Tài liệu Module 4: Installing and Configuring Web Applications docx

Describe how to configure application protection settings and explain the impact that each setting has on performance.. Demonstrate the procedures for setting and removing application ma

Contents

Overview 1

Introduction to Web Applications 2

Creating and Removing Web Applications 4

Lab A: Creating and Configuring

Applications 10

Lab B: Installing and Using ISAPI

Review 29

Module 4: Installing and Configuring Web

Applications

to represent any real individual, company, product, or event, unless otherwise noted Complying with all applicable copyright laws is the responsibility of the user No part of this document may

be reproduced or transmitted in any form or by any means, electronic or mechanical, for any purpose, without the express written permission of Microsoft Corporation If, however, your only means of access is electronic, permission to print one copy is hereby granted

Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property

 2001 Microsoft Corporation All rights reserved

Microsoft, Active Directory, ActiveX, BackOffice, FrontPage, MS-DOS, Outlook, PowerPoint, SQL Server, Visual Basic, Visual InterDev, Visual SourceSafe, Visual Studio, Windows, Win32, Windows Media, and Windows NT are either registered trademarks or trademarks of Microsoft Corporation in the U.S.A and/or other countries

Other product and company names mentioned herein may be the trademarks of their respective owners

Instructor Notes

This module provides students with the knowledge and skills necessary to configure Web applications in Microsoft® Internet Information Services (IIS)

5.0

After completing this module, students will be able to:

Describe the types of Web applications

Create and remove Web applications

Configure Web applications

Install Internet Server Application Program Interface (ISAPI) filters

Materials and Preparation

This section provides the materials and preparation tasks that you need to teach this module

Required Materials

To teach this module, you need the Microsoft PowerPoint® file 2295A_04.ppt

Preparation Tasks

To prepare for this module, you should:

Read all of the materials for this module

Complete the labs

Presentation:

30 Minutes

Lab:

60 Minutes

Module Strategy

Use the following strategy to present this module:

Introduction to Web Applications This topic describes the types of Web applications that are discussed in this module Explain the concept of Web applications, and discuss each of the Application Programming Interfaces (APIs): Common Gateway Interface (CGI), ISAPI, and Microsoft Active Server Pages (ASP)

Creating and Removing Web Applications This topic describes the procedures for creating and removing Web applications in IIS Explain that, to create a Web application, you must first designate a directory as the starting point (application root) for the

application Next, demonstrate the procedures for creating and removing a Web application

Configuring Web Applications This topic describes the different procedures for configuring Web applications Explain that you can control program execution on your Web site by setting application permissions Describe the procedure for setting application permissions for each permissions setting

Describe how to configure application protection settings and explain the impact that each setting has on performance Warn students that, for performance purposes, it is not recommended that you run more than ten isolated applications

Next, explain how to configure application mappings to determine which program will run to process a Hypertext Transfer Protocol (HTTP) request Demonstrate the procedures for setting and removing application mappings, and explain the purpose of caching ISAPI applications

Finally, describe the procedures for configuring ASP scripts to control how they run and for setting debugging options for ASP scripts Open the

Application Configuration dialog box, and describe the settings on the App Options and App Debugging tabs

Installing ISAPI Filters This topic describes how to install ISAPI filters to control how HTTP requests and responses are handled Explain the difference between global filters (filters for all sites on a server) and filters for individual Web sites

Open the Application Configuration dialog box, describe the settings on the ISAPI Filters tab, and demonstrate the procedure for adding an ISAPI

filter Discuss the need to stop and restart the Web server whenever adding

or changing a global filter

Customization Information

This section identifies the lab setup requirements for a module and the configuration changes that occur on student computers during the labs This information is provided to assist you with replicating or customizing Training and Certification courseware

The labs in this module are also dependent on the classroom configuration that is specified in the Customization Information section at the

end of the Classroom Setup Guide for Course 2295A, Implementing and

Supporting Microsoft Internet Information Services 5.0

Complete Module 1, “Installing Internet Information Services 5.0,” in

Course 2295A, Implementing and Supporting Microsoft Internet

Run C:\MOC\2295A\Labs\Mod4\Setup.bat

Configure setup requirement manually by creating the following virtual directories in the default Web site:

