IIS Site and virtual directory
================
In Web servers, ASP. NET and WSS both rely on IIS to provide the underlying listening mechanism for HTTP requests arriving at the server, and rely on IIS to provide loading and runningWorker Process)Management Infrastructure. If you want to understand how WSS associates IIS, ASP. NET, and WSS together, you must first understandIIS SiteAndVirtual directoryThese two basic concepts.
The IIS web site provides an entry to the infrastructure of the IIS web server. each IIS Site is set to listen for and process HTTP requests that meet certain standards. for example, an IIS site can be configured to process requests sent only to a specific IP address or a port number. or a specified host header (Host header) that can be routed to the Web server can be used to determine which IIS Site handles a request. for example:Http://Extranet.Litwareinc.com.
IIS automatically creates and configures an IIS Site named default web site, which listens to any IP addresses that are sent to the Web server and sends HTTP requests to port 80. you can also create and configure other IIS sites through IIS management tools.
Each IIS Site defines a specific URL space. for example, the standard default web site defines a URL space to process any incoming requests. The requested URL space conforms to the following pattern:Http://www.Litwareinc.com /*As you can imagine, an unlimited number of URL requests can be created in this space. IIS will send requests targeting such URLs to the default web site.
Any IIS Site is configured to map it to a root directory, which is a physical folder of the file system on the Web server. for example, under the standard configuration of default web site, IIS maps it to a folder located in c: \ Inetpub \ wwwroot. in most loose routing scenarios, IIS maps HTTP requests to physical files in the root directory. for example, IIS will send this requestHttp://www.Litwareinc.com/page1.htmThe response is to load the content of the physical file in C: \ Inetpub \ wwwroot \ page1.htm and send it to the client in stream mode.
An important aspect of the IIS Site is that it controls whether to authenticate the incoming HTTP requests. If so, which method is used for authentication. all of these are decided by IIS. for example, the default web site may be used as a site for the Internet. therefore, it may be set to allow access by anonymous users, or support basic authentication. however, if another IIS Site is only accessed by employees in the company's internal LAN, anonymous users may not be allowed to access the site, and Windows integrated authentication is supported, rather than basic authentication.
IIS not only supports virtual directories in the IIS Site, but also supports you to view and configure new virtual directories ). A virtual directory is a virtual directory that defines the content stored in the URL space of the parent site,Sub-URL Space. For an IIS Site, a virtual directory is configured to the site as the root directory. the IIS Site provides the flexibility to define the root directory in any location. for example, you can define a virtual directory of the default web site. The URL space of the virtual directory isHttp://www.Litwareinc.com/Sales. When creating this virtual directory, you can configure a file system directory in c: \ webapps \ Site1 as its root directory.
IIS provides a management tool called Internet Information Services (IIS) manager. this tool allows you to review, create, and configure the IIS Site and virtual directory on the current machine. you can start informationservices (IIS) Manager through the Start Menu | administrative tool | Internet informationservices. if you are not familiar with this tool, you can start it and learn how to use it to view the properties of IIS sites and virtual directories and how to configure them.
Note that the configuration of IIS tracking and saving IIS sites and virtual directories is calledIIS metabaseStorage location. IIS metabase exists in the file system of the front-end server running IIS. for example, when you use IIS management tools to create and configure an IIS Site, IIS writes your modifications as an entry to the local IIS metabase file.
In addition to the IIS management tools, you can also automate the operation process of creating and configuring IIS sites and virtual directories? The method is to write scripts or program managed code for the IIS object model. this process is usually performed in the web environment, because we need to copy identical IIS metabase settings to all the Web Front-end servers in the field.
ISAPI extension and ISAPI filters
================================
In most direct routing scenarios, IIS simply maps incoming requests to the root directory of the IIS Site or physical files under a virtual directory. however, IIS also supports the Internet Server Application Programming Interface (ISAPI) programming model, providing you with opportunities to handle more complex routing situations. in particular, the ISAPI programming model allows you to configure IIS sites or virtual directories, so that the request can start executing custom code on the Web server.
The ISAPI programming model is introduced by the old IIS version. At present, it continues to provide you with the ability to write components for IIS at the underlying layer. the ISAPI programming model consists of two main components: ISAPI extensions and ISAPI filters.
ISAPI extension is a DLL component that plays the role at the end of the request. A basic understanding is that IIS can map requests to a series of endpoints that can stimulate ISAPI extension DLL execution. the ISAPI extension component must be installed on the Web server and configured horizontally on the IIS Site or virtual directory. the configuration usually involves the IIS ing from a file extension name to an ISAPI extension, which is determined by the IIS application map.
When an ISAPI extension acts as an endpoint in the service, ISAPI filter plays a blocking role. ISAPI filter is installed and configured horizontally on the IIS Site. once installed, the ISAPI filter blocks all requests to a site. A basic understanding is that ISAPI filter can provide any incoming requestPreprocessingAndPost-processing. ISAPI filter is typically created to provide underlying IIS site services, such as custom authentication and request logging.
Application pool and IIS Worker Process
================================
IIS provides a flexible infrastructure where the application pool is used to manage worker processes. application pool is a configurable entity that allows you to control how IIS maps IIS sites and virtual directories to IIS worker processes. note that the iisworker process is loaded by an executable w3wp.exe file. for example.
The IIS routing architecture is driven by a kernel-level device called HTTP. SYS. this driver listens for HTTP requests and uses the information in IIS metabaseto connect the w3wp.exe instance with the target application pool. if HTTP. sys finds that the target application pooldoes not have a running w3wp.exe instance, so it loads a new instance for processing the incoming HTTP request.
Each IIS Site and virtual directory can be configured to run in their own isolated application pool. on the contrary, you can configure many different IIS sites and virtual directories for better efficiency, so that they can run in the same application pool. an important observation is that you should consider balancing between independence and efficiency. to achieve better independence, it means that your worker runs more w3wp.exe instances, but this will damage the efficiency. for higher efficiency, you must map multiple IIS sites and virtual directories to a smaller number of IIS workers. However, this damages the independence.
Each application pool has an important configuration option called application pool identity. application pool identity is configured as a Windows User Account, either a local account of a Web server or a domain account in a directory in Active Directory. when HTTP. sys uses the application pool identity to initialize a Windows Security token as the process token for a new w3wp.exe instance. this is important because it creates a "run as" ID for the code running in the IIS worker process.
By default, when you create a new application pool, IIS uses the local network service account as the identity. however, you can configure the application pool identity as any account you want. when ASP. net and WSS sites, we recommend that you use the domain account as the application pool identity, rather than the network service. especially in the web environment, when you need to synchronize the application pool identity in different Web Front-end servers.