iis6 web services
DESCRIPTION
iis web servicesTRANSCRIPT
IIS6 Web Services
OverviewApplication Platform FeaturesReliability FeaturesManageability Features Performance and Scalability FeaturesSecurity Features
Application Platform Features
Web ApplicationsThe Application Server RoleInstalling and Configuring the Application Server RoleConfiguring and Managing Your ServerAdding and Removing Components
Web ApplicationsA Web Application is a collection of content accessed through hypertext protocols
Static content Web siteCGI scriptsASP pagesActiveX®/COM componentsASP.NET pages.NET Web ServicesComponents of multi-tier applications
The Application Server Role Combines specific interdependent functionality termed Web Application Server:
Microsoft Internet Information Services (IIS) 6.0Active Server Pages (ASP)ASP .NETComponent Object Model (COM+)Microsoft Data Engine (MSDE)Microsoft Message Queuing (MSMQ)
The Application Server RoleThe Application Server Role, which includes IIS 6.0 and other components, is not installed by default in Windows Server 2003Two Interfaces
Configure Your Server/Manage Your Server WizardsAdd/Remove Programs, Add/Remove Windows Components
Configure Your Server and Manage Your Server
Web Application Server role can be added through Configure Your Server or Manage Your Server
Base components are automatically selectedAdditional components are installed based on choices made in wizard
After the role is added, it can be managed through Manage Your Server
Configure Your Server/Manage Your Server
Easy Web server setupConfigures only services required for application
Add/Remove ComponentsAllows for more granular component selection (and risk of incorrect component selection)
Reliability Features Fault-tolerant Architecture
HTTP stack (HTTP.sys)Application PoolsWWW ServiceWorker Processes (W3WP.exe)
IIS 5.0 Isolation ModeHealth MonitoringProcess RecyclingCrash Detection and Rapid Fail Protection
Fault-tolerant Architecture: Issues
Web sites and applications may contain flawed codeWeb server needs to be active manager of applications:
Be fault tolerant (not crash on application failure)Monitor the health of Web sites and applicationsActively recycle/restart processesContinue to queue requestsReliability without sacrificing performance
IIS 5.0All requests run through single process (Inetinfo.exe), Out-of-process applications (dllhost.exe) were slowApplication failures could crash server, other applications
Fault-tolerant Architecture: Solution
IIS 6.0 fault-tolerant process isolation architectureIsolates applications from each other and Web serverCore components
HTTP.sys: Kernel mode component for HTTP listening, routing, queuing, and cachingApplication pools: Groups sites and applications for easy management of process isolationWWW Service: Configuration and server management, process health monitoringWorker processes (W3WP.exe): Isolate Web site and application processing
IIS 6.0 Fault-tolerant Architecture
HTTP.sys
WWW Service
Kernel
User
W3WP.exeWeb
application
Request Response
W3WP.exeWeb
application
Application Pool Application Pool
HTTP Stack (HTTP.sys)HTTP stack with queuing and caching functionsRuns in kernel modeSupports IPv4 and IPv6Does not load or run any Web site or application codeCannot be affected by applications errors and failuresRoutes requests to IIS application pools based on URL mappingText-based and binary logging
HTTP Stack (HTTP.sys): Kernel-Mode Queuing
HTTP.sys queues incoming HTTP requestsEach queue supports a set of sites/applicationQueue size can be set by administratorIf an application fails:
HTTP.sys continues to accept and queue requests until the application is restarted or the server is shut downOnce the application restarts, the queue is processed until it is empty
Buffers client application from application errorsIncreases site and application availability
Application PoolsDefines a set of Web applications managed together
Separated by process boundariesServed by one or more worker processesRequests routed directly to pool by HTTP.sysNot affected by sites and applications in other poolsApplication cannot be routed to another pool while being serviced by the current poolApplications can be assigned to different pools runningwhile server is
Application Pools: Configuration