• Inprocess, which uses the path C:\MOC\2295A\Labs\Mod4\Inprocess

• Pooled1, which uses the path: C:\MOC\2295A\Labs\Mod4\Pooled1

• Pooled2, which uses the path: C:\MOC\2295A\Labs\Mod4\Pooled2

• Isolated1, which uses the path: C:\MOC\2295A\Labs\Mod4\Isolated1

• Isolated2, which uses the path: C:\MOC\2295A\Labs\Mod4\Isolated2

Lab Results

Performing the labs in this module introduces the following configuration changes:

Five applications are created in the default Web site

The ActiveState Perl program is installed

Important

Overview

***************************** ILLEGAL FOR NON - TRAINER USE ******************************

Installing Web applications is an essential skill for extending the capabilities of Microsoft® Internet Information Services (IIS) 5.0 to include custom

applications and scripting languages

After completing this module, you will be able to:

Describe the types of Web applications

Create and remove Web applications

Configure Web applications

Install Internet Server Application Programming Interface (ISAPI) filters

Installing and configuring

Web applications enables

you to extend the

capabilities of IIS 5.0

Introduction to Web Applications

CGI

ISAPI

Provides a server-side interface for initiating software services that define communications between information services and resources on the server’s host computer

Provides a server-side interface for initiating software services that define communications between information services and resources on the server’s host computer

Provides a set of standard APIs that you can use to develop extensions to IIS

Provides a set of standard APIs that you can use to develop extensions to IIS

Application Programming Interfaces

ASP

Provides a server-side scripting environment that can be used to create dynamic Web pages or to build Web applications by using a standard text editor

Provides a server-side scripting environment that can be used to create dynamic Web pages or to build Web applications by using a standard text editor

***************************** ILLEGAL FOR NON - TRAINER USE ******************************

A Web application is a collection of Web site elements that performs a task by using one or more programs Web applications are designed to run on a Web server, such as a computer running IIS, and use a Web browser, such as Microsoft Internet Explorer, as the user interface Web applications are typically client/server applications For example, the ordering mechanism on an electronic commerce site is a Web application

IIS provides standard Application Programming Interfaces (APIs) on the server that you can use for developing Web applications These APIs include:

Internet Server Application Programming Interface (ISAPI)

Microsoft Active Server Pages (ASP)

Common Gateway Interface (CGI)

Internet Server Application Programming Interface

ISAPI is a Microsoft set of standard APIs that you can use to develop extensions to IIS ISAPI gives developers a powerful method for extending the functionality of IIS to provide better performance than ASP or CGI, and to provide low-level access to all Microsoft Win32® API functions Because ISAPI dynamic-link libraries (DLLs), which are programs, are generally written

in a high-level programming language such as C or C++, they are typically more difficult to develop than ASP-based or CGI-based solutions

There are two kinds of ISAPI DLLs, which have different uses:

ISAPI extensions A run-time DLL that is usually loaded in the same

memory address space occupied by IIS ISAPI extensions extend the functionality of IIS

ISAPI filters Intercept specific server events before the server itself handles

them An example of an ISAPI filter is the Secure Sockets Layer (SSL) protocol component of Microsoft Internet Information Server (IIS) 4.0 In IIS 5.0, Hypertext Transfer Protocol (HTTP) compression is an ISAPI filter

Topic Objective

To describe the types of

Web applications that are

discussed in this module

Lead-in

IIS enables you to create

Web applications or scripts

that provide users with

dynamic Hypertext Markup

Language (HTML) pages

Delivery Tip

Define ISAPI, ASP, and CGI

applications

Active Server Pages

ASP is a server-side scripting language that can be used to create dynamic Web pages or build Web applications by using a standard text editor, such as Notepad

With server-side scripting, the program runs on the server and only the Hypertext Markup Language (HTML) that is the result of running the program

is returned to the client

ASP pages are text files that can contain HTML tags, text, and script commands The ASP scripting language has built-in objects that allow it to perform tasks, such as connecting to a database or identifying the user name of the logged-on user With ASP, a developer can add interactive content to Web pages or build entire Web applications that use Internet Explorer as the interface

