Print
Add To Favorites
Email To Friend
Rate This Article
|
Understanding Internet Information Services - Part 1
|
Published:
17 Aug 2007
|
Abstract
In this first part of the article, Uday provides a basic overview about Internet Information Services (IIS). |
|
by Uday Denduluri
Feedback
|
Average Rating: This article has not yet been rated.
Views (Total / Last 10 Days):
34496/
45
|
|
|
Introduction |
According to Wikipedia, Web server is a computer program that is responsible for
accepting HTTP requests from clients, which are known as Web browsers, and serving them HTTP responses
along with optional data contents, which usually are Web pages such as HTML
documents and linked objects (images, etc.). An application server is a software engine that delivers applications to client computers or devices. Moreover, an
application server handles most, if not all, of the business
logic and data access
of the application (a.k.a centralization).
IIS is a web server which sits on the top of the ASP.NET
engine to make it look like an Application server. However, IIS can only deal
with HTTP responses. Hence, it is a web server. In this article let us try to
explore IIS as a web server. Also, let us try to understand how the IIS 6.0 is
coupled with ASP.NET runtime.
|
Components of IIS |
Let us list some of the components of the IIS and also have
a brief on each one of them in detail.
1.
HTTP Protocol Stack – HTTP protocol stack is between the operating
system kernel and the HTTP requests. It receives the HTTP requests and routes
them to the appropriate HTTP request queue. Apart from doing this it also
caches the responses and does the Quality of Service functionalities (QoS) like
maintaining bandwidth, connection timeouts and connection limits.
2.
Application Isolation Modes – Internet Information Services (IIS) 6.0
supports two different isolation modes (application). This separates and
protects the Web applications (ASP.NET, ASP, static pages, and so on) that can
run in parallel.
·
Worker Process Isolation Mode – The default mode is the worker
process isolation mode.
·
IIS 5.0 Isolation Mode – In this mode the process model settings
are specified through the <processModel> element of the Machine.config
file.
3.
WWW Service Administration and Monitoring
4.
InetInfo.exe
|
SMTP Virtual servers |
SMTP virtual server is the program that needs to be
installed and configured on the IIS in order to send e-mail from an ASP.NET Web
application. The IIS SMTP service is a simple component for forwarding e-mail
messages to an SMTP server for delivery. Whenever we install the SMTP virtual
server we have some default settings. Let us discuss some of the settings.
·
Name: The name of the virtual server that appears in IIS Manager
·
IP address/TCP port: All unassigned/25. You can use the General
tab in the SMTP virtual server properties dialog box to change this setting. If
you change this setting, you must specify an IP address and TCP port
combination that is not being used by another SMTP virtual server.
·
Default domain: The domain name that is listed on the Computer
Name tab in System Properties. The default domain is used to stamp messages
from addresses that do not have a domain. An SMTP virtual server can have only
one default domain, and it cannot be deleted.
·
Home directory: C:\Inetpub\Mailroot
|
IIS Authentication |
Authentication is identifying a user before actually
deciding whether he can be given access to the requested resource(s). IIS
provides various authentication schemes. Let us see each one of them in brief.
·
Anonymous – This type of authentication gives users access to all
the public areas of the web application without asking for a user ID or
password. This kind of authentication is used where performance is a key and
security is not a criterion. We can use this kind of authentication where we do
not want to authenticate clients to the individual basis. By default, the
anonymous authentication is enabled and uses the IUSR_machinename user account.
The password for the user account is controlled by IIS.
·
Integrated Windows Authentication – This type of authentication
can be used either with NTLM or Kerberos V5 authentication. This authentication
can only work with Internet Explorer 2.0 and later.
·
Initially for the first response from IIS, Internet Explorer will
try to recognize the header (Negotiate). Upon understanding the negotiate
header the browser (IE) returns the information for both NTLM and Kerberos.
Upon receiving the request IIS will decide whether to use Kerberos or NTLM
based on the Internet Explorer version and windows type. This type of
authentication is best suited for the Intranet applications.
·
Basic Authentication – Basic authentication is based on the HTTP
1.0 specification. When we use this type of authentication, the browser prompts
the user for a user name and password. Once the user name and password are
provided it is transmitted across HTTP in the form of plain text. To enhance
security we can use SSL on top of basic authentication at the expense of some
performance. The advantage of using this type of authentication is the ability
to track the individual users, unlike the anonymous authentication.
·
Digest Authentication – Digest Authentication tries to address
the weakness of Basic Authentication (sending user ID and password in plain
text). Here instead of exposing the user ID and password in plain text, it will
be sent by applying a hash function or a digest algorithm. Initially for the
first request IIS sends a challenge to the client to create a digest and send
it to the server. The client then applies a digest algorithm (specified by the
server) to the combined data. The client sends the resulting digest to the
server as the response to the challenge. The server then decrypts it to compare
both.
|
Restarting IIS 6.0 |
In previous versions of IIS whenever we needed to apply some
configuration changes we used to restart IIS. Restarting IIS is the process of
stopping the service and then starting it all over again. Restarting IIS used
to be the only way by which we could recover a non-responsive application. However,
this bad practice should be avoided. Restarting IIS drops all the sessions
connected to Web server (including Internet, FTP, SMTP, and NNTP). All the data
held in Web applications is lost. All Internet sites are made to be unavailable
until Internet services are restarted.
There are 2 ways for restarting IIS.
·
Using the IISReset command prompt utility
·
Using the IIS Manager
Application Pool recycling is one of the features that can
be an alternative to restarting IIS. This feature is the process of recycling
the faulty web applications. We have the default idle time set to 20 minutes in
the setting of IIS 6.0.
|
References |
|
Conclusion |
Web server is a computer
program that is responsible for accepting HTTP requests
from clients, which are known as Web
browsers, and serving them HTTP responses along with optional data
contents, which usually are Web pages such as HTML documents
and linked objects (images, etc.). IIS is a web server which sits on the top of
the ASP.NET engine which processes the HTML pages, images, etc. Configuring IIS
with web application is the key for the performance and security for the ASP.NET
pages. In this article we tried to explore various components of IIS. We also saw
different Authentication standards of IIS.
|
|
|
User Comments
Title:
Thanks
Name:
harika
Date:
2011-08-04 5:29:40 PM
Comment:
It is very nice, thank you so much..
|
Title:
app support
Name:
pt
Date:
2009-10-09 4:58:14 PM
Comment:
Thank you, this is defintely a start to understanding IIS.
|
Title:
-
Name:
Dan
Date:
2007-08-17 3:58:35 AM
Comment:
Nice read, well done
|
|
Product Spotlight
|
|