Docstoc

IIS 7 Extensibility _ configuration

Document Sample
IIS 7 Extensibility _ configuration Powered By Docstoc
					IIS7
The Future of
Microsoft’s Web Server
Platform
<Name>
<Title>
<Email>
Agenda
•   Handlers and Modules
•   IIS UI
•   Extending the IIS Schema
•   Tracing and Diagnostics
•   Configuration Overview
•   Integrated Configuration
•   Delegation of Configuration
•   Configuration Extensibility
IIS7 – Built for Extensibility
•   Handlers and Modules
•   Role and Membership Providers
•   Extending the IIS Schema
•   IIS UI
•   Tracing and Diagnostics
Handlers vs Modules
•   Modules provide services to all requests
•   Basic Authentication module
•   Compression module (etc)
•   Handlers provide services to specific
    extensions
    • ISAPI handler (.dll)
    • Static handler (.htm, .jpg, .gif, etc)
• IIS 7 pipeline allows native and managed
  modules and handlers
    • "Integrated" Application Pool mode
      •   Use the managed modules and handlers
    • "Classic" Application Pool
      •   IIS 6 style invocation of .NET
IIS7 Request Processing
                          Server functionality is
    Authentication
                         split into ~ 40 modules...
 NTLM    Basic   Anon
    Authorization
          …                Modules plug into a
    ResolveCache CGI        generic request
 Determine
          …
                Static
                              pipeline…
  Handler        File
   ExecuteHandler
         …
                 ISAPI   Modules extend server
         …               functionality through a
    UpdateCache
   Send Response           public module API.
    SendResponse
  Log      Compress
Creating a Managed Module
• Identical to ASP.NET IHttpModule
  interface.
• How to:
 • Create class to implement iHttpModule
 • Write code for the Init Method
   • Initialize module
   • Subscribe to events
 • Write code for the subscribed events
 • Implement the Dispose method (required)
 • Register the module in the Web.config or
   Applicationhost.config file.
Creating a Class from
IHttpModule
 public class BasicAuthenticationModule :
   System.Web.IHttpModule
 {
   void Init(HttpApplication context)
   {
   }

       void Dispose()
       {
       }
 }

http://msdn.microsoft.com/library/default.asp?url=/library/en-
us/cpref/html/frlrfSystemWebIHttpModuleClassTopic.asp
    Integrated pipeline: Events
    •   Request Events
        •   Begin
                                                 WindowsAuthenticationModule
        •   Authenticate
        •   Authorize
        •   Resolve Cache                          BasicAuthenticationModule
        •   Map Handler
        •   Acquire State
        •   PreExecute Handler                       System.Web.Security.
        •   Execute Handler                       FormsAuthenticationModule
        •   Release State
        •   Update Cache
        •   Log                                      UrlAuthorizationModule
        •   End

    •   On Demand Events                              •   Global Events
        •   SendResponse                                  •    Initialize / Shutdown
        •   ReadEntityBody                                •    Config Change / File
        •   MapPath                                            Change
                                                           •   Application Start / Stop
                                                           •   Health Check
                                                           •
ttp://www.iis.net/default.aspx?tabid=2&subtabid=25&i=928&p=3   Trace Event
                                                           •   More
  Subscribing to an Event
   public void Init(HttpApplication context)
   {
      //
      // Subscribe to the authenticate event to perform the
      // authentication.
      //
      context.AuthenticateRequest += new
                         EventHandler(this.AuthenticateUser);
      //
      // Subscribe to the EndRequest event to issue the
      // challenge if necessary.
      //
      context.EndRequest += new

       EventHandler(this.IssueAuthenticationChallenge);
   }

http://msdn2.microsoft.com/en-us/library/system.web.httpapplication.aspx
Add module to IIS 7
configuration
• Modules can be added to:
  • Applicationhost.config as Global
  • Applicaitonhost.config as Local with location tag
  • Web.config
• The specific sequence of modules can matter
• Add modules with:
  •   IIS Manager
  •   APPCMD
  •   WMI
  •   Powershell
  •   Microsoft.web.administration
Modules in
Applicationhost.config
• In Applicatonhost.config:
  • <Global Modules> - for native modules and
    Managed Engine
    <add name="HttpCacheModule"
       image="%windir%\System32\inetsrv\cachhttp.dll" />
  • <Modules> - Entries for all native and managed
    modules
    <add name="FormsAuthentication"
      type="System.Web.Security.FormsAuthenticationModule"
      preCondition="managedHandler" />
    •    preCondition tells managed modules to work only for
        managed code by default
    •   List is customizable per application and can be delegated
• Modules defined in Applicationhost.config load
  for all application unless in “location” tag.
Modules in Web.config

