Pro ASP.NET 2.0 In CSharp 2005 (2005) [eng]
.pdf
630 C H A P T E R 1 8 ■ W E B S I T E D E P L OY M E N T
Table 18-2. Continued
|
Configuration |
<processModel> |
|
IIS 6.0 Setting |
Tab |
Setting |
Description |
Enable CPU monitoring |
Performance |
|
Specifies the maximum CPU |
|
|
|
charge for a worker process. |
|
|
|
If the worker process |
|
|
|
charges the CPU more than |
|
|
|
configured here, you can |
|
|
|
configure IIS to shut it down |
|
|
|
or keep it alive and in |
|
|
|
quarantine for debugging |
|
|
|
(called orphaning). |
Web Garden |
Performance |
webGarden |
This setting allows you to |
|
|
|
configure IIS so that it creates |
|
|
|
multiple processes for one |
|
|
|
application pool. Each of |
|
|
|
these processes is then able |
|
|
|
to process requests for a web |
|
|
|
application. Actually, IIS 6.0 |
|
|
|
can launch multiple |
|
|
|
processes for a pool even |
|
|
|
if the machine has just |
|
|
|
one CPU. |
SMPProcessorAffinityMask |
|
cpuMask |
Currently this setting can |
|
|
|
be edited only in the IIS |
|
|
|
metabase.xml file stored in |
|
|
|
the <DRIVE>:\WINDOWS\ |
|
|
|
SYSTEM32\INTESRV |
|
|
|
directory. Together with the |
|
|
|
SMPAffinitized attribute set |
|
|
|
to true, it allows you to |
|
|
|
specify the CPU mask for web |
|
|
|
gardening on multiprocessor |
|
|
|
machines. |
Recycle in minutes |
Recycling |
|
Allows you to specify that |
|
|
|
the worker process will be |
|
|
|
restarted based on the |
|
|
|
specified time interval. |
Recycle in number of |
Recycling |
requestLimit |
Recycles a worker process |
requests |
|
|
after it has processed the |
|
|
|
specified number of requests. |
Recycle at following times |
Recycling |
|
IIS 6.0 allows you to specify |
|
|
|
dedicated times for worker |
|
|
|
process recycling. |
-- |
|
restartQueueLimit |
See the documentation for |
|
|
|
the <processModel> element. |
Memory Recycling |
Recycling |
memoryLimit |
IIS 6.0 allows you to specify |
|
|
|
two separate memory limits. |
|
|
|
The first one is the memory |
|
|
|
used by the application, and |
|
|
|
the second option specifies |
|
|
|
the virtual memory (used plus |
|
|
|
reserved memory) of the |
|
|
|
application. |
|
|
C H A P T E R 1 8 ■ W E B S I T E D E P L OY M E N T |
631 |
|
|
|
|
|
|
|
Configuration |
<processModel> |
|
|
IIS 6.0 Setting |
Tab |
Setting |
Description |
|
Application pool identity |
Identity |
username |
Specifies the user identity |
|
|
|
|
for an application pool. The |
|
|
|
|
default is the restricted |
|
|
|
|
Network Service account |
|
|
|
|
with least privileges. You can |
|
|
|
|
change this setting either to |
|
|
|
|
the local system that has a |
|
|
|
|
couple of additional |
|
|
|
|
privileges on the local |
|
|
|
|
machine or to the local |
|
|
|
|
system (what is not |
|
|
|
|
recommended, as you should |
|
|
|
|
run your applications always |
|
|
|
|
with the least privileges; you |
|
|
|
|
can find more information on |
|
|
|
|
that in Part 4). |
|
Application pool identity |
Identity |
password |
Specifies the password for the |
|
|
|
|
application pool’s identity. |
|
|
|
responseDeadlock- |
See the <processModel> |
|
|
|
Interval |
configuration options. |
|
|
|
maxWorkerThreads |
See the <processModel> |
|
|
|
|
configuration options. |
|
|
|
maxIoThreads |
See the <processModel> |
|
|
|
|
configuration options. |
|
|
|
|
|
|
This overview should give you a fairly good understanding of how IIS and ASP.NET work together. However, there’s a lot more to learn before you can consider yourself an experienced web administrator. In particular, IIS 6 is a sophisticated program with a slew of powerful options. To learn more about these features, consult the online documentation (one good resource is the Microsoft site http://www.microsoft.com/windowsserver2003/techinfo/_overview/iis.mspx) or a dedicated book on IIS administration. However, you’ll learn enough in this book to create, configure, and test web applications in virtual directories with IIS.
Installing IIS
Even though IIS is included with Windows, it’s not installed by default. That’s because Microsoft recognizes that allowing Internet access to any part of your computer is a security risk, and it’s not an operation that should be performed automatically if it’s not needed.
