Introduction to the internal mechanism of ASP. NET (2)

Introduction to the internal mechanism of ASP. NET (2)
Do you know how an HTTP request is passed to ASP. NET? In addition, how does ASP. NET know that an HTTP requestrequest is a dynamic file like .aspxand a static file like .htm ?......
The HTTP. sys and aspnet_filter functions have been mentioned last time. I hope you can remember them!
When a request (that is, an HTTP request) passes HTTP. sys and aspnet_fitler, the request is not passed to ASP. NET for processing.Program. However, IIS searches for the processing program of the request file in its MIME type.
In fact, MIME type is not mysterious, that is, it registers which files are processed by which components. You can see the figure below.

You should be familiar with the above figure. IIS is to query the table above to determine whether a request is requested. If it is a static file, such as htm, the request is directly processed by IIS, it will not be passed to ASP.. Net handler. If the requested file is. aspx or. asmx, etc. Then IIS will know that the request is passed to aspnet_isapi.dll, then a process will be started to load the DLL, and then a series of initialization work will begin, then pass the request to ASP.. net.

let's take a detailed look at the initialization operations performed when a request is actually processed.
1.once iisknows that the file .aspxis processed, w3wp.exe is started to run ASP. NET.
2. this is because the aspnet_isapi.dll has been loaded and run, and the aspnet_isapi.dll is a component that is compiled by the Code , all managed code must run in the application domain (domain). Therefore, after loading, a domain is created first. Because we are requesting an ASP. net, and this page belongs to an ASP.. However, creating a domain requires many steps. (Note: You may think there is no need to clarify the steps for establishing a domain, but I think it is necessary because the process of creating a domain involves a lot of ASP. net internal issues, and this issue is also very important in actual development, such as ASP.. Net runtime permissions and trusted domains (related to security issues) also involve code security, and can help us understand code compilation ).

The following describes how to create a domain:
2.1 create an ID for a domain;
2.2 verify whether the accessed file directory exists and initialize the directory information
2.3 set domain trust level
2.4 set the Assembly location
2.5 obtain the automatically generated machine code
2.6 initialize the ASP. NET compilation system

First, let's take a look at creating an ID for a domain.

Because an application runs on the server's hard disk, there must be an identity during running. In fact, the identity is the user name and ID of the running program, this is what the operating system requires. In IIS6, an ASP. Net program runs as nt authority \ network service. Because different identities have different operation permissions on the system, we can perform operations in the configuration file, such as web. configure other permissions in config so that our program can perform more operations (such as writing files and reading the system registry), as long as you configure <identity/>.
Next, let's check whether the accessed file directory exists and initialize the directory information.
An ASP. NET Website consists of many files. If the requested file does not exist on this website or we do not have the permission to read the file, an error message will be returned from the server.
And ASP. net will also initialize some directory information, such as the file in app_data, because. net framework2.0 and later versions, ADO. net will also connect the data file with SQL Server and establish a connection.
Finally, it determines where the code automatically generated by an ASP. NET Website is played back. For example, we request a default. ASPX page, which also has one. CS file, when we request, these two files will generate a class that inherits the page, so ASP. NET must determine where the generated file is stored.
Then, let's take a look at setting the domain's trust level.
In fact, the trust level of a domain determines what the domain can do. That is, the permissions of a domain.
Mainly include: 1. Enterprise 2. Machine 3. User 4. Application domain.
In fact, this is also a problem of code access security (CAS). That is to say, the application code in this domain has the permission to perform operations. For example, if the domain has a high level of trust, and even the code in the program can access the Windows API.
You can set the level by calling system. appdomain. currentdomain. setappdomainpolicy.
Again, let's look at the location of the Set assembly.
In the preceding steps, a domain security policy has been set up. websites running in a domain generally have some assembly and are located in the bin directory, the automatic classes mentioned earlier will also be compiled into an assembly ,.. NET Framework monitors these sets.
Then, let's take a look at the automatically generated machine code.
In fact, the machine code is the machinekey, and each application will have a machinekey when running, usually ASP. net randomly generated, but we can also make it automatically, in the web. <machinekey/> in config. This function is very useful. For example, if you have several servers or several different websites, we hope that after logging on to a website on a server, then, when we go to other server websites, we can have logged on to the user. That is, you can achieve "one login, available everywhere ".
Finally, the ASP. NET compilation system is initialized.
At this time, the Assembly is compiled, the classes in the Assembly are parsed, and the directory of app_webreferences and Global. asax are also parsed. The program starts to run, and the application instance is used to control the entire application.

Original article address