ASP is an ISAPI extension, which means that it is based on the ISAPI architecture, and is implemented as an ISAPI extension (asp.dll) Therefore, ASP performs well and has access to many features of the IIS server and Microsoft Windows® 2000 Server IIS 5.0 was specifically designed to integrate with ASP and has built-in features for optimizing and debugging ASP

Common Gateway Interface

CGI is a standard mechanism for communication between a Web server and server-side gateway programs These gateway programs are written in a compiled language, such as C, or in an interpreted language, such as Perl CGI enables Web servers to run scripts or programs on the server and then send the

output to the client’s Web browser A script is a program that consists of a set

of instructions for an application or utility program A script can be embedded

CGI was developed for UNIX-based systems and is supported by most Web servers, including IIS ISAPI is a set of server extensions for IIS that functions in a way similar to that of CGI but uses fewer resources The main difference is that, with CGI, the system creates a unique process for every CGI request, whereas ISAPI extensions do not require separate processes This makes ISAPI applications generally more responsive than CGI applications

Note

Note

Creating and Removing Web Applications

Create

Remove

***************************** ILLEGAL FOR NON - TRAINER USE ******************************

A Web application is a defined set of directories in a Web site To create a Web application, you use the IIS snap-in to designate a directory as the starting point (also called the application root) for the application You can then set properties for the Web application

Every file and directory under the starting-point directory in your Web site is considered part of the Web application until another starting-point directory is

found Therefore, you can use the directory structure to form application

boundaries that define the scope of an application You can have more than one

application per Web site, and each application can be configured differently

The default Web site that is created when you install IIS is an application starting point

Each application may have a Global.asa file associated with it This optional file specifies the actions that occur when the application starts and stops, or when a new user requests a page from the application This file stores the event information and objects that are used globally by the application It is not a content file that is displayed to the users

To create a new Web application:

1 Click Start, point to Programs, point to Administrative Tools, and then click Internet Services Manager

In Administrative Tools, the IIS console is called Internet Services Manager; however, when you open the console, it is called Internet Information Services, also known as the IIS snap-in

2 In the IIS snap-in, right-click the starting-point directory for the Web

application, and then click Properties

Topic Objective

To describe the procedures

for creating and removing

Web applications in IIS

Lead-in

To create a Web

application, you designate a

directory as the starting

point, or application root, for

the application

Note

Delivery Tip

Demonstrate the procedure

for creating a Web

application

3 On the Home Directory, Virtual Directory, or Directory tab, click Create

4 In the Application name box, type a name for your application, and then click OK

You can remove an application by specifying that the directory should no longer be an application starting point Requests to files in that directory and its subdirectories will no longer start the application unless the application’s directory is a subdirectory of another application starting point

Removing an application does not delete the application’s directory from your Web site or from your computer’s hard disk

To remove a Web application:

1 In the IIS snap-in, right-click the starting-point directory of the application

that you want to remove, and then click Properties

2 On the Home Directory, Virtual Directory, or Directory tab, verify that

the name of the application that you want to remove appears in the

Application name box, and then click Remove

IIS starts an application and processes the Global.asa file the first time a page within the application’s directory is accessed When you update the files of an application, you must stop the application and unload it from memory With IIS, you can stop and unload applications from memory without taking the Web server offline However, stopping an application will end any connected user sessions

To stop an application and unload it from memory:

1 In the IIS snap-in, right-click the starting-point directory of the application

that you want to unload, and then click Properties

2 On the Home Directory, Virtual Directory, or Directory tab, verify that

the name of the application that you want to unload appears in the

Application name box, and then click Unload

If the Unload button is dimmed, you are not in the application’s

starting-point directory, or the application is not started

IIS automatically restarts the application when a user requests a page from within the application boundary

Note

Delivery Tip

Demonstrate the procedure

for removing a Web

application

Note

Configuring Web Applications

***************************** ILLEGAL FOR NON - TRAINER USE ******************************

You can configure Web applications to:

