Published on December 5, 2008
Introduction IIS 7.0 – Modular Architecture IIS 7.0 – Extensible Architecture IIS 6.0 – Technical Architecture (Refresher) IIS 7.0 – Technical Architecture IIS 7.0 and ASP.NET Request Processing IIS 7.0 and ASP.NET Integration Classic Mode Integrated Mode (Benefits, Compatibility, App Pools, etc) IIS 7.0 and ASP.NET Breaking Changes (Optional) Top changes in IIS 7.0 (Optional)
Prior versions of IIS Had to install all of the IIS functionalities IIS 6.0 was secure (features were turned off) The problems? The bits got installed anyways (increased foot-print). Service Packs had to be installed, even for the features which are not being used (increased maintenance). The administrators had to maintain the features which were never used (increased maintenance). Reason? Web server architecture was monolithic! (all or nothing)
New version of IIS to rescue! IIS 7.0 is modular. 3 functional areas 40+ role services (also referred as “features”). IIS 7.0 allows you to choose from those features while installing IIS. Benefits? Thin web server with the features which are really needed. Decreased “foot-print” of your web server. Less maintenance – Administrators need not maintain features which are not needed.
Web Server Functional Area ASP.NET Role Service
Prior versions of IIS Write ISAPI filters and extensions Extensibility code does not run in the managed environment, hence no access to .NET classes. IIS 7.0 to rescue (once again!) Native modules C++ New Object Oriented APIs Managed modules Any .NET language Can access all of the .NET classes
Couple of important concepts / components in IIS 6.0 App Pools Application Isolation Modes HTTP.sys WWW (aka W3SVC) Service
App Pools Used for isolating applications from one another and from the web server process New way of implementing application isolation Application Isolation Modes Worker Process Isolation mode (default, important to understand) Multiple App Pools Health Monitoring Worker Process Recycling Web Garden (Pool with more than one Worker Processes) Pool Identity IIS 5.0 Isolation mode Low Isolation (runs in the web service process!) Medium Isolation (shared process) High Isolation (separate process altogether)
HTTP.sys Kernel level device driver. Receives requests; forwards to IIS; returns response. Maintains queues; performs caching WWW Service (aka W3SVC Service) HTTP administration and configuration Process (and App Pool) management Performance monitoring
Re-written from scratch – hence new concepts and new architecture. Important architectural components in IIS 7.0 Protocol Listeners (HTTP.sys, etc) WWW Service (aka W3SVC Service) Windows Process Activation Service (WAS) Modules
Protocol Listeners Receives requests; forwards to IIS; returns response. Maintains queues; performs caching More listeners available for other protocols (e.g. NetTcpActivator in WCF for net.tcp) WWW Service (aka W3SVC Service) Compared to IIS 6.0, the responsibilities have been reduced. Listener adapter for HTTP.sys Configures HTTP.sys (at load time) Updates HTTP.sys whenever the configuration changes Notifies WAS whenever a request enters the request queue Does not manage the application pools and the worker processes.
Windows Process Activation Service (WPAS) (WAS) Manage application pools and worker processes (for both the HTTP and non-HTTP protocols) Can be used without W3SVC! (e.g. web service over TCP) Loads configuration stored in applicationHost.config Monitors configuration for any changes. Informs listener adapters (such as W3SVC) if configuration changes.
Modules New concept in IIS 7.0 – borrowed from ASP.NET. Most of the web server functionality is built as Modules. Two types Native Managed Benefits Plug-and-Play modules according to your needs. Reduce attack surface and memory foot-print. Customize a server to a specific role in your organization (application server, web server, ftp server, etc). Write custom modules (C++ or any .NET language) to replace existing modules or to introduce new features.
