RIAs and Emissaries

The emerging field of RIA (Rich Internet Applications) is a hybrid between the classic rich-client application and a browser. Designed to provide the richness of the client environment without installation, RIA applications must be small and lightweight. To provide safety, they must have strictly limited access to resources on the client machine. Sandboxing of the client access limits the RIA app to per-app/per-user/per-machine state. The state of the art is evolving in how sharing can be done within RIA environments across applications and across users while providing safe computing. The emissary design pattern is one where there is non-trusted code running outside of a service which is specifically designed to support interactions with the service. Leveraging reference data published by the target service, the emissary prepares requests with a sophisticated enough understanding of the service's expectations that the request is likely to be accepted and processed. All of this is done while respecting the trust boundaries imposed by the target service. This pattern is clarified in the talk by showing parallels to the usage of paper forms in the business processes that proceeded the advent of computers. We will explore the use and evolution of the Rich Internet Application and discuss some of the fun challenges the industry faces as RIAs evolve. Then, we will describe the emissary design pattern and show how RIAs are very well suited to working with their parent web environment using this pattern. This talk is simply the wild ideas of the presenter and does not reflect any product commitments. It might, however, help you understand and build your applications differently.