Easy to create and manageCan configure up to 20,000 application pools per
server
WWW ServiceRoles
Configures HTTP.sysManages worker processes
Application code runs in separate worker processes
No application code runs in WWW ServiceRequests do not route through WWW ServiceEnsures Web server reliabilityApplication errors cannot crash Web server
WWW Service: Configuration
At IIS 6.0 startupReads metabase and initializes HTTP.sys routing table Creates one entry for each URL to app pool mappingDetermines routing from request to worker process
As application pools and applications are added
Configures HTTP.sys to accept new URL requestsSets up the request queues for new application poolsIndicates where the new URLs should be routed
WWW Service: Process ManagementDuring IIS 6.0 operation WWW Service monitors processes
Determines when to start a worker process… when to start additional worker processes… when a worker process has failed or blocked… when to recycle or restart a worker process
Requests continue to be queued and updated while an application is being recycled
Process recycling is invisible to client application
Worker ProcessesResponsible for handling Web requests for a set of sites and applicationsEach application pool is served by one or more worker processEach worker process is self–contained
Receives requests directly from HTTP.sysContains Web request processing functionalityLoads ISAPIs: filters and extensions (ASP, ASP .NET, Microsoft FrontPage® Server Extensions)
Delivers complete isolation from system components and other Web applications
Worker Processes: Configuration
Worker process can be started as:
Network Service (default)Local SystemLocal ServiceConfigured ID
IIS 6.0 Fault-tolerant Architecture
WWW Service
Conf
ig M
gr
Proc
ess
Mgr
HTTP.sys
Web Garden
W3WP.exe
ISAPIExtensions(ASP, etc.)
ISAPI Filters
Application Pool 2
W3WP.exe
ASP.NET ISAPICLR Application
Domain
CLR Application Domain
W3WP.exe
ASP.NET ISAPICLR Application
Domain
CLR Application Domain
INETINFO
metabase
Application Pool 1
W3WP.exe
ISAPIExtensions(ASP, etc.)
ISAPI Filters
Fault-tolerant Architecture: Benefits
Dramatically increased reliabilityNo server rebootsSelf healing on application failureIncreased scalabilitySimplified server administration
IIS 5.0 Isolation ModeSome applications may not work in IIS 6.0 worker process isolation environment
Multiple-instanceSession state persisted in-processApplications written as read raw data filters
IIS 6.0 can switch to IIS 5.0 isolation modeEverything in user mode operates as in IIS 5.0IIS 5.0 methods of application isolation (low, medium [pooled], high)Inetinfo.exe still master processHTTP.sys performance benefits
Kernel-mode request queuing Kernel-mode caching
Process Health MonitoringDetects and recovers from thread deadlockHow does it work?
Configurable time limitWWW Service pings each worker processIf (no response in time limit) Default
Kill process Publish event Start new process
Or Take a configured
action => “Orphaning”Other application pools keep running
HTTP.sys
WWW Service
W3WP.exe
Kernel
UserWeb
application
Process Health Monitoring: Debug Action
Allows for custom action to be executed when process fails to respond, for example:
Send e-mail to administratorAttach debuggerProcess dump
Process left runningThough WWW Service dropped its process handle
Crash Detection and Rapid Fail Protection
WWW Service detects process crashOn failure
Publish event to event logCheck “crash count”If (Crash count > Max Crashes in time limit)
Disable application poolElse start new process if demand
Rapid Fail ProtectionOnly allow x crashes in y minutesReturn 503 errors when invoked
Manageability FeaturesConfiguration MetabaseXML Metabase AdvantagesChange Configuration While RunningMetabase Save OptionsMetabase Import/ExportServer Configuration Backup/RestoreImproved Patch ManagementIIS WMI ProviderCommand Line/Script AdministrationWeb-based Administration ConsoleLogging
Configuration Metabase: Before IIS 6.0
Hierarchical store of IIS configuration information
EnablesInheritanceData typingChange notificationSecurity
IIS 4.0/IIS 5.0 storage is proprietary binary file
Metabase.binNot easy to read or edit
Admin UI
Active Directory Service Interface
(ADSI)
Admin Base Object
metabase.bin
Configuration Metabase: IIS 6.0 XML Metabase
