Efficient Deployment & Management of ASP.NET 2.0 Applications on IIS 6.0   Alexis Eller Program Manager Internet Informati...
Agenda <ul><li>What is ASP.NET? </li></ul><ul><li>.NET Framework Concepts </li></ul><ul><ul><li>Global Assembly Cache (GAC...
What is ASP.NET? <ul><li>Part of the .NET Framework </li></ul><ul><ul><li>IIS 6.0: v2.0, v1.1 in Worker Process Isolation ...
.NET Framework Concepts Global Assembly Cache (GAC) <ul><li>“ Registry” for .NET assemblies </li></ul><ul><li>Add an assem...
Adding an assembly to the GAC
.NET Framework Concepts Configuration Layout root configuration files machine.config root web.config web.config .NET  Fram...
.NET Framework Concepts Code Access Security (CAS) <ul><li>Constrains managed code, including ASP.NET </li></ul><ul><ul><l...
.NET Framework Concepts ASP.NET Medium Trust <ul><li>Access SQL Server </li></ul><ul><li>Send e-mail via SMTP </li></ul><u...
Setting and customizing ASP.NET Trust Levels
ASP.NET Request Processing <ul><li>IIS maps request to ASP.NET, forwards to aspnet_isapi.dll </li></ul><ul><li>ASP.NET ISA...
Deployment and Management Getting started... <ul><li>Manual: </li></ul><ul><ul><li>MMC snap-in (in IIS Manager) </li></ul>...
Deployment and Management aspnet_regiis.exe <ul><li>Provides more functionality than MMC snap-in </li></ul><ul><ul><li>Enu...
Deployment and Management aspnet_regiis.exe (2) <ul><li>Combine aspnet_regiis.exe with other utilities for automating depl...
.NET Framework Versioning <ul><li>Can run one version per application pool </li></ul><ul><li>Each framework version has it...
Running ASP.NET 1.1 and 2.0 Side-by-Side
Deployment and Management ASP.NET 2.0 MMC Snap-In <ul><li>Overview of the ASP.NET user interface </li></ul><ul><li>Configu...
Deployment and Management Overview of ASP.NET MMC Snap-in <ul><li>ASP.NET configuration is: </li></ul><ul><ul><li>hierarch...
Deployment and Management Overview of ASP.NET MMC Snap-in <ul><li>Prevents typo’s,  incorrect XML tags </li></ul><ul><li>M...
Deployment and Management Configuration Tabs <ul><li>General  </li></ul><ul><ul><li>Connection strings, Application data <...
Deployment and Management Configuration Tab - General   <ul><li>What can be modified? </li></ul><ul><ul><li>Database Conne...
Deployment and Management Configuration Tab – Custom Errors <ul><li>What can be modified? </li></ul><ul><ul><li>Enabling l...
Deployment and Management Configuration Tab – Auth’N and Auth’Z <ul><li>What can be modified? </li></ul><ul><ul><li>Authen...
Deployment and Management Configuration Tab – Application <ul><li>What can be modified? </li></ul><ul><ul><li>Compilation ...
Deployment and Management Configuration Tab – State Management <ul><li>What can be modified? </li></ul><ul><ul><li>Enable ...
Deployment and Management Configuration Tab – Locations <ul><li>What can be done with the Locations Tab? </li></ul><ul><ul...
Configuring Forms Auth in the ASP.NET MMC Snap-in
Deployment and Management Understanding the MMC Snap-in Behaviour <ul><li>Multiple configuration editors (such as administ...
Running ASP.NET 2.0 on x64 <ul><li>ASP.NET 1.1 – Requires WOW64 </li></ul><ul><ul><li>32 bit IIS worker processes on 64 bi...
Summary <ul><li>Global Assembly Cache (GAC) </li></ul><ul><ul><li>All GAC'ed assemblies run in Full trust </li></ul></ul><...
[email_address]
Resources <ul><li>ASP.NET &quot;Whidbey&quot; Documentation Center on MSDN </li></ul><ul><ul><li>http://msdn.microsoft.com...
