IIS6 Programming Handbook

Summary Of Contents

Introduction   1
Chapter 1: An Overview of IIS 6.0   5
Chapter 2: The New Request Architecture   21
Chapter 3: Security in IIS 6.0   53
Chapter 4: The XML Metabase   77
Chapter 5: Administering IIS 6.0   101
Chapter 6: Logging   161
Chapter 7: ISAPI   177
Chapter 8: COM and COM+ Services   209
Appendix A: Support, Errata, and Code Download   229
Index   233

Table of Contents

Introduction  1
    What Do You Need?2
    Book Outline2
Chapter 1: An Overview of IIS 6.0  5
    The Road to IIS 6.05
        What Stands Out - The Highlights6
        "Locked Down" server7
        Advanced Digest Authentication7
        FTP User Isolation8
        Selectable Worker Process Identity8
        Secure Sockets Layer8
        Selectable Cryptographic Service Provider8
        Kernel-mode HTTP listener9
        Web Administration Service10
        Health and Crash Monitoring10
        Idle Timeout10
        Rapid Fail Protection11
        Demand Start11
        Process Recycling11
    Performance and Scalability12
        Performance Implications of HTTP.sys12
        Worker Process Isolation12
        IIS 5 Isolation Mode13
        Web Gardens13
        Asynchronous CGI13
        ASP Caching14
        Command-Line Administration14
        Orphan Worker Processes15
        IIS WMI Provider15
            Custom Errors16
            Unicode Support16
            Reporting Unhealthy16
            Wildcard Application Mappings (Global Interceptors)17
    New Features17
        COM+ Services17
        XML Metabase18
Chapter 2: The New Request Architecture  21
    Request Flow Architecture23
    Application Isolation Modes24
        IIS 6.0 Worker Processes Isolation Mode25
            How Worker Process Isolation Mode works25
            The Benefits of Worker Process Isolation Mode26
        IIS 5.0 Isolation Mode27
        Which Mode?28
            Switching Between Modes29
        Architectural Considerations of Worker Process Isolation Mode29
            State Management30
            ISAPI Filters30
            Special considerations for ASP.NET31
            Application Isolation and Performance31
        Kernel-level Queuing33
        URI Cache33
            Bandwidth Throttling34
            Connection Limits and Timeouts35
            Application Pool Queue Length Limits36
    The Web Administration Service37
    Application Pools38
        Application Pool Identity41
        Demand Start of Application Pools42
    Application Health Monitoring43
        Health Detection43
            Normal operation of an application43
            When an application crashes44
            Rapid Fail44
            Orphan Worker Processes and Debugging45
            Applications declaring "Unhealthy"45
        Application Recycling45
        Idle Process Timeout47
    Web Gardens48
        Using Web Gardens48
        Session State in Web Gardens48
        Application Pool Parameters in Web Gardens48
            Processor Affinity49
Chapter 3: Security in IIS 6.0  53
    An Overview of the Security Process54
        Install Only What Is Needed54
        Authenticating Clients55
        Authorizing Clients55
    Extension Management57
        Disabling Unknown and Unneeded Extensions57
        Enabling New Extensions58
    Web Site Authentication59
        Digest and Advanced Digest61
        Client Certificate63
        .NET Passport64
        FTP Site Authentication65
            Delegated Authentication66
    Access Control66
        IP Address Restrictions66
            Web Directory Security66
            FTP Directory Security67
        Virtual Directory Security67
        URL Authorization68
        File System Permissions69
        IIS Built-In Accounts69
        SSL 3.070
        Selectable Cryptographic Service Provider71
    Configurable Application Pool / Worker Process Identity71
    HTTP.sys Timeouts and Limits73
    Monitoring and Maintenance73
        Security Patches73
        Monitoring Your System74
Chapter 4: The XML Metabase  77
    Configuration Data Formats78
        Validating Configuration Files78
        Plain Text XML Wins79
    The XML Metabase in IIS80
        Metabase Backup Files80
        How IIS 6.0 manages the Metabase82
            Metabase Compatibility with IIS 583
        The XML Metabase File Format83
            The Outline Structure of the File83
            The IIS Web (WWW) Service84
            Virtual and Web Directories86
            MIME-Type Mappings87
            The FTP Service89
            Access Logging Configuration91
            General Configuration Objects91
            Secure Encrypted Properties92
            Schema Extensibility92
        Corrupted Metabase Files92
    Editing the Configuration Data93
        How the Direct Edit Feature works94