• Note System.webServer rather than System.web
  •   IIS 7 reads System.webServer, ASP.net reads System.web
• Delegation for managed most managed modules is
  enabled by default
• Native modules cannot be loaded in web.config
  <configuration>
    <system.webServer>
      <modules>
       <add name="MyBasicAuthenticationModule“
                type="IIS7Demos.BasicAuthenticationModule" />
     </modules>
    </system.webServer>
  </configuration>
Options for Code Placement

• If loaded in Applicationhost.config:
  • Compile and place managed code in GAC
  • Can then service all requests in the server pipeline
  • Native modules/handlers in system32\inetsrv
    • Specify location in configuration
• In Web.config
  • GAC
  • Locally in \App_Code as uncompiled code
  • Locally \bin as .dll
• If locally stored, Xcopy deployment will insure
  correct code and configuration
Creating a Managed
Module
Creating a Managed Handler
• Identical to ASP.NET IHttpHandler
• Steps:
  • Create Class that implements iHttpHandler
  • Add code for ProcessRequest method
      •   This method receives a parameter of type HttpContext.
          Allows you to access the intrinsic objects such as Request
          and Response
  • Set property IsReusable
      •   Determines if other request can use the handler
  • Configure Handler in Applicationhost.config or
    web.config

http://msdn2.microsoft.com/en-us/library/system.web.ihttphandler.processrequest.aspx
Examining a Custom
Managed Handler
Extending the IIS Manager
UI
• IIS 6 MMC was not easy to extend
• IIS 7 Manager (IISMGR) has a modular
  design
• Add new controls, remove, or hide
  features
• Administration.config is xml config
  store
• IIS Manager features are Winform apps
• Integrate your application configuration
  into IISManager and IIS 7 confiig
  system
Extending the IIS 7 Schema
• Add app config settings to IIS 7 schema
• Add xml file to
  %SystemDir%\inetsrv\config\schema
• Automatically incorporated by IIS 7
• Read with Microsoft.Web.Administration
  <configSchema>
    <sectionSchema name="system.webServer/imageCopyright">
    <attribute name="enabled" type="bool" defaultValue="false" />
       <attribute name="message" type="string“
           defaultValue="Copyright Message" />
       <attribute name="color" type="string" defaultValue="Red"/>
       <attribute name="cacheDuration" type="int" defaultValue="20" />
    </sectionSchema>
  </configSchema>
Extending the IIS
Manager
Add Tracing Events to
Modules
• Integrate your apps with IIS 7 tracing
• Emit trace events that are logged in IIS
  trace logs
• Shows your modules events
  timestamped and in sequence with
  other pipleline events
• Quickly diagnose hangups, bottlenecks
• Can also add events in ASP.NET code
Add Trace Events to
Modules
Configuration Overview
• New configuration system
  • Before: System for a server
  • Now: System for a platform
• IIS 7 uses ASP.NET style grammar and syntax
• File based config: No intervening service
  • Root file for central record
  • Child files for setting properties at the site or app
    level
• Rich API support means easier to manage
• Rich extensibility means easier to integrate
  • Even the IIS UI is modular and extensible
Introduction to IIS 7
Configuration
IIS7 Configuration System
.NET                ASP.NET
Framework
                                          IIS +
                                          ASP.NET +
                                          ASP.NET +
                                          .NET
                                          .NET Framework
                                          Framework
                 Root Web.config
Machine.config
                 ASP.net global
NET global
                       IIS7
                                             Web.config
                                             Per Application

                 ApplicationHost.config
                 IIS7 Global and
                 Location settings
Integration
Unifying technologies
• Across technologies
 • Same file and format for IIS, ASP.NET,
   WCF and third parties
• Across features
 • Settings like authentication are set in a
   single place
• Same API concepts and tool usage
  across platform
IIS7 ASP.NET Integration
                    Basic