Metabase now stored in XMLPlain text fileChange configuration while server is runningAutomatic backup with version controlApplication configuration exportable and importable from fileImport/Export configurationServer-independent backups
Admin Base Objects
UI WMI ADSI
Metabase.xml MBSchema.xml
XML Metabase AdvantagesEasier to:
Diagnose metabase corruptionExtend existing metabase schema through XMLRead/edit current metabase configuration directly Completely compatible with existing APIs and ADSIExisting binary metabases upgrade to XML cleanly
Better performance/scalability„Faster” read times than IIS 5.0 binary metabaseEquivalent write performance to IIS 5.0 binary metabase
Change Configuration While Running
Metabase can be modified while IIS 6.0 is runningTo enable, select “Enable Direct Metabase Edit”Does not require server restartCan use any text editor—Notepad .NET, PERL, etc
Metabase Save OptionsFrequency
Save event scheduled 60 seconds after last changeAt save event, if the number of writes since the first change exceeds 30, the save event is deferred 60 secondsIf deferring continues, metabase save occurs 5 minutes from first change
What happensData saved to metabase.xmlWWW Service URL to application pool tables updated
Metabase Import/ExportExport/import metabase config to/from XMLOptions include
Export/Import inherited propertiesExport/Import node only (or entire subtree)Password encrypt exported file
Server Independent Backup/Restore
New capabilities in IIS 6.0
Backup with passwordAutomatic backups
UTF-8 Logging SupportIIS 6.0 now supports writing log files in UTF-8 instead of ASCII or local codepageConfigurable at the WWW service level
Binary LoggingAllows for more than 10,000 sites to write to a single log file in a binary, non-formatted manner
Improved performance because data does not need to be formatted
Provides several scalability benefits Reduction in the number of log file buffers needed Post-process log file to extract the log entries
Allows for the use of custom tools to process binary log files
Format of the log entries and file published
Logging of HTTP Substatus Codes
IIS returns substatus codes for specific types of problems
Request cannot be served because required application has not been unlocked (for example, ASP by default on clean installations)
The client receives 404 errorIIS actually generates a 404.2 error
Errors now logged to W3C and binary log files
Performance and Scalability Features
Kernel-mode CachingResource Accounting and Quality of Service (QoS)Site ScalabilityIdle Timeout and Demand StartASP.NET and IIS 6.0 Integration
Kernel-mode CachingCached responses served straight from HTTP.sys
Can double speedNo user-mode transitionApplications will not see requests if served from cache Static and dynamic contentSmart caching
Request Response
W3WP.EXE (IIS6.0)
HTTP SYS Cache
ASP.NET/CLR
User Application
UserKernel
Network Stack
Web Gardens and Processor Affinity
Web GardensApplication pool with multiple worker processesConnection-based routing within garden
Processor AffinitizationBind processes to one or more CPUsMask-based configuration
HTTP.sys
Web Garden Application Pool
WWW Servi
ce
Worker Process
ISAPIExtension
ISAPI Filter
Resource Accounting and Quality of Service (QoS)Ensures that components or content do not monopolize server resources
Allows administrator to control resources used by sites, application pools, WWW service, and so on Ensures quality of service that other services/sites/applications on the system receive by limiting the resources consumed by particular Web sites/applications, and/or the WWW service itself
QoS features:Connection limits Connection timeouts Application pool queue length limits Bandwidth throttling Process accounting Memory-based recycling
Site ScalabilityTargeting many thousands of sites per machine
Current suggested maximum is 20000 sitesRe-architected Startup/Shutdown routines for lazy site initializationCentralized, binary logging
Option to have one central log file per computer rather than tens of thousands when doing dense hosting
Other Platform Improvements
64-bit supportCode base compiled for 32-bit and 64-bit platforms
Internet Protocol version 6 (IPv6) SupportProduction-ready IPv6 stackIf IPv6 protocol stack is installed, IIS 6.0 will automatically handle HTTP requests that arrive over IPv6