Differences between Native and Managed Modules Native Modules Managed Modules C++ Any .NET language Difficult to develop Easy to develop Use this for migrating old ISAPI Use this for add new “features” or components over to IIS 7.0 enhancements to IIS 7.0 Unrestricted access to server Don’t have unrestricted access to resources server resources; .NET and ASP.NET security applies Need to be registered with IIS No need to register with IIS <globalModules> node Admin rights are needed to Admin rights are not needed to install/enable/un-install install/enable/un-install
IIS 7.0 Request Processing
Classic Mode Integrated Mode Benefits Compatibility App Pools Enable ASP.NET services for all content Enhanced ASP.NET API Runtime Integration Request Processing ASP.NET Breaking Changes
Classic Mode Just like IIS 6.0 Worker Process Isolation Mode. Integration is based on aspnet_isapi.DLL. ASP.NET content (.aspx, etc) are processed by ASP.NET runtime. Non ASP.NET content (.htm, etc) are processed by IIS. Major drawback ASP.NET services are not available to non-ASP.NET content When to use? While porting an IIS 6.0 application that does not work in the Integrated Mode. (not recommended)
Integrated Mode Integrates ASP.NET runtime with the core server. One consolidated pipe-line. Similar to ASP.NET pipe-line in IIS 6.0. Adds new events Modules subscribe to events IIS core engine calls modules whenever the events occur.
Integrated Mode – Benefits ASP.NET services are available to all of the content including.asp pages! Fully extend IIS with ASP.NET No need to write ISAPI Now ASP.NET modules Directly plug into the server pipe-line. Execute in all stages of the request processing pipe-line. Be executed in any order respective to the native modules! (Very important – for example, could replace the Basic Authentication provided by IIS)
Integrated Mode – Benefits Unified Server Runtime Eliminates the duplication of features in IIS and ASP.NET. Tighter integration allows many features to be unified. Unified configuration for IIS and ASP.NET modules and handlers Custom Errors Tracing Output Caching
Integrated Mode – Compatibility Existing and new applications can run side-by-side. Existing applications in Classic mode. New applications in Integrated mode. What is an existing application is run in Integrated mode? Might or might not work (Depends!) Configuration changes b/c of the configuration unification. Code changes b/c of the new runtime architecture and breaking changes. IIS 7.0 is helpful! Shows detailed errors.
Integrated Mode – What to fix? HTTP Modules HTTP Error 500.22 Reason Web.config contains <httpModules>. Fix Remove <httpModules>. Add<system.webServer>/modules. Or use appcmd to do it for you. appcmd migration config quot;Default Web Site/App Namequot; -section:httpModules
Integrated Mode – What to fix? HTTP Handlers HTTP Error 500.23 Reason Web.config contains <httpHandlers>. Fix Remove <httpHandlers>. Add<system.webServer>/handlers. Or use appcmd to do it for you. appcmd migration config quot;Default Web Site/App Namequot; -section:httpHandlers
Integrated Mode – What to fix? Impersonation HTTP Error 500.24 Reason? <identity impersonate=“true”/> could be problematic. Impersonated identity is unavailable until PostAuthenticateRequest stage. Fix Change the code written in BeginRequest and AuthenticateRequest events to not access the impersonated identity. See if the code could be moved to PostAuthenticateRequest stage.
Integrated Mode – App Pools Use IIS 6.0 Worker Process isolation mode. Underlying mechanism for implementing Classic and Integrated modes in IIS 7.0! An application pool specifies Pool type (Classic vs Integrated) .NET Framework Version
Integrated Mode – App Pools Change ASP.NET mode for a pool Why? To create the appropriate pipe-line. How Use the Administration tool. Use appcmd Sets the app pool mode to Integrated appcmd set apppool “app pool name” /managedPipelineMode:Integrated Lists properties that can be set on an app pool appcmd set apppool “app pool name” /? Manually change the applicationHost.config file.
Integrated Mode – App Pools Change app pool for an application Why? Allows you to run your application under a specific ASP.NET version or a different mode. (Don’t use aspnet_regiis to configure the ASP.NET version in IIS 7.0) How? Use the Administration tool. Use appcmd Sets the app pool mode to Integrated appcmd set apppool “app pool name” /managedPipelineMode:Integrated Lists properties that can be set on an app pool appcmd set apppool “app pool name” /? Manually change the applicationHost.config file.
