240 likes | 484 Views
Internet Information Services (IIS) 7.0 End-to-End Overview of Microsoft's New Web Application Server. Bart De Smet MVP, INETA Info@bartdesmet.net http ://blogs.bartdesmet.net/bart. Agenda. Where are we with IIS 6.0? IIS 7.0 pillars dive deep for developers Security Extensibility
E N D
Internet Information Services (IIS) 7.0End-to-End Overview of Microsoft's New Web Application Server Bart De Smet MVP, INETA Info@bartdesmet.net http://blogs.bartdesmet.net/bart
Agenda • Where are we with IIS 6.0? • IIS 7.0 pillars dive deep for developers • Security • Extensibility • Configuration • Management • Diagnostics • Lots of demos
Security Secure by default Secure by design Secure in deployment Reliability Fault tolerant architecture Health monitoring Intelligent queuing Scalability Scale-up/scale-out Kernel-mode caching Integrated application platform System Management XML-based configuration Command line administration Remote administration IIS 6.0 Pillars Revisited
Security Customized, Componentized Web Server Reduced management of Patches URLScan built-in Functionality Extensibility Brand new Win32 API Integrated support for ASP.NET Modules Config Distributed configuration with delegation Rich extensibility Integrated Configuration for Web Platform Diagnostics Brand-new State API Easy-to-setup & Use Failed Request Tracing IIS & ASP.NET Integrated Diagnostics System Management Innovative, Brand-new IIS Manager AppCmd.exe: Command line administration Http & Https Remote administration Introducing IIS 7.0 Pillars
Security IIS 7.0 - Security • SD³ • Componentized web server • 40 (!) setup components • Lower the attack surface • Reduction of patch management • URLScan functionality built-in
Extensibility IIS 7.0 - Extensibility • New APIs • Win32 API • Used by core IIS 7.0 components (modular) • No rabbits in hats • Managed code API • Integrated pipeline with ASP.NET 2.0 • Transfer your knowledge (IHttp* interfaces) • “ISAPI the easy way”
Extensibility IHttpHandlers Once upon a time... w3wp.exe aspnet_isapi.dll handlers cgi static file ISAPI extension IHttpModule Events url map begin req determine handler logging auth’c req w3svc auth’z req custom errors compression resolve cache end req authentication handler map update req cache ISAPI Filter Notifications handler exec rel req state url map auth’c req log Pre-proc headers End net session PageHandler Trace.axd
Extensibility native modules managed modules basic auth url auth’z digest auth role mgr windowsauth forms auth Get together in IIS 7.0 Native Handler IHttpHandler static file ISAPI extension *.aspx trace.axd IHttpModule Native Module end was log update cache release state executehandler pre-execute handler acquire state map handler resolve cache authorize authenticate begin
Your first IIS 7.0 module • Step 1 – Implementing core functionality • Implement IHttpModule • Compile, deploy and test • Step 2 – Extending & using configuration • Step 3 – Satisfy the IT Pro
Config IIS 7.0 - Configuration • The death of the metabase • Distributed XML-based configuration • Integrated IIS + ASP.NET config (web.config) • Allows for delegation • Real xcopy deployment • Strongly typed schema (ApplicationHost.config) • Feel free to extend it!(<configSchema>) • Configuration API
Config IIS 7.0 - Configuration <handlers> <add path="*.asp"modules="Asp"checkPathInfo="true" verb="GET,HEAD,POST" /> <add path="*.stm"modules="ServerSideIncludeModule"checkPathInfo="true"verb="GET,POST" /> <add path="*.exe" modules="CGIModule"checkPathInfo="true"verb="GET,POST" /> </handlers> Application 2 Root Website 2 Root Website 1 Root Global server configuration Application 1 Root web.config web.config web.config web.config ApplicationHost.config <handlers> <add path="*.aspx" modules="aspnet"checkPathInfo="false"verb="GET,POST" /> </handlers>
Your first IIS 7.0 module • Step 1 – Implementing core functionality • Step 2 – Extending & using configuration • Add schema (%windir%\system32\inetsrv\config\schema) • Configure schema (ApplicationHost.config) • Apply configuration (appcmd.exe, web.config) • Step 3 – Satisfy the IT Pro
System Management IIS 7.0 - Management • IIS Manager (inetmgr.exe) • Fully extensible (managed code) • Remote administration over HTTP(S) • Satisfy your IT Pro friends • New WMI provider (extensible) • AppCmd.exe cmdline administration • Compatible with IIS 6.0 ADSI and WMI • Windows PowerShell
System Management IIS 7.0 - Management Vista-style breadcrumb .NET configuration IIS configuration Add modules here
Your first IIS 7.0 module • Step 1 – Implementing core functionality • Step 2 – Extending & using configuration • Step 3 – Satisfy the IT Pro • Extend the IIS Manager with a module • WMI support
Diagnostics IIS 7.0 - Diagnostics • Real-time information • Queryable by IT Pros and Developers • Processes, App Pools & Doms, requests • Failed Request Tracing • Throughout the IIS 7.0 pipeline • Identify bottlenecks, stuck requests, etc • Custom errors • Detailed localized information
Diagnostics IIS 7.0 - Diagnostics • FREB • Failed • Request • Event • Buffer • Extensible • Add traces • Control API Begin Request Read Metadata Authenticate Authorize Cached ISAPI Filter Determine Handler
Summary • IIS 7.0 highlights • Security is a top priority • Extensibility to the max! • Improved management • Production debugging with diagnostics • Availability • IIS 7.0 in Windows Vista • IIS 7.0 in “Longhorn” Server Beta 3 Go Live
Have fun with Internet Information Service 7.0 on Vista and “Longhorn”! Q & A