Upcoming SlideShare
Loading in...5
×

Road Show Asp Net

3,022

Published on

test

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
3,022
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
31
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Road Show Asp Net

  1. 1. Efficient Deployment & Management of ASP.NET 2.0 Applications on IIS 6.0 Alexis Eller Program Manager Internet Information Services Microsoft Corporation
  2. 2. Agenda <ul><li>What is ASP.NET? </li></ul><ul><li>.NET Framework Concepts </li></ul><ul><ul><li>Global Assembly Cache (GAC) </li></ul></ul><ul><ul><li>Configuration Layout </li></ul></ul><ul><ul><li>Code Access Security (CAS) </li></ul></ul><ul><li>Versioning </li></ul><ul><li>Deployment & Management </li></ul><ul><li>Running x64 on ASP.NET 2.0 solutions </li></ul><ul><li>Summary / Q&A </li></ul>
  3. 3. What is ASP.NET? <ul><li>Part of the .NET Framework </li></ul><ul><ul><li>IIS 6.0: v2.0, v1.1 in Worker Process Isolation Mode </li></ul></ul><ul><ul><li>IIS 6.0: v1.0 in IIS 5.0 Compatibility Mode </li></ul></ul><ul><ul><li>IIS 5.0: only run one version at a time </li></ul></ul><ul><li>Builds significantly on the power of ASP </li></ul><ul><li>ASP.NET is “managed” code - the .NET Framework manages memory, not the application (reduces the risk of memory leaks) </li></ul>
  4. 4. .NET Framework Concepts Global Assembly Cache (GAC) <ul><li>“ Registry” for .NET assemblies </li></ul><ul><li>Add an assembly to the GAC: </li></ul><ul><ul><li>Generate a strong name, assembly: 1) name, 2) version, 3) 64 bit public key hash - sn.exe , 4) culture </li></ul></ul><ul><ul><li>Add to the GAC - gacutil.exe , .NET Configuration x.x (MMC Snap-in) </li></ul></ul><ul><li>Viewing the contents of the GAC: </li></ul><ul><ul><li>gacutil /l </li></ul></ul><ul><ul><li>start explorer %windir%assembly </li></ul></ul><ul><ul><li>.NET Configuration x.x (MMC Snap-in) </li></ul></ul><ul><li>Cannot XCOPY deploy GAC’ed assemblies </li></ul><ul><li>Security : all GAC’ed assemblies (for ASP.NET apps): </li></ul><ul><ul><li>Run as Full Trust </li></ul></ul><ul><ul><li>Are accessible to all ASP.NET apps </li></ul></ul>
  5. 5. Adding an assembly to the GAC
  6. 6. .NET Framework Concepts Configuration Layout root configuration files machine.config root web.config web.config .NET Framework ASP.NET ASP.NET + .NET Framework web.config files WindowsMicrosoft.NETFrameworkv2.0.50727configweb.config WindowsMicrosoft.NETFrameworkv2.0.50727configmachine.config Inheritance…
  7. 7. .NET Framework Concepts Code Access Security (CAS) <ul><li>Constrains managed code, including ASP.NET </li></ul><ul><ul><li>Do you trust your content providers? </li></ul></ul><ul><ul><li>Do you trust that your applications can’t be exploited? </li></ul></ul><ul><li>Control access to: file system, registry, printers </li></ul><ul><li>ASP.NET Trust Levels </li></ul><ul><ul><li>Full, High, Medium, Low, Minimal (can define custom) </li></ul></ul><ul><ul><li>Defined by policy files: %windir%Microsoft.NETFrameworkv2.0.50727CONFIGweb*trust.config </li></ul></ul><ul><ul><li>Full trust by default </li></ul></ul><ul><li>GAC’ed assemblies run as Full trust always </li></ul>
  8. 8. .NET Framework Concepts ASP.NET Medium Trust <ul><li>Access SQL Server </li></ul><ul><li>Send e-mail via SMTP </li></ul><ul><li>Access certain common environment variables </li></ul><ul><li>Access files within the application's directory </li></ul><ul><li>Access files outside the application's directory </li></ul><ul><li>Use reflection </li></ul><ul><li>Use sockets </li></ul><ul><li>Access unmanaged code </li></ul>Can... Cannot... How to Use Medium Trust in ASP.NET 2.0: http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnpag2/html/PAGHT000020.asp