■Note IIS is available only if your computer is running Windows 2000, Windows 2000 Server, Windows XP Professional, or Windows Server 2003. Each version of Windows has a slightly different version or configuration of IIS. As a general rule of thumb, when you want to publish your website, you should use a server version of Windows to host it. Desktop versions, such as Windows 2000 and Windows XP Professional, are fine for development testing, but they implement a connection limit of ten simultaneous users, which makes them much less suitable for realworld use. Windows Server 2003 is different from the other operating systems, as by default IIS 6.0 is installed in a locked-down mode processing static content and ASP.NET applications only. Other types of applications, even classic ASP, must be explicitly enabled by administrators.
632 C H A P T E R 1 8 ■ W E B S I T E D E P L OY M E N T
The process of configuring IIS depends on the version of Windows you have installed. The next two sections lead you through the steps you need to perform.
Installing IIS 5
On a Windows 2000, Windows 2000 Server, or Windows XP Professional computer, you can follow these steps to install IIS:
1.Click Start, and select Settings Control Panel.
2.Choose Add or Remove Programs.
3.Click Add/Remove Windows Components.
4.If Internet Information Services is checked (see Figure 18-7), you already have this component installed. Otherwise, click it and click Next to install the required IIS files. You’ll need to have your Windows setup CD handy.
Figure 18-7. IIS is currently installed.
Installing IIS 6
If you’re using Windows Server 2003, you can install IIS through the Add/Remove Windows Components dialog box, but it’s more likely that you’ll use the Manage Your Server Wizard. Here’s how it works:
1.Select Add or Remove a Role from the main Manage Your Server window. This launches the Configure Your Server Wizard.
2.Click Next to continue past the introductory window. The setup wizard will test your available and enabled network connections and then continue to the next step.
3.Now you choose the roles to enable. Select Application Server (IIS, ASP.NET) from the list, as shown in Figure 18-8, and click Next.
C H A P T E R 1 8 ■ W E B S I T E D E P L OY M E N T |
633 |
Figure 18-8. Choosing an application server role
4.Click the Enable ASP.NET check box on the next window (see Figure 18-9). If you don’t, IIS will be enabled, but it will be able to serve static content only like ordinary HTML pages. Click Next to continue.
Figure 18-9. Enabling other services
5.The next window shows a summary of the options you’ve chosen. Click Next to continue installing IIS 6.0 and ASP.NET. Once the process is complete, you’ll see a final confirmation message.
634 C H A P T E R 1 8 ■ W E B S I T E D E P L OY M E N T
■Note The rest of this chapter describes website administration with IIS 5, which is usually used when developing a website. However, if you’re starting out with IIS 6, you’ll still be able to use most of the instructions in this chapter, but you may want to supplement your knowledge with the online help for IIS 6 or a dedicated book about IIS 6 administration.
Managing Websites
When IIS is installed, it automatically creates a directory named c:\Inetpub\wwwroot, which represents your website. Any files in this directory will appear as though they’re in the root of your web server.
To add more pages to your web server, you can copy HTML, ASP, or ASP.NET files directly to the c:\Intetpub\wwwroot directory. For example, if you add the file TestFile.html to this directory, you can request it in a browser through the URL http://localhost/TestFile.html. You can even create subdirectories to group-related resources. For example, you can access the c:\Intetpub\ wwwroot\MySite\MyFile.html file through a browser using the URL http://localhost/MySite/ MyFile.html. If you’re using Visual Studio .NET to create new web projects, you’ll find that it automatically generates new subdirectories in the wwwroot directory. So, if you create a web application named WebApplication1, the files will be stored in c:\Inetpub\wwwroot\WebApplication1 and will be made available through http://localhost/_WebApplication1.
Using the wwwroot directory is straightforward, but it makes for poor organization. To properly use ASP or ASP.NET, you should create a new virtual directory for each web application you create. With a virtual directory, you can expose any physical directory (on any drive on your computer) on your web server as though it were located in the c:\Inetpup\wwwroot directory.
To create virtual directories, you need to use the administrative IIS Manager utility. The steps for doing this are essentially the same in IIS 5 and IIS 6. To start it, select Settings Control Panel Administrative Tools Internet Information Services from the Start menu. The next few sections walk you through the steps and explain the settings that you can configure.
Creating a Virtual Directory
When you’re ready to create a new website, the first step you’ll usually take is to create the physical directory where the pages will be stored (for example, c:\MySite). The second step is to expose this physical directory as a virtual directory through IIS. This means that the website becomes publicly accessible to other computers that connect to your computer over HTTP.
To create a new virtual directory for an existing physical directory, right-click the Default Website item in the IIS tree, and choose New Virtual Directory from the context menu. A wizard will start to manage the process, as shown in Figure 18-10.
As you step through the wizard, you’ll need to provide three pieces of information: an alias, a directory, and a set of permissions. The following sections describe these settings.
C H A P T E R 1 8 ■ W E B S I T E D E P L OY M E N T |
635 |
Figure 18-10. The Virtual Directory Creation Wizard
Alias
The alias is the name a remote client will use to access the files in this virtual directory. For example, if your alias is MyApp and your computer is MyServer, you can request pages using URLs such as http://MyServer/MyApp/MyPage.aspx.