                    Anon
                              • Classic Mode
  Authentication               • Runs as ISAPI
   Authorization
                              • Integrated Mode
  ResolveCache
       …                       • aspnet_isapi.dll
                                  .NET modules /
                    Static
  ExecuteHandler
                     File         handlers plug
                                 Authentication
                                Forms    Windows
                                  directly into
                                       …
        …           ISAPI
                                  pipeline  ASPX
   UpdateCache                   Map
                               •Handler Trace all
                                  Process
  SendResponse     Compress                   …
                                  requests
                                       …
                     Log
                               • Full runtime
                                  fidelity
Delegation
Distributing Configuration
• Administrators: control global and
  specific settings. Controls delegation
• Site operators: modify settings for
  their site/app – if permitted
• Developers: store app settings with
  website config to enable Xcopy-
  deployment of applications
• Locking permits granular control of
  config
Locking
• Non-administrators can modify/override
  properties.
• A special internal section: <configSections>
  • Schema-related information that can be edited.
  • Registration point for adding sections.
• Attributes:
  • overrideMode: Defines the lockdown state of a
    configuration section.
  <configSections>
  ...
  <section name="defaultDocument"
    overrideModeDefault="Allow" />
  ...
  </configSections>
Locking
Delegation Control with
Location
allowOverride="Allow”
   • Use to specifically permit delegated
     control
   • Allows changes in Applicationhost &
     web.config for the section
      <location path="MyWebSite" allowOverride="Allow">
        <system.webServer>
               <defaultDocument enabled="true">
                    <files>
                        <add value="index.htm" />
                        <add value="iisstart.htm" />
                        <add value="default.aspx" />
                    </files>
               </defaultDocument>
        </system.webServer>
        </location>
Delegation Control with
Location
allowOverride=“Deny”
   • Use to centralize configuration control
   • Can Deny specific paths and Allow others
   • Permits changes for location only in
     Applicationhost.config
       <location path="MyWebSite" allowOverride=“Deny">
       <system.webServer>
              <defaultDocument enabled="true">
                   <files>
                       <add value="index.htm" />
                       <add value="iisstart.htm" />
                       <add value="default.aspx" />
                   </files>
              </defaultDocument>
       </system.webServer>
       </location>
Using the Location
Tag
Granular Locking
• Unlocking a section opens up the whole
  section for site/application owners to change.
• Granular locking can restrict specific elements
  or attribute settings from being added, edited
  or removed.
• Directives
  •   lockAttributes
  •   lockAllAttributesExcept
  •   lockElements
  •   lockAllElementsExcept
  •   lockItem
Granular Locking
IIS 7 Schema
• Declarative schema that defines the
  configuration properties and its logical
  groupings.
  • Different from IIS 6 and ASP.NET.
• Specifies structure as well as names, types
  and default values for settings of the section.
• Files
  •   IIS_schema.xml
  •   ASPNET_schema.xml
  •   FX_schema.xml
  •   optional custom schema.xml
• Extensible
Schema
• A configuration section

  <defaultDocument enabled="true">
         <files>
            <add value="Default.htm" />
         </files>
  </defaultDocument>



• Its corresponding schema

 <sectionSchema name="system.webServer/defaultDocument">
 ...
 <attribute name="value" type="string" isUniqueKey="true"/>
 ...
 </sectionSchema>
Reading the Schema
• Schema definition for defaultDocument
• Shows rules for configuration in
  applicationhost.config
 • Attribute “Enabled” is Boolean with
   default of True
 • Files Element
 • Collection for add, clear, remove,
   mergeAppend
• You can read the Schema for rules,
  options, and defaults
Extending the Schema
• Store application config with IIS
  settings to simplify site deployment
• IIS 7 Schema located in inetsrv\config
• Extend Schema by adding custom XML
  schema files to the config folder
• Will automatically be added to the IIS 7
  Schema
• Application can read schema settings
  using Managed API
Summary
 • Custom modules and handlers
  • Extend reach of existing .NET handlers
    and modules to non ASP.NET content
 • Extend UI / Schema: integrated
   administration
 • Manage with granular delegated
   administration
 • Diagnose with built in / extensible
   tracing

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:18
posted:3/12/2012
language:English
pages:41