  9. 9. Setting and customizing ASP.NET Trust Levels
  10. 10. ASP.NET Request Processing <ul><li>IIS maps request to ASP.NET, forwards to aspnet_isapi.dll </li></ul><ul><li>ASP.NET ISAPI creates appdomain </li></ul>Send Response Log Compress NTLM Basic Determine Handler CGI Static File ISAPI Authentication Anon … … Authentication Forms Windows Map Handler ASPX Trace … … … aspnet_isapi.dll
  11. 11. Deployment and Management Getting started... <ul><li>Manual: </li></ul><ul><ul><li>MMC snap-in (in IIS Manager) </li></ul></ul><ul><ul><li>aspnet_regiis.exe command line tool </li></ul></ul><ul><ul><li>Edit web.config files using Notepad or Visual Studio </li></ul></ul><ul><li>Automated: </li></ul><ul><ul><li>Call aspnet_regiis.exe in a batch file </li></ul></ul><ul><ul><li>Program against the ASP.NET configuration API (System.Configuration) </li></ul></ul>
  12. 12. Deployment and Management aspnet_regiis.exe <ul><li>Provides more functionality than MMC snap-in </li></ul><ul><ul><li>Enumerate all ASP.NET script map settings </li></ul></ul><ul><ul><li>Install / uninstall ASP.NET </li></ul></ul><ul><ul><li>Enable / disable ASP.NET ISAPI extension </li></ul></ul><ul><li>Unique version in each framework directory: </li></ul><ul><ul><li>C:WindowsMicrosoft.NETFramework64v2.0.50727 </li></ul></ul><ul><li>Use in batch files for deployment / management </li></ul><ul><ul><li>Combine with other utilities to create batch files for deploying applications, content and configurations </li></ul></ul>
  13. 13. Deployment and Management aspnet_regiis.exe (2) <ul><li>Combine aspnet_regiis.exe with other utilities for automating deployment </li></ul><ul><ul><li>Adsutil.vbs to create application pool adsutil.vbs CREATE W3SVC/AppPools/BusyPool &quot;IIsApplicationPool&quot; </li></ul></ul><ul><ul><li>IISweb.vbs to create the Web site in app pool IISweb.vs /create C:MySource &quot;MySite&quot; /ap BusyPool /dontstart </li></ul></ul><ul><ul><li>Aspnet_regiis.exe to install ASP.NET 2.0 change the IIS scriptmap to 2.0 C:WINDOWSMicrosoft.NETFrameworkv2.0.50727apsnet_regiis.exe –enable -ir C:WINDOWSMicrosoft.NETFrameworkv2.0.50727apsnet_regiis.exe –s W3SVC/<metabase path> </li></ul></ul>
  14. 14. .NET Framework Versioning <ul><li>Can run one version per application pool </li></ul><ul><li>Each framework version has it’s own version of aspnet_regiis.exe </li></ul><ul><li>Different IIS scriptmap behavior depending on existing ASP.NET </li></ul>Initial ASP.NET Configuration Scriptmap Behavior Location of Aspnet_regiss.exe ASP.NET not previously installed IIS Scriptmap defaults to 2.0 C:WINDOWSMicrosoft.NETFrameworkv2.0.50727 ASP.NET 1.1 previously installed Existing scriptmaps unchanged IIS Scriptmap continues to default to 1.1 C:WINDOWSMicrosoft.NETFrameworkv1.1.4322 C:WINDOWSMicrosoft.NETFrameworkv2.0.50727
  15. 15. Running ASP.NET 1.1 and 2.0 Side-by-Side
  16. 16. Deployment and Management ASP.NET 2.0 MMC Snap-In <ul><li>Overview of the ASP.NET user interface </li></ul><ul><li>Configuration tabs </li></ul><ul><li>Understanding the behavior of the MMC snap-in </li></ul>
  17. 17. Deployment and Management Overview of ASP.NET MMC Snap-in <ul><li>ASP.NET configuration is: </li></ul><ul><ul><li>hierarchical and distributed </li></ul></ul><ul><ul><li>complex enough to warrant a user interface </li></ul></ul><ul><li>The ASP.NET MMC Snap-in uses Microsoft® Internet Information Services (IIS) Manager’s extensibility </li></ul>