Integrated Mode – Enable ASP.NET services for all of the content Not enabled by default. For backwards compatibility Run this module only for the managed requests
Integrated Mode – Enable ASP.NET services for all of the content What are Pre-Conditions? Answers to some questions. IIS 7.0 configures itself based on the answers. Pre-Conditions specify. Process Bitness – bitness32, bitness64 Managed Extensibility Style – integratedMode, ISAPIMode .NET Framework Version – runtimeVersionv1.1 , runtimeVersionv2.0 Managed Code Execution – managedHandler
Integrated Mode – Enable ASP.NET services for all of the content How? Change each and every module entry and remove the managedHandler pre-condition (tedious).
Integrated Mode – Enable ASP.NET services for all of the content How? Or set the runAllManagedModulesForAllRequests attribute for the <modules> section to true.
Integrated Mode – Enhanced ASP.NET APIs APIs are backwards compatible – allows existing code to run in IIS. New APIs have been added; couple of existing APIs have been changed. HttpResponse.Headers Allows changing the response headers generated by other applications. HttpRequest.Headers Now writeable! Allows modules to manipulate the incoming request headers (e.g. dynamically change the Accept-Language header). HttpRequest.ServerVariables Now writeable! Could be used for passing information to other application frameworks, such as PHP.
Breaking Changes Passport Authentication ASP.NET Error 500 Reason Passport auth not supported on Vista and Windows Server 2008. Applies to both Classic and Integrated modes. Fix Don’t use Passport authentication!
Breaking Changes Query String > 2048 HTTP Error 404.15 Reason This is the default limit. Applies to both Classic and Integrated modes. Fix Change maxQueryString attribute.
Breaking Changes HttpContext.Current.Request and HttpContext.Current.Response in Application_Start in global.asax ASP.NET YSOD Generates error if code tries to access these properties. Reason Application initialization tied to the arrival of 1st request – design flaw! couples the application initialization with the 1st request. Fix Write a module and move code in the BeginRequest stage for performing one time initialization.
Top changes in IIS 7.0 Simple configurable command line setup Great compatibility Most of the applications will work. Classic mode allows for easy app migration. IIS 6.0 meta-base compatibility layer for existing scripts No more meta-base Clear text schema IIS settings are stored in applicationHost.config Meta-base for SMTP/FTP/NNTP Delegated configuration Administrators can now delegate IIS settings to application owner. Settings defined in web.config file in application directory.
Top changes in IIS 7.0 Appcmd and other new management options Manage via the UI Manage via the command line (replaces adsutil.vbs, iisapp.vbs, etc). Command line management of sites, applications, vdir, app pool, etc. Failed Request Tracing Request Filtering
IIS 7.0 Architecture and Integration with ASP.NET
ASP.NET Integration Architecture . In IIS 6.0 and ... Article ASP.NET Integration with IIS 7; ... Article Upgrading ASP.NET 1.1 to IIS 7.0 on ...
... für die Integration von ASP.NET-Modulen in die Anforderungspipeline. Dank dieser neuen Architektur kann IIS 7.0 systemeigene ... IIS 7.0 ASP.NET in ...
Introduction to IIS ... of the integrated request-processing architecture of IIS and ASP.NET. ... Build a Custom IIS 7.0 Server;
... see ASP.NET Integration with IIS7. ... In IIS 7.0, the ASP.NET runtime is integrated with the Web server so that there is one unified request ...
IIS 7 and ASP.NET Integrated Architecture ... deep integration of the IIS 7 and ASP.NET ... 7.0 is modular to the bone! Its architecture consists ...
This article discusses the improvements introduced by the new ASP.NET integration mode, the architecture of ... ASP.NET Integration in IIS 7.0 unlocks ...
Design and Architecture; ASP.NET; ... planned to write an article on IIS 6.0 and Integration of IIS with ASP.NET. ... ASP.NET Websites on IIS 7.0;
Windows SharePoint Services Integration with ASP.NET. ... routing architecture of IIS and ASP.NET to properly route ... SharePoint Architecture ...
... IIS 7.0 processes ASP.NET requests ... 7.0 Architecture : Request Processing in Application ... processing architecture of IIS 7.0 and ASP.NET. ...