Embed Size (px)
Citation preview
Agenda
IIS architecture
The request pipeline
Configuration
Building managed modules
Diagnostics features
Delegated administration
IIS 7.0 Introduction
Client version shipped with Windows Vista
Limited throughput
Server version will ship with WS2008
Currently available in RC form
More features than client
IIS 7.0 Architecture
Windows Process Activation Service
Manages configurationWhat used to be the metabase
Responsible for starting worker processes...w3wp.exe
...and routing incoming requests to the appropriate worker process
Also hosts the new listener adapter interfaceYou can build your own listeners for WAS
IIS 6.0 Request Pipeline
IIS 6.0 Request Pipeline
IIS pipeline extensible using ISAPINative code
Can apply to all requests
ASP.NET pipeline extensible using IHttpModuleManaged code
Can only apply to requests routed via ASP.NET
Certain pipeline elements are “always there”IIS authentication
Logging
IIS 7.0 Request Pipeline
IIS 7.0 Request Pipeline
Linear sequence of modules
Any module can be enabled/disabledIncluding “built-in” ones
Modules can be managed or native code
Any type of module applies to any request
IIS7 Modules
IIS 6.0 Configuration
IIS 6.0 (and earlier) use the metabase
Stores all configuration information
Originally in binary form, then in XML
Hard to allow management of separate apps by different groups of people
IIS 7.0 Configuration
machine.config
“root” web.config
web.config
web.config
web.config
applicationHost.config
IIS7 Configuration
Building Native Modules
Export a RegisterModule function from DLL
Define one or more other functions
To process request or response
Inside RegisterModule...
Hook up your other functions(s) at specific points in the pipeline
E.g. Begin, AuthN, AuthZ, ExecuteHandler, End
Building Managed Modules
Implement IHttpModule
Implement Init function
Attach event handlers for specific points in the pipeline
E.g. Begin, AuthN, AuthZ, ExecuteHandler, End
Same as existing ASP.NET HttpModules
IIS7 Managed Module
IIS7 Diagnostics - RSCA
Runtime Status and Control API
Shows currently executing: -
Application Pools
Requests
Exposed via
IIS admin tool
Programmatically via WMI and Managed OM
IIS7 Current Requests
IIS7 Diagnostics – Failed Requests
IIS7 allows you to log trace information just for requests that fail
For some definition of failure
Buffers all trace output
Only flushes to disk if the request fails
Log output is XML, with a stylesheet
Breaks down processing by module
Includes timing details for each module
IIS7 – Failed Request Tracing
Enable FREB at the Web Site level
Configure FREB rules at the application level
Each rule: -
Specifies the type of web content it applies to
Can specify a specific failure code
Can specify a duration in seconds
Can specify a trace event severity
IIS7 Failed Request Tracing
IIS7 Delegated Administration
Can connect MMC to remote web server
Uses HTTPS, hopefully few firewall implications
Can delegate some or all admin activities
To any user: admin/non-admin/non-windows
Each activity can be: -
Not delegated, read-only, read/write
User’s view is trimmed according to permissions
Admin controls who sees what
IIS7 Delegated Administration
Summary
New architecture
Worker process management separate from HTTP
Streamlined request pipeline
Potential to reduce attack surface
Simpler configuration
Better diagnostics
Delegated administration
For further information: http://www.iis.net
© 2007 Microsoft Ltd. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market
conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation.
MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
![[123doc.vn] Webmail Webadmin Mdaemon Tren Iis7](https://img.dokumen.tips/doc/110x75/55cf8ec2550346703b95519c/123docvn-webmail-webadmin-mdaemon-tren-iis7.jpg)