Granular CompressionOn congested network, useful to compress responses
In IIS 5.0, compression was an ISAPI filter and could only be enabled for the whole serverIIS 6.0 allows file level compression
Security Features Locked down by defaultMultiple levels of securityUnlocking FunctionalityApplication IsolationNetwork Service AccountSSL v3 ImprovementsConfigurable Worker Process IDPassport AuthenticationWindows Server 2003 Authorization FrameworkConstrained Delegated AuthenticationFTP Security Features
Locked Down By DefaultIIS is not installed by install or upgrade default
Except on Windows Server 2003, Web Edition
When initially installed, only requests for static content allowed by default
For example: HTML, text, .jpg, .bmpNo ASP, ASP.NET, CGI, or other dynamic content is allowed (unless ASP or ASP.NET has been installed)
Aggressive, secure default timeoutsAdditional content types must be specifically enabledGroup Policy can be used to prevent IIS installs on workstations or inappropriate servers
Multiple Levels of Security IIS only serves recognized file extensions
Unrecognized extensions are refusedFile verification
Server verifies that content exists before giving request to request handler (ISAPI extension)
Buffer overflow protectionWorker process detects and exits program if buffer overflow detected
Command-line tools inaccessible to Web usersUpload data limitations defined by administrators
Multiple Levels of SecurityWrite-protected content
Anonymous users cannot modify contentAccess Control List (ACL) settings
Command line filesContentLogfilesCustom error directory On cache directories
No executable virtual directories/SCRIPTS and /MSADC
Unlocking FunctionalityIn default install, administrator must manually enable:
ISAPICGIASPASP.NETFPSEWebDAVServer Side Includes
Enable using command-line, script, or GUI
Application IsolationOne IIS 6.0 server can securely host many Web sites and applicationsApplication pools provide unit of isolationIsolation is achieved through:
Configurable worker process identityBandwidth and CPU throttlingMemory-based recycling
Configurable Worker Process Identity
Each worker process can be run as
Network ServiceLocal SystemLocal ServiceConfigured ID
IIS_WPGNew user group IIS resource ACLs configured for this group
Network Service AccountNew built-in accountVery few privileges
Adjust memory quotas for a process Generate security audits Logon as a service Replace process level token Impersonate a client after authentication Allow logon locally Access this computer from the network
Provides additional security because worker processes have few rights
SSL ImprovementsPerformance
Faster and more scalable than IIS 5.0Remotable Certification Object
In IIS 5.0, could not remotely manage SSL certificates because CSP is not remotableCertObject allows remote certificate management
Selectable Crypto-Service ProviderEnables easy selection of third-party Crypto application programming interface (CAPI) providersHardware SSL accelerators
SSL ImprovementsSSL StreamFilter is hosted in LSASS.exe process (can give up to 25% throughput gains in SSL loads)Aggressive SSL thread poolSignificant performance work on multiprocessor machines
Increases up to 2X for some workloads on 8P computers
Microsoft Passport Authentication
Integrated with Windows Server 2003Can assign permissions to resources with Passport accountsMap Passport credentials to Microsoft Active Directory® accounts
Windows Server 2003 Authorization Framework
IIS 5.0 authorization model is resource-ACL based
Object-oriented permissionsWeb applications are operation/task-driven, not object-drivenApplication had to provide operation/task access control
IIS 6.0 extends the Windows Server 2003 authorization framework
URL-specific authorizationAuthorization ManagerApplication-specific access
FTP Security FeaturesIIS 6.0 isolates users into their own directoriesLocks user’s FTP session to a directory under FTP rootAuthenticates using local or domain account Using Active Directory accountUsing local accountAnonymous access with user isolation
FTP Security FeaturesIsolation levels
Compatibility/no isolationSmall business/stand-alone isolationEnterprise isolation using Active Directory integration