tackling it and its years worth of libraries can be quite a daunting task. Another barrier is System.Web, a monolithic assembly that contains everything under the sun all tightly coupled into one namespace, often being coupled into IIS.

With more and more processing moving onto the client, servers have stopped processing and returning html and are instead just returning data for the client to parse and present. Modern approaches such as node.js require minimal effort to act as a web server, containing only what is needed to build the application and nothing else.

OWIN

The Open Web Interface for .NET (OWIN) specification aims to provide a similar experience for .NET. This open standard provides a simple API for web servers and frameworks to interact with.

The mission statement from the guys themselves:

OWIN defines a standard interface between .NET web servers and web applications. The goal of the OWIN interface is to decouple server and application, encourage the development of simple modules for .NET web development, and, by being an open standard, stimulate the open source ecosystem of .NET web development tools. - owin.org

I find that a good way of viewing OWIN is as an abstraction layer between .NET web servers and web applications. This API has minimal dependencies on other frameworks, to allow applications to be moved between hosts and platforms with minimal effort.

The request/response flow acts as a pipeline, with all requests having to pass through the various middleware components before reaching the application. In fact the request may never reach your application, with the middleware responding for you (e.g. when using an authentication middleware component)

OWIN Pipeline

Katana

Katana is the Microsoft implementation of the OWIN specification and can be self-hosted or integrated with the IIS pipeline. Katana components use the Microsoft.Owin.* namespace and currently include support for Microsoft/ASP.NET technologies such as SignalR, ASP.NET Identity and also a large amount of authentication/authorization packages, most notably enabling simple external authentication with providers such as Google.

IIS

By no means am I saying not to use IIS, it's still fantastic at what it does, but there are now alternatives for when IIS is a bit overkill for your requirements. As I said before, Katana and IIS can be used together (e.g. in current MVC projects) and System.Web can still be called upon. Just know your requirements and plan accordingly.

ASP.NET vNext

Microsoft's experience with Katana has had a big effect on the direction of ASP.NET 5. ASP.NET 5 still uses OWIN but the internals have had a complete internal rewrite with some breaking changes (for instance some of the basic method and variable names have been changed).

Further Reading

I'll make some more posts about the basics of Katana middleware components and how requests/responses are handled but good places to start are:

  • OWIN Specification v1.0.0 - The original OWIN specification. There is also a draft v.1.1.0 available.
  • ASP.NET - An Overview of Project Katana - A good intro to Katana and basic OWIN middleware. However, do take some of the ASP.NET team's implementation documentation with a pinch of salt (e.g. do not put business logic & data access in your presentation layer. Also stay away from some of their OAuth implementations).
  • Pluralsight - ASP.NET MVC 5 Fundamentals - Scott Allen's Pluralsight course has a very good chapter on OWIN and Katana implementation.