Control the level of program execution that is allowed on your Web site

Balance Web server reliability with application performance

Determine which ISAPI or CGI program to run to process a request and control how ASP scripts run

Configure options and debugging for ASP scripts

Topic Objective

To outline the topics for

configuring applications

Lead-in

You can configure

applications so that they

perform efficiently in an

IIS installation

Setting Application Permissions

***************************** ILLEGAL FOR NON - TRAINER USE ******************************

You can set application permissions to control whether users visiting your Web site are allowed to run scripts or executables on the site This feature enables you to determine the level of program execution that is allowed on your Web site You can set application permissions on directories and virtual directories

To set permissions for an application:

1 In the IIS snap-in, right-click the starting-point directory for the application,

and then click Properties

2 On the Home Directory, Virtual Directory, or Directory tab, under Application Settings, in the Execute Permissions list, click the appropriate permissions setting, and then click OK

The following table describes the application permissions settings that are available

Permission Description

None Prevents programs or scripts from running Only static files,

such as HTML or image files, can be accessed

Scripts only Enables applications mapped to a script engine to run

Executable files will not run

Scripts and Executables Enables files to be accessed or executed

You can configure application mappings to specify which programs perform as script engines Configuring application mappings is covered later in this module

Topic Objective

To describe the procedure

for setting application

permissions

Lead-in

Setting application

permissions enables you to

control program execution

on your Web site

Delivery Tip

Explain the procedure for

setting application

permissions and describe

each of the permissions

settings

Note

Configuring Application Protection Settings

IIS Process (Inetinfo.exe)

IIS Process

Isolated Process (Dllhost.exe)

Isolated Process (Dllhost.exe)

Isolated Process (Dllhost.exe)

Pooled Process (Dllhost.exe)

Pooled Process (Dllhost.exe) In-Process

In-Process

Pooled Process (Dllhost.exe)

Pooled Process (Dllhost.exe) Pooled 1

Pooled 2

Pooled 3

= Process

= Application

***************************** ILLEGAL FOR NON - TRAINER USE ******************************

You can balance Web server reliability with application performance by configuring application protection settings In earlier versions of IIS, all ISAPI applications (including ASP technology) shared the resources and memory of the server process In IIS 5.0, applications can run in the same process as IIS, offering the best performance, or in a separate process, offering greater isolation

in the event of failures

IIS offers three levels of application protection:

Low (IIS Process) Specifies that an application will run in the same

memory space as Web services (Inetinfo.exe), which results in higher performance However, if an application fails, Web services may become

unavailable This mode of operation is called In-Process

Medium (Pooled) Specifies that an application will run in an isolated,

pooled process All applications that are specified with the Medium application protection level will run in the same process, which is isolated from the Web server process In this way, a pooled process provides protection for the Web server without the resource usage that is typically involved in maintaining a large number of isolated processes This mode of

operation is called Pooled Process

High (Isolated) Specifies that an application will run in an isolated process

separate from other processes This setting enables you to run Web

applications in their own memory space This is known as process isolation,

which improves server stability by protecting the main IIS process even if

an application fails, but increases the amount of resource usage This mode

of operation is called Out-of-Process

Topic Objective

To describe how to

configure application

protection settings and to

explain the impact that each

setting has on performance

Lead-in

Application protection

settings enable you to

balance Web server

reliability with application

performance

Delivery Tip

The slide for this topic

includes animation Press

the SPACEBAR to advance

the animation

Describe each of the

application protection

settings and explain the

impact that each setting has

on performance

Use the slide to illustrate the

process that occurs when

either an isolated application

or a pooled application fails

Inform students that the

recommended configuration

is to run Inetinfo.exe in its

own process, run

mission-critical applications in their

own (isolated) processes,

and run remaining

applications in a shared,

pooled process

Finally, describe the

procedure for setting or

changing the level of

application protection

By default, applications are created with the Medium application protection level and are run in a pooled process in one instance of DLLHost.exe

Additionally, Web services will run in its own process (Inetinfo.exe), and isolated applications will each run in their own instance of DLLHost.exe

If an isolated application fails, no other applications are affected because the failed application is in its own process Because IIS is still running, it will restart the application when a client makes a request