  18. 18. Deployment and Management Overview of ASP.NET MMC Snap-in <ul><li>Prevents typo’s, incorrect XML tags </li></ul><ul><li>Manages versioning information </li></ul><ul><li>Indicates file and virtual path </li></ul><ul><li>Indicates the date file last modified </li></ul>
  19. 19. Deployment and Management Configuration Tabs <ul><li>General </li></ul><ul><ul><li>Connection strings, Application data </li></ul></ul><ul><li>Custom Errors </li></ul><ul><li>Authorization </li></ul><ul><li>Authentication </li></ul><ul><ul><li>Authentication settings </li></ul></ul><ul><ul><li>Membership provider </li></ul></ul><ul><ul><li>Role Manager provider and enable/disable </li></ul></ul><ul><li>Application </li></ul><ul><ul><li>Compilation, Globalization, Identity </li></ul></ul><ul><li>State Management </li></ul><ul><ul><li>Session State settings </li></ul></ul><ul><li>Locations </li></ul><ul><ul><li>User-defined settings entered as <location> tags in configuration </li></ul></ul>
  20. 20. Deployment and Management Configuration Tab - General <ul><li>What can be modified? </li></ul><ul><ul><li>Database Connections </li></ul></ul><ul><ul><li>Application Settings </li></ul></ul><ul><li>Which web.config file is edited? Depends on the object selected in IIS Manager... </li></ul><ul><ul><li>Server (Web Sites) </li></ul></ul><ul><ul><li>Web Site </li></ul></ul><ul><ul><li>Virtual Directory / Folder </li></ul></ul>
  21. 21. Deployment and Management Configuration Tab – Custom Errors <ul><li>What can be modified? </li></ul><ul><ul><li>Enabling local or remote- only custom errors </li></ul></ul><ul><ul><li>Redirect URLs for specific status codes </li></ul></ul><ul><ul><li>Default redirect URL </li></ul></ul><ul><li>What cannot be modified? </li></ul><ul><ul><li>IIS’s custom errors configuration in the metabase </li></ul></ul>
  22. 22. Deployment and Management Configuration Tab – Auth’N and Auth’Z <ul><li>What can be modified? </li></ul><ul><ul><li>Authentication: </li></ul></ul><ul><ul><ul><li>Forms vs. Windows </li></ul></ul></ul><ul><ul><ul><li>Forms authentication settings </li></ul></ul></ul><ul><ul><ul><li>Membership and Roles providers </li></ul></ul></ul><ul><ul><li>Authorization Rules: only apply to content handled by the ASP.NET 2.0 ISAPI </li></ul></ul><ul><li>What cannot be modified? </li></ul><ul><ul><li>IIS Authentication: Anonymous, Basic, Integrated, etc. </li></ul></ul><ul><ul><li>IIS does access checks, not authorization rules per URL </li></ul></ul><ul><ul><li>IIS 6.0 ships with Authorization Manager ISAPI (urlauth.dll) - this is different than ASP.NET authorization </li></ul></ul>
  23. 23. Deployment and Management Configuration Tab – Application <ul><li>What can be modified? </li></ul><ul><ul><li>Compilation and runtime settings </li></ul></ul><ul><ul><ul><li>Assign a theme to specific page or master page </li></ul></ul></ul><ul><ul><li>Debugging options </li></ul></ul><ul><ul><ul><li>Used for development purposes </li></ul></ul></ul><ul><ul><ul><li>Should be used only in non-production environments (performance considerations) </li></ul></ul></ul><ul><ul><ul><ul><li>Tip: <deployment retail=&quot;true|false&quot; /> </li></ul></ul></ul></ul><ul><ul><li>Globalization options </li></ul></ul><ul><ul><ul><li>Setting the Code Page, etc. </li></ul></ul></ul><ul><ul><li>Identity settings </li></ul></ul><ul><ul><ul><li>Use IIS’s impersonated token -or- override with a specified user identity </li></ul></ul></ul>