Directory
The directory is the physical directory on your hard drive that will be exposed as a virtual directory. For example, c:\Intetpub\wwwroot is the physical directory that is used for the root virtual directory of your web server. IIS will provide access to all the allowed file types in this directory.
Permissions
Finally, the wizard asks you to set permissions for your virtual directory, as shown in Figure 18-11. You can set several permissions:
Read: This is the most basic permission—it’s required in order for IIS to provide any requested files to the user. If this is disabled, the client will not be able to access ASP or ASP.NET pages or access static files such as HTML and images. Note that even when you enable read permission, several other layers of security are possible in IIS. For example, some file types (such as those that correspond to ASP.NET configuration files) are automatically restricted, even if they’re in a directory that has read permission.
Run scripts: This permission allows the user to request an ASP or ASP.NET page. If you enable read but don’t allow script permission, the user will be restricted to static file types such as HTML documents. ASP and ASP.NET pages require a higher permission because they could conceivably perform operations that would damage the web server or compromise security.
Execute: This permission allows the user to run an ordinary executable file or CGI application. This is a possible security risk as well and shouldn’t be enabled unless you require it (which you won’t for ordinary ASP or ASP.NET applications).
636 C H A P T E R 1 8 ■ W E B S I T E D E P L OY M E N T
Write: This permission allows the user to add, modify, or delete files on the web server. This permission should never be granted, because it could easily allow the client computer to upload and then execute a dangerous script file (or, at the least, use all your available disk space). Instead, use an FTP site, or create an ASP.NET application that allows the user to upload specific types of information or files.
Browse: This permission allows you to retrieve a full list of files in the virtual directory, even if the contents of those files are restricted. Browse is generally disabled, because it allows users to discover additional information about your website and its structure as well as exploit possible security holes. On the other hand, it’s quite useful for testing, so you might want to enable it on a development computer.
Figure 18-11. Virtual directory permissions
To host an ASP.NET application, you need to enable only the read and execute permissions (the first two check boxes). If you’re using a development computer that will never act as a live web server, you can allow additional permissions. Keep in mind, however, that this could allow other users on a local network to access and modify files in the virtual directory. You can also change the virtual directory permissions after you have created the virtual directory.
Virtual Directories and Web Applications
You can manage all the virtual directories on your computer in the IIS utility by expanding the tree under the Default Website item. You’ll notice that items in the tree have three types of icons:
Ordinary folder: This represents a subdirectory inside another virtual directory. For example, if you create a virtual directory and then add a subdirectory to the physical directory, it will be displayed here.
Folders with a globe: This represents a virtual directory.
Package folders: This represents a virtual directory that is also a web application. By default, when you use the wizard to create a virtual directory, it’s also configured as a web application. This means it will share a common set of resources and run in its own application domain.
C H A P T E R 1 8 ■ W E B S I T E D E P L OY M E N T |
637 |
When you create a virtual directory with the Virtual Directory Creation Wizard, it’s also configured as a web application. This is almost always what you want. If your virtual directory isn’t a web application, you won’t be able to control its ASP.NET configuration settings, and you won’t be able to create a web application in it using Visual Studio .NET.
Folder Settings
IIS makes it easy to configure virtual directories after you’ve created them. Simply right-click the virtual directory in the list, and choose Properties. The Properties window will appear, with its information divided into several tabs. The following sections describe some of the most important settings.
Virtual Directory
The Virtual Directory tab includes options that allow you to change the permissions you set when creating the virtual directory with the wizard. You can also see the local path that corresponds to this virtual directory. If you’re looking at the root of a virtual directory, you can set the local path to point to a different physical directory by clicking the Browse button. If you’re looking at an ordinary subdirectory inside a virtual directory, the local path will be read-only.
Remember, when you create a virtual directory with the wizard, it’s also configured as a web application. You can change this by clicking the Remove button next to the application name. Similarly, you can click the Create button to transform an ordinary virtual directory into a full-fledged application. Usually you won’t need to perform these tasks, but it’s nice to know they are available if you need to make a change. They can be useful when transplanting an application from one computer to another.
■Note Any changes you make will be automatically applied to all subdirectories. If you want to make a change that will affect all the virtual directories on your server, right-click the Default Website item and choose Properties. The change will be cascaded down to all the subdirectories that are contained in the current virtual directory. If your change conflicts with the custom settings that you’ve set for a virtual directory, IIS will warn you. It will present a list of the directories that will be affected and give you the chance to specify exactly which ones you want to change and which ones you want to leave as is.
File Mappings
As explained earlier in this chapter, IIS hands off requests for ASP pages to the ASP ISAPI extension and sends requests for ASP.NET pages to the ASP.NET ISAPI extension. Furthermore, you have seen that IIS decides the designated ISAPI extension based on the filename extension of the requested URL. Actually, you can configure these file mappings on a per–virtual directory basis. When ASP.NET is installed, it modifies the IIS metabase to add the mappings for file types that it needs to process. To view these file mappings, click the Configuration button on the Virtual Directory tab. You’ll see the dialog box shown in Figure 18-12.