If a pooled application fails, all applications in the pooled process will fail However, because IIS is still running, all of the applications in the pooled process will restart when a client makes a request

To set or change the level of application protection:

1 In the IIS snap-in, right-click the starting-point directory for the application,

and then click Properties

2 On the Home Directory, Virtual Directory, or Directory tab, in the Application Protection list, click the appropriate setting, and then click

OK

Lab A: Creating and Configuring Applications

***************************** ILLEGAL FOR NON - TRAINER USE ******************************

To aid in your decision, you will create five test applications with different application protection settings Next, you will simulate the failure of two of the applications and observe the effects of those simulated failures on the other applications

Estimated time to complete this lab: 30 minutes

Topic Objective

To introduce the lab

Lead-in

In this lab, you will create

Web applications, adjust

application protection

settings, and test the impact

of these settings on stability

and performance

Exercise 0

Lab Setup

The Lab Setup section lists the tasks that you must perform before you begin the lab

Tasks Detailed steps

1 Log on as Administrator

with a password of

password

a Log on as Administrator with a password of password

2 Run the batch file

C:\MOC\2295A\Labs\

Mod4\Setup.bat, which will

create the following virtual

a Open Windows Explorer

b In Windows Explorer, expand My Computer, expand Local Disk

(C:), expand MOC, expand 2295A, expand Labs, and then click Mod4

c In the right pane, double-click Setup.bat

When you run the batch file, the following virtual directories are created in the default Web site:

• Inprocess, which uses the path C:\MOC\2295A\Labs\Mod4\Inprocess

• Pooled1, which uses the path C:\MOC\2295A\Labs\Mod4\Pooled1

• Pooled2, which uses the path C:\MOC\2295A\Labs\Mod4\Pooled2

• Isolated1, which uses the path C:\MOC\2295A\Labs\Mod4\Isolated1

• Isolated2, which uses the path C:\MOC\2295A\Labs\Mod4\Isolated2

Note: If you have not completed Lab A in Module 1, “Installing Internet Information Services 5.0,” of

Course 2295A, Implementing and Supporting Microsoft Internet Information Services 5.0, you will need to

modify the batch file to reflect the correct location of the Inetpub\Adminscripts directory

Exercise 1

Creating the Applications and Setting the Protection Levels

In this exercise, you will create five test applications and configure them with different application

protection levels

Tasks Detailed steps

1 Open the IIS snap-in, and

then expand the default Web

site

a On the Start menu, point to Programs, point to Administrative

Tools, and then click Internet Services Manager

In Administrative Tools, the IIS console is called Internet Services Manager; however, when you open the console, it is called Internet Information Services, also known as the IIS snap-in

b In the IIS snap-in, in the console tree, expand server_name (where

server_name is the name of your server), and then expand Default

Web Site

2 Open Component Services

in Microsoft Management

Console (MMC) and note

the IIS-related Component

Object Model (COM)+

applications that are

installed

a On the Start menu, point to Programs, point to Administrative

Tools, and then click Component Services

b In the console tree of Component Services, expand Component

Services, expand Computers, expand My Computer, and then

double-click COM+ Applications

c On the View menu, click Status View

d In the details pane, widen the Name column (if necessary) to show the

entire names of the installed COM+ applications

What COM+ applications are installed that start with the letters IIS?

IIS In-Process Applications, IIS Out-Of-Process Pooled Applications, and IIS Utilities

3 Return to the IIS snap-in

Create an application for the

Inprocess virtual directory

under the default Web site,

set the permissions to allow

scripts, and then set the

application protection to

Low (IIS Process)

a In the IIS snap-in, in the console tree, right-click the Inprocess virtual directory, and then click Properties

b On the Virtual Directory tab, under Application Settings, click

Create

c In the Execute Permissions list, click Scripts only

d In the Application Protection list, click Low (IIS Process), and then click OK

4 Create an application for the

Pooled1 virtual directory

under the default Web site,

set the permissions to allow

scripts, and then set the

c In the Execute Permissions list, click Scripts only

d In the Application Protection list, verify that Medium (Pooled) is selected, and then click OK