  24. 24. Deployment and Management Configuration Tab – State Management <ul><li>What can be modified? </li></ul><ul><ul><li>Enable ASP.NET Session State Server </li></ul></ul><ul><ul><li>Enable ASP.NET Session State in SQL Server </li></ul></ul><ul><ul><li>State management connection strings </li></ul></ul><ul><li>ASP.NET Session State Server vs. ASP.NET Session State in SQL Server </li></ul><ul><ul><li>ASP.NET State Server stores state in a process separate from the ASP.NET application </li></ul></ul><ul><ul><li>ASP.NET Session State in SQL Server stores applicationsession data in SQL </li></ul></ul>
  25. 25. Deployment and Management Configuration Tab – Locations <ul><li>What can be done with the Locations Tab? </li></ul><ul><ul><li>Lockdown of features at a granular level </li></ul></ul><ul><ul><li>Examples: </li></ul></ul><ul><ul><ul><li>“ AllowOverride=false” with a relative path </li></ul></ul></ul><ul><li>Advanced concept - requires a thorough understanding of configuration </li></ul><configuration> <location path=“Default Web Site/App/Login.aspx” allowOverride=“false”> <authorization> ... </location> <configuration>
  26. 26. Configuring Forms Auth in the ASP.NET MMC Snap-in
  27. 27. Deployment and Management Understanding the MMC Snap-in Behaviour <ul><li>Multiple configuration editors (such as administrators and developers) can cause errors in the configuration files </li></ul><ul><ul><li>Configuration errors in the files will cause errors in the user interface </li></ul></ul><ul><ul><li>User interface cannot read invalid configuration files </li></ul></ul><ul><ul><li>Updates to web.config files reload the application’s appdomain – loses in process session state, caches, etc. </li></ul></ul>
  28. 28. Running ASP.NET 2.0 on x64 <ul><li>ASP.NET 1.1 – Requires WOW64 </li></ul><ul><ul><li>32 bit IIS worker processes on 64 bit OS </li></ul></ul><ul><ul><li>Virtual memory from 2 GB to 4 GB </li></ul></ul><ul><ul><li>Enable, from %systemdrive%InetpubAdminScripts, run cscript.exe adsutil.vbs set W3SVC/AppPools/Enable32BitAppOnWin64 “true” </li></ul></ul><ul><li>ASP.NET 2.0 – Runs native 64 bit or WOW64 </li></ul><ul><ul><li>Virtual memory practically unlimited in native 64 bit </li></ul></ul><ul><li>MMC Snap-in not supported on x64 </li></ul>
  29. 29. Summary <ul><li>Global Assembly Cache (GAC) </li></ul><ul><ul><li>All GAC'ed assemblies run in Full trust </li></ul></ul><ul><ul><li>GAC'ed assemblies cannot be xcopy deployed </li></ul></ul><ul><li>ASP.NET Trust Levels (CAS Permission Sets) </li></ul><ul><ul><li>Full trust is not secure enough, Medium is recommended </li></ul></ul><ul><ul><li>Trust levels can be customized </li></ul></ul><ul><li>aspnet_regiis.exe: automated deployment and management </li></ul><ul><li>ASP.NET 2.0 MMC snap-in: </li></ul><ul><ul><li>provides a safe way to edit configuration </li></ul></ul><ul><ul><li>writes to hierarchical and distributed web.config </li></ul></ul><ul><li>ASP.NET v1.1 and v2.0 run side by side on IIS 6.0 </li></ul>
  30. 30. [email_address]
  31. 31. Resources <ul><li>ASP.NET &quot;Whidbey&quot; Documentation Center on MSDN </li></ul><ul><ul><li>http://msdn.microsoft.com/asp.net/whidbey/default.aspx </li></ul></ul><ul><li>ASP.NET user interface </li></ul><ul><ul><li>http://msdn.microsoft.com/asp.net/articles/ui/ </li></ul></ul><ul><li>ASP.NET 2.0 Fundamentals </li></ul><ul><ul><li>http://msdn.microsoft.com/asp.net/articles/fundamentals/ </li></ul></ul><ul><li>.NET Blog: When is ReflectionPermission needed? </li></ul><ul><ul><li>http://blogs.msdn.com/shawnfa/archive/2005/03/08/389768.aspx </li></ul></ul><ul><li>IIS Webcast Series: [email_address] </li></ul><ul><ul><li>http://www.iiswebcastseries.com </li></ul></ul>
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×