        Points to Note95
            Use runas to Gain Administrative Privileges95
            Disabling History File Creation96
            History File Security96
Chapter 5: Administering IIS 6.0  101
    Command Line Administration102
        What can we do with the command line?102
        The Net Command104
        Managing Web Applications105
            Querying Web Sites105
            Starting, Stopping, and Pausing Web Sites106
            Creating Web Sites107
            Removing Web Sites108
        Managing Virtual Directories108
        Managing FTP Sites109
            Managing FTP Virtual Directories111
    Managing IIS Configuration111
        Configuration Backup with IIS Manager112
            Backing Up the Complete Server Configuration113
            Encrypting the Backup File114
            Restoring the Complete Server Configuration114
            Deleting Backup Files115
        Programmatic Configuration Backups115
            Backing up the Complete Server Configuration115
            Restoring the Complete Server Configuration117
        Restarting IIS with IIS Manager118
        Restarting IIS Programmatically118
    Importing and Exporting Application Data119
        Configuration Export and Import with IIS Manager119
            Saving the Configuration as a file119
            Restoring the Configuration from a File120
        Programmatic Configuration Export and Import121
            Saving the Configuration as a file122
            Restoring the Configuration from a File123
    Managing Applications and Web Extensions126
        Copy Configuration128
        Save Configuration to Disk129
    Programmatic Administration129
        Using WMI130
            Why WMI?130
        Basic Objects131
        Using ADSI139
    Remote Administration144
        IIS MMC144
        Using Telnet145
        Windows Terminal Services145
        Web-Based Remote Administration146
    Configuring Quality of Service147
        Limiting Connections & Bandwidth Throttling148
        Configuring Application Pool Length152
        Configuring Keep-Alive and Connection Timeout153
        Configuring Compression Settings155
Chapter 6: Logging  161
    Types of Logging162
        W3C Extended, NCSA, and IIS formats163
            W3C Extended163
        ODBC Logging168
        Custom Logging170
        Centralized Binary Logging170
        UTF-8 Logging171
        Remote Logging171
    Selecting the Right Format171
    Using the Logs172
        Using HTTP Substatus Codes172
        Determining Security Problems172
        Analyzing Usage and Trends173
        Detecting Site Problems173
    Security of Log Files174
Chapter 7: ISAPI  177
    Former ISAPI Models178
        IIS 4.0179
        IIS 5.0180
        IIS 6.0180
    New ISAPI Features182
        Unicode ISAPI182
    New ISAPI Extension Features183
        Unicode Server Support Functions183
        Unicode Server Side Variables184
        GetServerVariable Server Support Function184
        Global Interceptors/Wildcard Application Mappings186
            Replacing Read Raw Data Filters187
            Server Support Function Parameter Changes188
    New ISAPI Filter Features189
            Filter Load/ Unload Order190
            AddResponseHeader Changes190
            HTTP Error 400 Requests190
            ReadRawData Notifications190
    ISAPI and Security190
        ISAPI Extensions Disabled by Default190
        Process Identity191
        Obtaining the Impersonation Token191
        Verifying Component Permissions192
    Developing ISAPI Extensions and Filters193
        Developing Extensions193
        Extension Processing193
            ISAPI Extension Entry Points193
            ISAPI Extension Callbacks196
            Fault Tolerance/Scalability Issues198
        Filter Processing198
            ISAPI Filter Entry Points198
            ISAPI Filter Callbacks200
            Callback Functions200
    Debugging ISAPI Extensions and Filters202
Chapter 8: COM and COM+ Services  209
        Single Threaded Model210
        Single Threaded Apartment Model210
    Free Threaded Model210
        Apartment Neutral Model211
    Apartment Model Selection213
    COM+ Partitions214
        Local Partitions216
        Partition Sets217
            Mapping Users / Groups to Partition Sets218
            Registering Components in Partitions218
        Enabling COM+ Partitions in IIS 6218
            Introduction of Side-by-Side DLLs221
            Windows File Protection222
            Side-by-Side Assemblies222
            Enabling SxS Assemblies using IIS Manager223
        Side-By-Side Support225
            Windows Server 2003, ASP.NET and IIS 6.0226
Appendix A: Support, Errata, and Code Download  229
    How to Download the Sample Code for the Book229
    E-Mail Support230
Index  233